Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Malwarebytes meldet Fund und Rechner ist lahm

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.01.2013, 19:29   #1
Elvi
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Liebes Forum,
mein Rechner wird immer langsamer und manchmal übereinstimmen die Tastennicht mit dem überein, was sie "mache" sollten. Habe daraufhin Malwarebytes ausgeführt und es wurde ein Fund ausgespuckt. Anbei die Logs.
Für Hilfe wäreich sehr dankbar,
Elvi

Alt 02.01.2013, 20:18   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Hallo und

Mal eine kurze Frage, das ist jetzt nichts speziell gegen dich, ich hätte auch jeden anderen fragen können der die Logs so postet - wo bitte steht, dass die Logs in den Anhang gelegt werden sollen bzw. wo genau hast du das herausgelesen?

Logfiles im Anhang erschweren die Auswertung massivst

Bitte um Erläuterung damit man die Textstelle in der Anleitung für alle Neulinge mal gezielt ändern/verbessern kann. Danke.
Zitat:
Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 02.01.2013, 20:25   #3
Elvi
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Hallo Cosinus,
ich hatte es so verstanden - im Kontext gesehen und dieses Verständnis bestätigte sich für mich rein subjektiv dann,als ich in der Eingabemaske des Postings war. Soll ich nun nacharbeiten oder drückt ihr für mich eines der berühmten Augen zu?
LG
Elvi
P.S. ich muss vielleicht noch hinzufügen, dass ich technisch nicht sehr versiert bin und mich dies alleshier über meine Grenzen hinaus bringt
__________________

Alt 02.01.2013, 20:47   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Naja, ich wollte nur wissen warum doch recht viele Neulinge die Logs immer wieder anhängen. Vllt ist da eine Textstelle in der Anleitung die missverständlich beschrieben ist oder so.

Bitte die folgenden Logs in CODE-Tags. Danke.

Außerdem fehlt das OTL.txt bitte nachreichen.

Alt 02.01.2013, 20:54   #5
Elvi
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Hier also nochmal all meine Logfiles:

Code:
ATTFilter
OTL Extras logfile created on: 02.01.2013 17:14:17 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kirsten_2\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,96 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,99% Memory free
6,15 Gb Paging File | 4,93 Gb Available in Paging File | 80,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,52 Gb Total Space | 112,74 Gb Free Space | 60,44% Space Free | Partition Type: NTFS
Drive E: | 184,62 Gb Total Space | 170,89 Gb Free Space | 92,56% Space Free | Partition Type: NTFS
 
Computer Name: SARAHS-PC | User Name: Kirsten_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000769BC-FCA3-4B4F-B3E5-F4CF5EF3F4B0}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{035BDC54-CEB8-4081-8FA7-3F1BF82DF33E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{3429D633-3DF1-4BC2-878D-A64C1834A8AA}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{520E3DA9-46C7-4E39-A662-13ABE3853A17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7D3559EA-8B5E-411B-9BB5-318CE8598E3D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B2C994A4-0641-4124-BAB3-2C665452D123}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C8650496-7B0C-4BBD-8C6C-14AEA012F061}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{FEF201DE-493F-469C-9A91-717FBE864BB9}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D392AF4-E02D-4840-9748-95279A89D034}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{0E2A29BD-F0D8-4A5E-ADDF-D5777AC9AB51}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{13BBF106-8436-40C7-B02A-6FBF76B01EDC}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{39231223-58B3-4433-B0F3-C3E76D19531F}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{558B48E1-8D9A-4481-9634-8D36F1734437}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{64471AEB-BAA4-4D1F-97BD-0B88770F0285}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{6FB0F9D8-2293-4547-BAA5-EA94004D6920}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8F80216F-BEE7-4064-9907-3F1DB69A6E3F}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{98C952F3-91DA-4D83-9AEF-2791BF359E57}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9EA48CFC-AD74-4F47-AE83-534BF01C8056}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{B5ECA6DE-5A70-4E9D-BE5E-D98CDC960659}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B8C8DBE5-A08E-41A0-8EBD-360346214769}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{BFCC9BBD-5078-4A85-9A74-A50E6A5A0718}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{C8DF4FEB-B355-40D3-8FA6-33AF7BC19D0A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CD86F9A7-FA44-4D80-9F0D-3E57DCE0AE37}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{D047E00C-D51C-48F3-9563-3D893A85489C}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{D9D2E15F-DE31-4396-8383-D998DC444942}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{E9A3E178-FF8D-406C-A1EB-F4446CB7B128}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"TCP Query User{787019DF-E536-406D-883C-773B14B1E203}C:\users\sarahxd\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\sarahxd\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{7C710233-4138-47EA-A0F3-965C384CC755}C:\users\katze\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\katze\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{D8316FCE-A997-4BC8-BAAD-12E1DC61C61E}C:\users\sasa\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\sasa\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"TCP Query User{FA5F7AA7-10BA-4142-B992-C76AB6870B7E}C:\users\sas\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\sas\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"UDP Query User{2ACD08C7-D3E4-4433-9C7A-BB67E4763FE0}C:\users\sarahxd\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\sarahxd\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"UDP Query User{905AE170-7C01-4FCC-BA4D-BD91D856C93B}C:\users\sas\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\sas\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"UDP Query User{BE33C753-1C7E-4ED7-8955-A8AFD31FDEAF}C:\users\katze\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\katze\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"UDP Query User{C12619FF-2D76-4E4D-8558-64C439C038D8}C:\users\sasa\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\sasa\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02CA24DD-C8B0-4280-BE53-7862869C2EB1}" = Realtek WiFi Protected Setup Library
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{0D8E81A5-B61C-4360-910C-A738FD1B220A}" = Toshiba TEMPRO
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{12DCDE3D-5C8E-4C5E-A7E4-CEF30F578179}" = Dogz 5
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{37D67C45-8484-4398-B5C1-3CAE19FDDF22}" = EPSON PRINT Image Framer Tool1.1
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4324E4DD-C67C-A413-5C12-5DC694A99AF6}" = ATI Catalyst Install Manager
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A10DA03B-9048-48B4-00A2-A71153C3F886}" = Die Sims™ Tiergeschichten
"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter und der Gefangene von Askaban(TM)
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B2EFE303-A594-11D5-95EB-005004BC1C65}" = EPSON PhotoQuicker3.2
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F69114BE-EFDC-C756-1B38-ABD1E4873113}" = ccc-utility
"{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}" = Sprachtrainer Fonts
"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter und der Halbblut-Prinz™
"{FDA8F0E9-53F0-46E7-8719-6DC08A46AC0B}" = Orange Line 2 Sprachtrainer
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Luka" = Luka
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"myphotobook" = myphotobook 3.65
"Nokia Ovi Suite" = Nokia Ovi Suite
"Picasa 3" = Picasa 3
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TIPP10_is1" = TIPP10 Version 2.1.0
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.11.2012 12:21:30 | Computer Name = Sarahs-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 13.11.2012 12:48:21 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 13.11.2012 12:48:25 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 13.11.2012 13:09:35 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 13.11.2012 13:09:37 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 13.11.2012 13:09:38 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 13.11.2012 13:09:58 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 13.11.2012 13:14:07 | Computer Name = Sarahs-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 13.11.2012 14:40:59 | Computer Name = Sarahs-PC | Source = Google Update | ID = 20
Description = 
 
Error - 13.11.2012 14:41:36 | Computer Name = Sarahs-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 17.06.2012 06:25:33 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (7444.1128)
 
Error - 17.06.2012 06:25:33 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (7444.1129)
 
Error - 05.08.2012 04:46:10 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (344.1128)
 
Error - 05.08.2012 04:46:10 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (344.1129)
 
Error - 05.08.2012 05:46:16 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (1492.1128)
 
Error - 05.08.2012 05:46:16 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (1492.1129)
 
Error - 05.08.2012 06:46:22 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (1728.1128)
 
Error - 05.08.2012 06:46:22 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (1728.1129)
 
Error - 05.08.2012 07:46:28 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (5484.1128)
 
Error - 05.08.2012 07:46:28 | Computer Name = Sarahs-PC | Source = MCUpdate | ID = 0
Description =     Serververbindung konnte nicht hergestellt werden.. (5484.1129)
 
[ System Events ]
Error - 31.12.2012 03:29:03 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 31.12.2012 04:58:33 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 31.12.2012 07:37:46 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 31.12.2012 09:43:42 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 01.01.2013 12:10:55 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.01.2013 03:30:10 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.01.2013 03:57:27 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.01.2013 05:11:13 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.01.2013 07:35:28 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 02.01.2013 09:25:02 | Computer Name = Sarahs-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2013-01-02 20:14:39
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.FG01
Running: j8bk5o82.exe; Driver: C:\Users\KIRSTE~1\AppData\Local\Temp\uxliqpow.sys


---- System - GMER 1.0.15 ----

SSDT            8CAB478E                                   ZwCreateSection
SSDT            8CAB4798                                   ZwRequestWaitReplyPort
SSDT            8CAB4793                                   ZwSetContextThread
SSDT            8CAB479D                                   ZwSetSecurityObject
SSDT            8CAB47A2                                   ZwSystemDebugControl
SSDT            8CAB472F                                   ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!KeSetEvent + 215              824F88D8 4 Bytes  [8E, 47, AB, 8C]
.text           ntkrnlpa.exe!KeSetEvent + 539              824F8BFC 4 Bytes  [98, 47, AB, 8C]
.text           ntkrnlpa.exe!KeSetEvent + 56D              824F8C30 4 Bytes  [93, 47, AB, 8C]
.text           ntkrnlpa.exe!KeSetEvent + 5D1              824F8C94 4 Bytes  [9D, 47, AB, 8C]
.text           ntkrnlpa.exe!KeSetEvent + 619              824F8CDC 4 Bytes  [A2, 47, AB, 8C]
.text           ...                                        
.text           C:\Windows\system32\DRIVERS\tos_sps32.sys  section is writeable [0x8AB56480, 0x3C939, 0xE8000020]
.dsrt           C:\Windows\system32\DRIVERS\tos_sps32.sys  unknown last section [0x8AB97900, 0x3CA, 0x48000040]
.text           C:\Windows\system32\DRIVERS\atikmdag.sys   section is writeable [0x8EE02000, 0x263970, 0xE8000020]

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0    Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1    Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.02.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Kirsten_2 :: SARAHS-PC [Administrator]

02.01.2013 14:32:11
MBAM-log-2013-01-02 (17-03-15).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 482731
Laufzeit: 2 Stunde(n), 19 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Sas\AppData\Local\Nokia\Nokia Ovi Player\20121030.log (Extension.Mismatch) -> Keine Aktion durchgeführt.

(Ende)
         
Code:
ATTFilter
OTL logfile created on: 02.01.2013 17:14:17 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kirsten_2\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,96 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,99% Memory free
6,15 Gb Paging File | 4,93 Gb Available in Paging File | 80,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186,52 Gb Total Space | 112,74 Gb Free Space | 60,44% Space Free | Partition Type: NTFS
Drive E: | 184,62 Gb Total Space | 170,89 Gb Free Space | 92,56% Space Free | Partition Type: NTFS
 
Computer Name: SARAHS-PC | User Name: Kirsten_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.02 17:10:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kirsten_2\Downloads\OTL.exe
PRC - [2012.10.04 16:34:36 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe
PRC - [2012.09.05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012.08.15 19:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012.08.11 07:33:56 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.15 11:26:22 | 000,095,232 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012.05.29 16:25:52 | 001,564,880 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.01 23:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.24 01:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.10.26 15:00:24 | 001,050,072 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TemproTray.exe
PRC - [2010.10.26 15:00:16 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TemproSvc.exe
PRC - [2010.02.03 09:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.05.12 21:26:42 | 000,299,008 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.04.24 10:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TECO\TecoService.exe
PRC - [2009.04.24 10:40:08 | 001,323,008 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TECO\TEco.exe
PRC - [2009.04.23 19:01:24 | 001,011,712 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009.04.21 21:07:32 | 000,303,104 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.04.21 21:07:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.04.16 17:42:58 | 000,020,544 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
PRC - [2009.04.16 17:42:54 | 002,513,472 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009.04.15 16:04:02 | 000,570,736 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TPHM\TPCHWMsg.exe
PRC - [2009.04.15 16:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.04.01 17:11:06 | 001,283,384 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2009.04.01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009.03.31 09:33:52 | 000,503,808 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009.03.30 15:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2009.03.23 10:50:40 | 000,729,088 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009.03.17 10:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.03.10 17:50:36 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.03.06 17:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009.03.06 17:29:04 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009.01.13 20:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\Utilities\KeNotify.exe
PRC - [2008.01.21 03:23:33 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006.11.02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.16 18:47:10 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll
MOD - [2012.11.16 18:45:33 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
MOD - [2012.11.16 18:45:29 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll
MOD - [2012.11.16 18:45:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
MOD - [2012.11.16 18:45:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
MOD - [2012.11.16 18:44:59 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\79f3661da2402c72b0bba0de1e55f4d1\Accessibility.ni.dll
MOD - [2012.11.16 17:46:42 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
MOD - [2012.11.16 17:46:24 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
MOD - [2012.11.16 17:46:14 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
MOD - [2012.11.16 17:45:03 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\09ab834223f9c860f08de8d58688b1a3\PresentationCore.ni.dll
MOD - [2012.11.16 17:44:47 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\0e3cff5f58a9a75de7fcac112c8bbca0\WindowsBase.ni.dll
MOD - [2012.11.16 17:44:33 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
MOD - [2012.11.16 17:44:19 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
MOD - [2012.05.30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.26 18:10:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3398.36832__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.07.26 18:10:15 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3398.36836__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.07.26 18:10:15 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3398.36908__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.07.26 18:10:15 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3398.36876__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:15 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3398.36818__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:15 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3398.36838__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.07.26 18:10:15 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3398.36876__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.07.26 18:10:15 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3398.36889__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3398.36827__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:15 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3398.36871__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3398.36875__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3398.36909__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:15 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3398.36862__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3398.36827__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:14 | 000,782,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3398.36864__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3398.36839__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3398.36828__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3398.36884__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.07.26 18:10:14 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3398.36863__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3398.36858__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3398.36870__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3398.36843__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011.07.26 18:10:14 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3398.36838__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3398.36908__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3398.36869__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.07.26 18:10:14 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3398.36863__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:14 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3398.36862__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3398.36907__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3398.36842__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3398.36863__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:14 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3398.36868__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3398.36870__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.07.26 18:10:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3010.30503__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.07.26 18:10:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3010.30495__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3010.30513__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3010.30526__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3010.30525__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3010.30512__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.07.26 18:10:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3010.30525__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3010.30489__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.07.26 18:10:13 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3010.30518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3010.30504__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3010.30518__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3010.30516__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3010.30516__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3010.30516__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.07.26 18:10:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3010.30523__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3010.30517__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3010.30487__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.07.26 18:10:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3010.30509__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3010.30488__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3010.30539__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3010.30522__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3010.30515__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3010.30514__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3010.30512__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3010.30503__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3010.30517__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3010.30507__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3010.30495__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3010.30514__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3010.30511__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3010.30523__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3010.30502__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3010.30515__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3010.30514__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.07.26 18:10:13 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.07.26 18:10:12 | 001,212,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3398.36823__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.07.26 18:10:12 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3398.36832__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.07.26 18:10:12 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3398.36903__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.07.26 18:10:12 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3398.36902__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.07.26 18:10:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3398.36816__90ba9c70f846762e\APM.Server.dll
MOD - [2011.07.26 18:10:12 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3398.36818__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.07.26 18:10:12 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3398.36816__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.07.26 18:10:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3010.30512__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.07.26 18:10:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3398.36814__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.07.26 18:10:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3398.36914__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.07.26 18:10:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3010.30492__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.07.26 18:10:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3010.30507__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.07.26 18:10:12 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3010.30497__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.07.26 18:10:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011.07.26 18:10:12 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3010.30512__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.07.26 18:10:12 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3010.30500__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3010.30511__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3010.30510__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3010.30518__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.07.26 18:10:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3010.30511__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.07.26 18:10:12 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3398.36903__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.07.26 18:10:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3010.30502__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.07.26 18:10:12 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.07.26 18:10:12 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.07.26 18:10:12 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3398.36814__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.06.09 10:37:22 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2009.04.24 10:39:24 | 000,516,096 | ---- | M] () -- C:\Programme\TOSHIBA\TECO\TecoPower.dll
MOD - [2009.04.21 21:05:58 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.12 18:08:04 | 000,049,152 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2009.03.07 13:15:46 | 007,005,496 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009.01.30 21:11:56 | 000,073,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
MOD - [2009.01.30 09:41:20 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.07.14 10:37:00 | 000,095,544 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006.12.01 17:55:42 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2006.10.10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.12.11 20:35:57 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.21 07:28:08 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.06.15 11:26:22 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.01 23:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.10.26 15:00:16 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Programme\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.04.24 10:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009.04.21 21:07:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.04.16 17:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009.04.15 16:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009.04.01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.03.30 15:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009.03.17 10:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009.03.06 17:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009.02.11 12:05:16 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Programme\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006.10.26 18:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.04.27 09:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.24 23:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 20:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.01.21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.12.30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.12.30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.04.24 13:29:28 | 000,163,840 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.04.21 22:30:14 | 004,491,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.03.31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 22:29:18 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2009.03.20 20:09:52 | 000,491,008 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.03.20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.03.18 10:44:54 | 000,022,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009.01.27 18:12:14 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008.11.11 17:29:42 | 000,154,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.07 10:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2007.12.14 10:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007.11.09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.04.23 09:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010006.10028&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{C32FDFE3-C70C-4DE2-AF58-77701832CECD}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010006.10028&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB}
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "hxxp://home.sweetim.com/?crg=3.1010006.10028&barid={AF32540F-500D-11E2-BA0C-00235AFC39AB}"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.7.0.3
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?barid={AF32540F-500D-11E2-BA0C-00235AFC39AB}&src=2&crg=3.1010006.10028&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.08.24 10:14:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.21 07:28:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2012.01.14 14:15:52 | 000,000,000 | ---D | M]
 
[2012.11.04 09:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kirsten_2\AppData\Roaming\mozilla\Extensions
[2013.01.02 14:26:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kirsten_2\AppData\Roaming\mozilla\Firefox\Profiles\jgfy3esz.default\extensions
[2013.01.02 14:26:12 | 000,189,128 | ---- | M] () (No name found) -- C:\Users\Kirsten_2\AppData\Roaming\mozilla\firefox\profiles\jgfy3esz.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012.12.27 11:59:13 | 000,003,983 | ---- | M] () -- C:\Users\Kirsten_2\AppData\Roaming\mozilla\firefox\profiles\jgfy3esz.default\searchplugins\sweetim.xml
[2012.10.21 07:28:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.21 07:28:09 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.06 03:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 03:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.09.06 03:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 03:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 03:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 03:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Programme\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPCHWMsg] C:\Programme\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Kirsten_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B048F730-2C0E-459C-96C1-FF2BE1E3E45D}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.02 14:30:51 | 000,000,000 | ---D | C] -- C:\Users\Kirsten_2\Desktop\Test
[2013.01.02 14:29:58 | 000,000,000 | ---D | C] -- C:\Users\Kirsten_2\AppData\Roaming\Malwarebytes
[2013.01.02 14:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.02 14:29:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.02 14:29:11 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.02 14:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.27 11:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2012.12.27 11:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2012.12.27 11:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.02 17:21:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1012UA.job
[2013.01.02 17:09:33 | 000,000,000 | ---- | M] () -- C:\Users\Kirsten_2\defogger_reenable
[2013.01.02 16:35:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.02 16:27:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1006UA.job
[2013.01.02 16:27:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1006Core.job
[2013.01.02 16:24:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.02 16:24:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.02 14:57:59 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1010UA.job
[2013.01.02 14:31:00 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1004UA.job
[2013.01.02 14:29:13 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.02 14:24:56 | 000,001,833 | ---- | M] () -- C:\Users\Kirsten_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
[2013.01.02 14:24:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.02 14:24:13 | 3184,394,240 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.01 17:30:59 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1004Core.job
[2012.12.27 11:11:49 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.27 11:10:27 | 000,000,238 | ---- | M] () -- C:\Users\Kirsten_2\Desktop\Search the Web.url
[2012.12.27 11:10:27 | 000,000,232 | ---- | M] () -- C:\Users\Kirsten_2\Desktop\SweetPcFix.url
[2012.12.26 20:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1012Core.job
[2012.12.26 08:08:22 | 000,595,504 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.26 08:08:22 | 000,104,640 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.26 08:08:21 | 000,626,768 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.26 08:08:21 | 000,126,232 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.25 17:58:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3259244121-530905728-1337493045-1010Core.job
[2012.12.21 15:53:35 | 000,329,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2013.01.02 17:09:33 | 000,000,000 | ---- | C] () -- C:\Users\Kirsten_2\defogger_reenable
[2013.01.02 14:29:13 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.27 11:11:49 | 000,000,809 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.27 11:10:27 | 000,000,238 | ---- | C] () -- C:\Users\Kirsten_2\Desktop\Search the Web.url
[2012.12.27 11:10:27 | 000,000,232 | ---- | C] () -- C:\Users\Kirsten_2\Desktop\SweetPcFix.url
[2012.10.30 15:30:23 | 000,000,526 | ---- | C] () -- C:\Windows\eReg.dat
[2012.09.30 07:55:00 | 000,000,680 | RHS- | C] () -- C:\Users\Kirsten_2\ntuser.pol
[2012.08.27 09:46:39 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2012.08.27 09:46:39 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2012.06.18 17:03:16 | 000,329,600 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.12.05 16:27:38 | 000,000,182 | ---- | C] () -- C:\Windows\System32\EBPPORT.DAT
[2011.07.30 11:33:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.07.30 11:33:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.07.27 19:31:28 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2011.07.27 19:31:28 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2011.07.26 18:33:27 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2011.07.26 18:30:52 | 000,131,072 | ---- | C] () -- C:\Windows\System32\EnumDevLib.dll
[2011.07.26 18:11:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.07.26 18:09:09 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2011.07.26 18:09:09 | 000,184,751 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.07.26 18:09:09 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011.07.26 18:09:09 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.09.30 07:55:02 | 000,000,000 | ---D | M] -- C:\Users\Kirsten_2\AppData\Roaming\PC Suite
 
========== Purity Check ==========
 
 

< End of report >
         


Alt 02.01.2013, 21:09   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Wieso postest du jetzt alle Logs nochmal?!
Ich schrieb doch:

Zitat:
Zitat von cosinus
Bitte die folgenden Logs in CODE-Tags. Danke.

Außerdem fehlt das OTL.txt bitte nachreichen.
Einfach nur die OTL.txt nachzureichen hätte ja wohl dicke gereicht


Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
--> Malwarebytes meldet Fund und Rechner ist lahm

Alt 02.01.2013, 21:41   #7
Elvi
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Hier das Logfile von Malwarebytes Anti-Rootkit

Code:
ATTFilter
Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org

Database version: v2013.01.02.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Kirsten_2 :: SARAHS-PC [administrator]

02.01.2013 22:38:12
mbar-log-2013-01-02 (22-38-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30267
Time elapsed: 12 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Alt 03.01.2013, 10:16   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!


Alt 03.01.2013, 11:24   #9
Elvi
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Hier meine beiden Logs

Code:
ATTFilter
12:14:20.0503 6112  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:14:20.0691 6112  ============================================================
12:14:20.0691 6112  Current date / time: 2013/01/03 12:14:20.0691
12:14:20.0691 6112  SystemInfo:
12:14:20.0691 6112  
12:14:20.0691 6112  OS Version: 6.0.6002 ServicePack: 2.0
12:14:20.0691 6112  Product type: Workstation
12:14:20.0691 6112  ComputerName: SARAHS-PC
12:14:20.0691 6112  UserName: Kirsten_2
12:14:20.0691 6112  Windows directory: C:\Windows
12:14:20.0691 6112  System windows directory: C:\Windows
12:14:20.0691 6112  Processor architecture: Intel x86
12:14:20.0691 6112  Number of processors: 2
12:14:20.0691 6112  Page size: 0x1000
12:14:20.0691 6112  Boot type: Normal boot
12:14:20.0691 6112  ============================================================
12:14:21.0127 6112  Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:14:21.0127 6112  ============================================================
12:14:21.0127 6112  \Device\Harddisk0\DR0:
12:14:21.0127 6112  MBR partitions:
12:14:21.0127 6112  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1750C000
12:14:21.0127 6112  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x177FA800, BlocksNum 0x1713E000
12:14:21.0127 6112  ============================================================
12:14:21.0268 6112  C: <-> \Device\Harddisk0\DR0\Partition1
12:14:21.0393 6112  E: <-> \Device\Harddisk0\DR0\Partition2
12:14:21.0393 6112  ============================================================
12:14:21.0393 6112  Initialize success
12:14:21.0393 6112  ============================================================
12:15:29.0050 2908  ============================================================
12:15:29.0050 2908  Scan started
12:15:29.0050 2908  Mode: Manual; SigCheck; TDLFS; 
12:15:29.0050 2908  ============================================================
12:15:29.0424 2908  ================ Scan system memory ========================
12:15:29.0424 2908  System memory - ok
12:15:29.0424 2908  ================ Scan services =============================
12:15:29.0596 2908  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:15:29.0721 2908  ACPI - ok
12:15:29.0861 2908  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:15:29.0877 2908  AdobeFlashPlayerUpdateSvc - ok
12:15:29.0923 2908  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:15:29.0955 2908  adp94xx - ok
12:15:29.0955 2908  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:15:29.0970 2908  adpahci - ok
12:15:30.0001 2908  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:15:30.0017 2908  adpu160m - ok
12:15:30.0033 2908  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:15:30.0048 2908  adpu320 - ok
12:15:30.0079 2908  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:15:30.0111 2908  AeLookupSvc - ok
12:15:30.0157 2908  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
12:15:30.0189 2908  AFD - ok
12:15:30.0251 2908  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:15:30.0267 2908  agp440 - ok
12:15:30.0282 2908  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:15:30.0298 2908  aic78xx - ok
12:15:30.0329 2908  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
12:15:30.0376 2908  ALG - ok
12:15:30.0407 2908  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:15:30.0423 2908  aliide - ok
12:15:30.0469 2908  [ 761F38EE3C1146A7434AD72763382544 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:15:30.0501 2908  AMD External Events Utility - ok
12:15:30.0532 2908  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:15:30.0547 2908  amdagp - ok
12:15:30.0563 2908  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:15:30.0579 2908  amdide - ok
12:15:30.0594 2908  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
12:15:30.0641 2908  AmdK7 - ok
12:15:30.0657 2908  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:15:30.0688 2908  AmdK8 - ok
12:15:30.0766 2908  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
12:15:30.0781 2908  AntiVirSchedulerService - ok
12:15:30.0813 2908  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
12:15:30.0828 2908  AntiVirService - ok
12:15:30.0859 2908  [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:15:30.0875 2908  AntiVirWebService - ok
12:15:30.0937 2908  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
12:15:30.0984 2908  Appinfo - ok
12:15:31.0093 2908  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:15:31.0093 2908  Apple Mobile Device - ok
12:15:31.0109 2908  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
12:15:31.0125 2908  arc - ok
12:15:31.0140 2908  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:15:31.0171 2908  arcsas - ok
12:15:31.0203 2908  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:15:31.0265 2908  AsyncMac - ok
12:15:31.0281 2908  [ 9C0E70031905ADBF94EDB9EA14AF943B ] atapi           C:\Windows\system32\drivers\atapi.sys
12:15:31.0296 2908  atapi - ok
12:15:31.0437 2908  [ 53DF058C7115B3E6259954D2A2DBF8E9 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:15:31.0577 2908  atikmdag - ok
12:15:31.0624 2908  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:15:31.0655 2908  AudioEndpointBuilder - ok
12:15:31.0671 2908  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:15:31.0686 2908  Audiosrv - ok
12:15:31.0702 2908  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:15:31.0717 2908  avgntflt - ok
12:15:31.0749 2908  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:15:31.0764 2908  avipbb - ok
12:15:31.0780 2908  [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:15:31.0795 2908  avkmgr - ok
12:15:31.0827 2908  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:15:31.0858 2908  Beep - ok
12:15:31.0920 2908  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
12:15:31.0936 2908  BFE - ok
12:15:31.0998 2908  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
12:15:32.0061 2908  BITS - ok
12:15:32.0076 2908  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
12:15:32.0123 2908  blbdrive - ok
12:15:32.0185 2908  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:15:32.0217 2908  Bonjour Service - ok
12:15:32.0248 2908  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:15:32.0263 2908  bowser - ok
12:15:32.0295 2908  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:15:32.0326 2908  BrFiltLo - ok
12:15:32.0326 2908  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:15:32.0373 2908  BrFiltUp - ok
12:15:32.0404 2908  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
12:15:32.0466 2908  Browser - ok
12:15:32.0497 2908  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
12:15:32.0560 2908  Brserid - ok
12:15:32.0575 2908  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:15:32.0622 2908  BrSerWdm - ok
12:15:32.0622 2908  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:15:32.0685 2908  BrUsbMdm - ok
12:15:32.0716 2908  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
12:15:32.0763 2908  BrUsbSer - ok
12:15:32.0778 2908  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:15:32.0841 2908  BTHMODEM - ok
12:15:32.0887 2908  [ F1140ED3A1E1D6824A63F27AFD9EEF32 ] camsvc          C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
12:15:32.0903 2908  camsvc - ok
12:15:32.0934 2908  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:15:32.0965 2908  cdfs - ok
12:15:32.0997 2908  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:15:33.0028 2908  cdrom - ok
12:15:33.0075 2908  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:15:33.0121 2908  CertPropSvc - ok
12:15:33.0153 2908  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
12:15:33.0199 2908  circlass - ok
12:15:33.0231 2908  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
12:15:33.0262 2908  CLFS - ok
12:15:33.0324 2908  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:15:33.0340 2908  clr_optimization_v2.0.50727_32 - ok
12:15:33.0402 2908  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:15:33.0433 2908  CmBatt - ok
12:15:33.0449 2908  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:15:33.0465 2908  cmdide - ok
12:15:33.0480 2908  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:15:33.0496 2908  Compbatt - ok
12:15:33.0496 2908  COMSysApp - ok
12:15:33.0543 2908  [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
12:15:33.0558 2908  ConfigFree Service - ok
12:15:33.0574 2908  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:15:33.0589 2908  crcdisk - ok
12:15:33.0605 2908  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:15:33.0636 2908  Crusoe - ok
12:15:33.0683 2908  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:15:33.0714 2908  CryptSvc - ok
12:15:33.0777 2908  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:15:33.0823 2908  DcomLaunch - ok
12:15:33.0839 2908  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:15:33.0870 2908  DfsC - ok
12:15:33.0948 2908  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
12:15:34.0026 2908  DFSR - ok
12:15:34.0073 2908  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:15:34.0104 2908  Dhcp - ok
12:15:34.0135 2908  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
12:15:34.0151 2908  disk - ok
12:15:34.0182 2908  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:15:34.0213 2908  Dnscache - ok
12:15:34.0229 2908  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:15:34.0260 2908  dot3svc - ok
12:15:34.0291 2908  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
12:15:34.0323 2908  DPS - ok
12:15:34.0354 2908  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:15:34.0401 2908  drmkaud - ok
12:15:34.0447 2908  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:15:34.0479 2908  DXGKrnl - ok
12:15:34.0510 2908  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
12:15:34.0541 2908  E1G60 - ok
12:15:34.0572 2908  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
12:15:34.0619 2908  EapHost - ok
12:15:34.0666 2908  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:15:34.0681 2908  Ecache - ok
12:15:34.0744 2908  [ 3A511ED3C9A9DA2CD5A50FF46178063A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:15:34.0806 2908  ehRecvr - ok
12:15:34.0822 2908  [ A3D94C93333619458AF4BDE7531234C5 ] ehSched         C:\Windows\ehome\ehsched.exe
12:15:34.0853 2908  ehSched - ok
12:15:34.0884 2908  [ 487BA5C5BB442BD172F120DC197811C2 ] ehstart         C:\Windows\ehome\ehstart.dll
12:15:34.0915 2908  ehstart - ok
12:15:34.0962 2908  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:15:34.0978 2908  elxstor - ok
12:15:35.0025 2908  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
12:15:35.0087 2908  EMDMgmt - ok
12:15:35.0103 2908  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:15:35.0149 2908  ErrDev - ok
12:15:35.0181 2908  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
12:15:35.0227 2908  EventSystem - ok
12:15:35.0274 2908  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
12:15:35.0305 2908  exfat - ok
12:15:35.0337 2908  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:15:35.0383 2908  fastfat - ok
12:15:35.0446 2908  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:15:35.0493 2908  fdc - ok
12:15:35.0524 2908  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:15:35.0555 2908  fdPHost - ok
12:15:35.0555 2908  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:15:35.0617 2908  FDResPub - ok
12:15:35.0633 2908  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:15:35.0649 2908  FileInfo - ok
12:15:35.0680 2908  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:15:35.0711 2908  Filetrace - ok
12:15:35.0727 2908  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:15:35.0758 2908  flpydisk - ok
12:15:35.0789 2908  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:15:35.0805 2908  FltMgr - ok
12:15:35.0867 2908  [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache       C:\Windows\system32\FntCache.dll
12:15:35.0929 2908  FontCache - ok
12:15:35.0992 2908  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:15:35.0992 2908  FontCache3.0.0.0 - ok
12:15:36.0054 2908  [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
12:15:36.0070 2908  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0070 2908  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
12:15:36.0101 2908  [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
12:15:36.0117 2908  FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
12:15:36.0117 2908  FsUsbExService - detected UnsignedFile.Multi.Generic (1)
12:15:36.0132 2908  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:15:36.0163 2908  Fs_Rec - ok
12:15:36.0195 2908  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:15:36.0210 2908  gagp30kx - ok
12:15:36.0273 2908  [ 54FD6B2F163782914F1205D51FEDD3EF ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
12:15:36.0288 2908  GameConsoleService - ok
12:15:36.0319 2908  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:15:36.0335 2908  GEARAspiWDM - ok
12:15:36.0397 2908  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
12:15:36.0397 2908  GoogleDesktopManager-051210-111108 - ok
12:15:36.0429 2908  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:15:36.0491 2908  gpsvc - ok
12:15:36.0538 2908  [ 1BF044E23206FDDC16891A32922D571B ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:15:36.0553 2908  gusvc - ok
12:15:36.0600 2908  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:15:36.0663 2908  HdAudAddService - ok
12:15:36.0694 2908  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:15:36.0741 2908  HDAudBus - ok
12:15:36.0741 2908  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:15:36.0803 2908  HidBth - ok
12:15:36.0834 2908  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:15:36.0897 2908  HidIr - ok
12:15:36.0928 2908  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
12:15:36.0959 2908  hidserv - ok
12:15:36.0990 2908  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:15:37.0037 2908  HidUsb - ok
12:15:37.0084 2908  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:15:37.0115 2908  hkmsvc - ok
12:15:37.0146 2908  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
12:15:37.0162 2908  HpCISSs - ok
12:15:37.0209 2908  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:15:37.0240 2908  HTTP - ok
12:15:37.0271 2908  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
12:15:37.0287 2908  i2omp - ok
12:15:37.0318 2908  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:15:37.0365 2908  i8042prt - ok
12:15:37.0396 2908  [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:15:37.0411 2908  iaStor - ok
12:15:37.0458 2908  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
12:15:37.0474 2908  iaStorV - ok
12:15:37.0552 2908  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:15:37.0614 2908  idsvc - ok
12:15:37.0677 2908  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:15:37.0692 2908  iirsp - ok
12:15:37.0739 2908  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:15:37.0786 2908  IKEEXT - ok
12:15:37.0895 2908  [ 2E4F8AD76CB1203D68DB6E8F02E4AF74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:15:37.0942 2908  IntcAzAudAddService - ok
12:15:38.0004 2908  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:15:38.0020 2908  intelide - ok
12:15:38.0035 2908  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:15:38.0067 2908  intelppm - ok
12:15:38.0098 2908  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:15:38.0145 2908  IPBusEnum - ok
12:15:38.0176 2908  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:15:38.0223 2908  IpFilterDriver - ok
12:15:38.0254 2908  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:15:38.0285 2908  iphlpsvc - ok
12:15:38.0301 2908  IpInIp - ok
12:15:38.0316 2908  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
12:15:38.0347 2908  IPMIDRV - ok
12:15:38.0363 2908  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
12:15:38.0394 2908  IPNAT - ok
12:15:38.0441 2908  [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:15:38.0472 2908  iPod Service - ok
12:15:38.0488 2908  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:15:38.0535 2908  IRENUM - ok
12:15:38.0550 2908  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:15:38.0566 2908  isapnp - ok
12:15:38.0613 2908  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:15:38.0628 2908  iScsiPrt - ok
12:15:38.0628 2908  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:15:38.0644 2908  iteatapi - ok
12:15:38.0644 2908  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
12:15:38.0659 2908  iteraid - ok
12:15:38.0675 2908  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:15:38.0691 2908  kbdclass - ok
12:15:38.0706 2908  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:15:38.0753 2908  kbdhid - ok
12:15:38.0769 2908  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
12:15:38.0800 2908  KeyIso - ok
12:15:38.0847 2908  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:15:38.0862 2908  KSecDD - ok
12:15:38.0925 2908  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:15:38.0971 2908  KtmRm - ok
12:15:39.0003 2908  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:15:39.0034 2908  LanmanServer - ok
12:15:39.0065 2908  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:15:39.0096 2908  LanmanWorkstation - ok
12:15:39.0127 2908  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:15:39.0159 2908  lltdio - ok
12:15:39.0190 2908  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:15:39.0221 2908  lltdsvc - ok
12:15:39.0252 2908  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:15:39.0283 2908  lmhosts - ok
12:15:39.0299 2908  [ 31F74D5D47EEA83E5E89447586917774 ] LPCFilter       C:\Windows\system32\DRIVERS\LPCFilter.sys
12:15:39.0299 2908  LPCFilter - ok
12:15:39.0346 2908  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:15:39.0361 2908  LSI_FC - ok
12:15:39.0361 2908  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:15:39.0377 2908  LSI_SAS - ok
12:15:39.0393 2908  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:15:39.0393 2908  LSI_SCSI - ok
12:15:39.0408 2908  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
12:15:39.0455 2908  luafv - ok
12:15:39.0533 2908  [ C226CE46CD17FCE6261A9DE406F01C8B ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
12:15:39.0533 2908  McAfee SiteAdvisor Service - ok
12:15:39.0595 2908  [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe
12:15:39.0611 2908  McComponentHostService - ok
12:15:39.0642 2908  [ 3BD2AD18179DEAD6652E87157FB98E4A ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:15:39.0673 2908  Mcx2Svc - ok
12:15:39.0705 2908  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:15:39.0720 2908  megasas - ok
12:15:39.0736 2908  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
12:15:39.0767 2908  MegaSR - ok
12:15:39.0798 2908  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
12:15:39.0845 2908  MMCSS - ok
12:15:39.0861 2908  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
12:15:39.0907 2908  Modem - ok
12:15:39.0954 2908  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:15:39.0985 2908  monitor - ok
12:15:40.0017 2908  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:15:40.0032 2908  mouclass - ok
12:15:40.0048 2908  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:15:40.0079 2908  mouhid - ok
12:15:40.0095 2908  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:15:40.0110 2908  MountMgr - ok
12:15:40.0173 2908  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:15:40.0188 2908  MozillaMaintenance - ok
12:15:40.0219 2908  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:15:40.0235 2908  mpio - ok
12:15:40.0251 2908  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:15:40.0282 2908  mpsdrv - ok
12:15:40.0329 2908  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:15:40.0375 2908  MpsSvc - ok
12:15:40.0422 2908  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:15:40.0438 2908  Mraid35x - ok
12:15:40.0453 2908  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:15:40.0469 2908  MRxDAV - ok
12:15:40.0500 2908  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:15:40.0516 2908  mrxsmb - ok
12:15:40.0547 2908  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:15:40.0578 2908  mrxsmb10 - ok
12:15:40.0609 2908  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:15:40.0625 2908  mrxsmb20 - ok
12:15:40.0672 2908  [ AA305CFF241DA187BD5077DE4A2A043D ] msahci          C:\Windows\system32\drivers\msahci.sys
12:15:40.0672 2908  msahci - ok
12:15:40.0687 2908  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:15:40.0703 2908  msdsm - ok
12:15:40.0719 2908  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
12:15:40.0750 2908  MSDTC - ok
12:15:40.0781 2908  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:15:40.0812 2908  Msfs - ok
12:15:40.0859 2908  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:15:40.0875 2908  msisadrv - ok
12:15:40.0890 2908  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:15:40.0937 2908  MSiSCSI - ok
12:15:40.0937 2908  msiserver - ok
12:15:40.0968 2908  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:15:41.0015 2908  MSKSSRV - ok
12:15:41.0031 2908  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:15:41.0062 2908  MSPCLOCK - ok
12:15:41.0077 2908  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:15:41.0093 2908  MSPQM - ok
12:15:41.0140 2908  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:15:41.0155 2908  MsRPC - ok
12:15:41.0187 2908  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:15:41.0202 2908  mssmbios - ok
12:15:41.0218 2908  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:15:41.0249 2908  MSTEE - ok
12:15:41.0265 2908  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
12:15:41.0280 2908  Mup - ok
12:15:41.0311 2908  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
12:15:41.0358 2908  napagent - ok
12:15:41.0405 2908  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:15:41.0421 2908  NativeWifiP - ok
12:15:41.0467 2908  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:15:41.0483 2908  NDIS - ok
12:15:41.0514 2908  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:15:41.0545 2908  NdisTapi - ok
12:15:41.0561 2908  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:15:41.0577 2908  Ndisuio - ok
12:15:41.0623 2908  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:15:41.0639 2908  NdisWan - ok
12:15:41.0670 2908  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:15:41.0701 2908  NDProxy - ok
12:15:41.0701 2908  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:15:41.0748 2908  NetBIOS - ok
12:15:41.0764 2908  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
12:15:41.0811 2908  netbt - ok
12:15:41.0826 2908  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
12:15:41.0842 2908  Netlogon - ok
12:15:41.0873 2908  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
12:15:41.0920 2908  Netman - ok
12:15:41.0935 2908  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
12:15:41.0982 2908  netprofm - ok
12:15:42.0029 2908  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:15:42.0029 2908  NetTcpPortSharing - ok
12:15:42.0076 2908  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:15:42.0091 2908  nfrd960 - ok
12:15:42.0123 2908  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:15:42.0154 2908  NlaSvc - ok
12:15:42.0169 2908  [ 28E36E677849174C910FAAEAD3E60E9E ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
12:15:42.0216 2908  nmwcd - ok
12:15:42.0247 2908  [ 3823DEB17F9F6775DE0187A98FA0536D ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
12:15:42.0279 2908  nmwcdc - ok
12:15:42.0294 2908  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:15:42.0325 2908  Npfs - ok
12:15:42.0341 2908  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
12:15:42.0372 2908  nsi - ok
12:15:42.0403 2908  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:15:42.0435 2908  nsiproxy - ok
12:15:42.0497 2908  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:15:42.0528 2908  Ntfs - ok
12:15:42.0544 2908  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
12:15:42.0591 2908  ntrigdigi - ok
12:15:42.0606 2908  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
12:15:42.0653 2908  Null - ok
12:15:42.0669 2908  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:15:42.0669 2908  nvraid - ok
12:15:42.0700 2908  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:15:42.0715 2908  nvstor - ok
12:15:42.0715 2908  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:15:42.0731 2908  nv_agp - ok
12:15:42.0731 2908  NwlnkFlt - ok
12:15:42.0747 2908  NwlnkFwd - ok
12:15:42.0809 2908  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:15:42.0825 2908  odserv - ok
12:15:42.0871 2908  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:15:42.0918 2908  ohci1394 - ok
12:15:42.0965 2908  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:15:42.0965 2908  ose - ok
12:15:43.0027 2908  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:15:43.0074 2908  p2pimsvc - ok
12:15:43.0090 2908  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:15:43.0105 2908  p2psvc - ok
12:15:43.0137 2908  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
12:15:43.0183 2908  Parport - ok
12:15:43.0215 2908  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:15:43.0230 2908  partmgr - ok
12:15:43.0246 2908  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:15:43.0293 2908  Parvdm - ok
12:15:43.0324 2908  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:15:43.0339 2908  PcaSvc - ok
12:15:43.0386 2908  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:15:43.0402 2908  pccsmcfd - ok
12:15:43.0433 2908  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
12:15:43.0449 2908  pci - ok
12:15:43.0464 2908  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
12:15:43.0480 2908  pciide - ok
12:15:43.0495 2908  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:15:43.0511 2908  pcmcia - ok
12:15:43.0573 2908  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:15:43.0636 2908  PEAUTH - ok
12:15:43.0683 2908  [ 28F7FFFF50C474CF8BE16A2CACC7CE42 ] PGEffect        C:\Windows\system32\DRIVERS\pgeffect.sys
12:15:43.0698 2908  PGEffect - ok
12:15:43.0761 2908  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
12:15:43.0839 2908  pla - ok
12:15:43.0870 2908  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:15:43.0901 2908  PlugPlay - ok
12:15:43.0932 2908  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
12:15:43.0948 2908  PNRPAutoReg - ok
12:15:43.0963 2908  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
12:15:43.0995 2908  PNRPsvc - ok
12:15:44.0026 2908  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:15:44.0041 2908  PolicyAgent - ok
12:15:44.0088 2908  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:15:44.0104 2908  PptpMiniport - ok
12:15:44.0135 2908  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
12:15:44.0182 2908  Processor - ok
12:15:44.0197 2908  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:15:44.0229 2908  ProfSvc - ok
12:15:44.0244 2908  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:15:44.0260 2908  ProtectedStorage - ok
12:15:44.0291 2908  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:15:44.0322 2908  PSched - ok
12:15:44.0338 2908  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
12:15:44.0353 2908  PxHelp20 - ok
12:15:44.0400 2908  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:15:44.0447 2908  ql2300 - ok
12:15:44.0447 2908  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:15:44.0463 2908  ql40xx - ok
12:15:44.0494 2908  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
12:15:44.0541 2908  QWAVE - ok
12:15:44.0556 2908  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:15:44.0572 2908  QWAVEdrv - ok
12:15:44.0587 2908  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:15:44.0619 2908  RasAcd - ok
12:15:44.0634 2908  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
12:15:44.0681 2908  RasAuto - ok
12:15:44.0697 2908  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:15:44.0743 2908  Rasl2tp - ok
12:15:44.0759 2908  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
12:15:44.0806 2908  RasMan - ok
12:15:44.0853 2908  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:15:44.0884 2908  RasPppoe - ok
12:15:44.0899 2908  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:15:44.0915 2908  RasSstp - ok
12:15:44.0946 2908  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:15:44.0993 2908  rdbss - ok
12:15:45.0024 2908  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:15:45.0055 2908  RDPCDD - ok
12:15:45.0087 2908  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
12:15:45.0118 2908  rdpdr - ok
12:15:45.0118 2908  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:15:45.0149 2908  RDPENCDD - ok
12:15:45.0196 2908  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:15:45.0227 2908  RDPWD - ok
12:15:45.0274 2908  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:15:45.0305 2908  RemoteAccess - ok
12:15:45.0336 2908  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:15:45.0367 2908  RemoteRegistry - ok
12:15:45.0383 2908  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
12:15:45.0414 2908  RpcLocator - ok
12:15:45.0445 2908  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
12:15:45.0461 2908  RpcSs - ok
12:15:45.0492 2908  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:15:45.0523 2908  rspndr - ok
12:15:45.0555 2908  [ D85DA4371AF61359EDFCA4EA06619DD4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
12:15:45.0555 2908  RTHDMIAzAudService - ok
12:15:45.0601 2908  [ 470253597930E765DD08B30E723C1FA2 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
12:15:45.0633 2908  RTL8169 - ok
12:15:45.0664 2908  [ 3E29AB4BC6C174B87D31BF2A94B8AD67 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
12:15:45.0711 2908  rtl8192se - ok
12:15:45.0742 2908  [ 0D60B8C10A2C5E8DD620B3FDEB1CDA64 ] RtlProt         C:\Windows\system32\DRIVERS\rtlprot.sys
12:15:45.0757 2908  RtlProt - ok
12:15:45.0773 2908  [ 52532A4CA8B251775DECC87C4813ABFB ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
12:15:45.0789 2908  RTSTOR - ok
12:15:45.0804 2908  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
12:15:45.0820 2908  SamSs - ok
12:15:45.0851 2908  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:15:45.0867 2908  sbp2port - ok
12:15:45.0898 2908  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:15:45.0929 2908  SCardSvr - ok
12:15:45.0960 2908  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
12:15:45.0991 2908  Schedule - ok
12:15:46.0023 2908  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:15:46.0038 2908  SCPolicySvc - ok
12:15:46.0085 2908  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:15:46.0116 2908  SDRSVC - ok
12:15:46.0163 2908  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:15:46.0225 2908  secdrv - ok
12:15:46.0257 2908  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
12:15:46.0272 2908  seclogon - ok
12:15:46.0288 2908  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
12:15:46.0319 2908  SENS - ok
12:15:46.0335 2908  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:15:46.0381 2908  Serenum - ok
12:15:46.0381 2908  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
12:15:46.0428 2908  Serial - ok
12:15:46.0428 2908  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:15:46.0459 2908  sermouse - ok
12:15:46.0537 2908  [ 5BF59C6BC737BAAF541168E5CB2EC1D9 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:15:46.0584 2908  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
12:15:46.0584 2908  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
12:15:46.0615 2908  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:15:46.0647 2908  SessionEnv - ok
12:15:46.0662 2908  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:15:46.0678 2908  sffdisk - ok
12:15:46.0693 2908  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:15:46.0725 2908  sffp_mmc - ok
12:15:46.0740 2908  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:15:46.0771 2908  sffp_sd - ok
12:15:46.0803 2908  [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:15:46.0834 2908  sfloppy - ok
12:15:46.0881 2908  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:15:46.0912 2908  SharedAccess - ok
12:15:46.0943 2908  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:15:46.0959 2908  ShellHWDetection - ok
12:15:46.0990 2908  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:15:47.0005 2908  sisagp - ok
12:15:47.0005 2908  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:15:47.0021 2908  SiSRaid2 - ok
12:15:47.0037 2908  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:15:47.0052 2908  SiSRaid4 - ok
12:15:47.0083 2908  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
12:15:47.0099 2908  SkypeUpdate - ok
12:15:47.0193 2908  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
12:15:47.0302 2908  slsvc - ok
12:15:47.0349 2908  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:15:47.0380 2908  SLUINotify - ok
12:15:47.0395 2908  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:15:47.0427 2908  Smb - ok
12:15:47.0458 2908  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:15:47.0473 2908  SNMPTRAP - ok
12:15:47.0505 2908  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
12:15:47.0505 2908  spldr - ok
12:15:47.0551 2908  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
12:15:47.0567 2908  Spooler - ok
12:15:47.0598 2908  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:15:47.0629 2908  srv - ok
12:15:47.0645 2908  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:15:47.0676 2908  srv2 - ok
12:15:47.0676 2908  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:15:47.0723 2908  srvnet - ok
12:15:47.0754 2908  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:15:47.0785 2908  SSDPSRV - ok
12:15:47.0801 2908  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
12:15:47.0817 2908  ssmdrv - ok
12:15:47.0832 2908  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:15:47.0848 2908  SstpSvc - ok
12:15:47.0895 2908  [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
12:15:47.0895 2908  ss_bbus - ok
12:15:47.0926 2908  [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
12:15:47.0941 2908  ss_bmdfl - ok
12:15:47.0957 2908  [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
12:15:47.0973 2908  ss_bmdm - ok
12:15:48.0035 2908  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
12:15:48.0066 2908  stisvc - ok
12:15:48.0097 2908  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:15:48.0113 2908  swenum - ok
12:15:48.0144 2908  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
12:15:48.0191 2908  swprv - ok
12:15:48.0207 2908  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
12:15:48.0222 2908  Symc8xx - ok
12:15:48.0238 2908  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:15:48.0253 2908  Sym_hi - ok
12:15:48.0285 2908  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:15:48.0285 2908  Sym_u3 - ok
12:15:48.0347 2908  [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
12:15:48.0363 2908  SynTP - ok
12:15:48.0394 2908  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
12:15:48.0456 2908  SysMain - ok
12:15:48.0487 2908  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:15:48.0519 2908  TabletInputService - ok
12:15:48.0550 2908  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:15:48.0597 2908  TapiSrv - ok
12:15:48.0612 2908  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
12:15:48.0643 2908  TBS - ok
12:15:48.0706 2908  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:15:48.0737 2908  Tcpip - ok
12:15:48.0753 2908  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:15:48.0784 2908  Tcpip6 - ok
12:15:48.0815 2908  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:15:48.0831 2908  tcpipreg - ok
12:15:48.0862 2908  [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
12:15:48.0877 2908  tdcmdpst - ok
12:15:48.0909 2908  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:15:48.0955 2908  TDPIPE - ok
12:15:48.0955 2908  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:15:48.0987 2908  TDTCP - ok
12:15:49.0018 2908  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:15:49.0033 2908  tdx - ok
12:15:49.0080 2908  [ 24EA631FEC13E87AFE07A2B28732EF38 ] TemproMonitoringService C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
12:15:49.0096 2908  TemproMonitoringService - ok
12:15:49.0111 2908  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:15:49.0127 2908  TermDD - ok
12:15:49.0158 2908  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
12:15:49.0189 2908  TermService - ok
12:15:49.0221 2908  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
12:15:49.0236 2908  Themes - ok
12:15:49.0252 2908  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:15:49.0267 2908  THREADORDER - ok
12:15:49.0299 2908  [ FB8448D1B0DA00D70C28ADF9282B31BB ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
12:15:49.0314 2908  TMachInfo - ok
12:15:49.0361 2908  [ 22BC804EFE155F54252F389B0781D7F2 ] TNaviSrv        C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
12:15:49.0361 2908  TNaviSrv - ok
12:15:49.0408 2908  [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
12:15:49.0408 2908  TODDSrv - ok
12:15:49.0486 2908  [ 5557E7F940CBCF09BE43379F551F6689 ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
12:15:49.0501 2908  TosCoSrv - ok
12:15:49.0564 2908  [ 9D1C30CE9F1A8488D5D9102C0820743D ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
12:15:49.0579 2908  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - warning
12:15:49.0579 2908  TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic (1)
12:15:49.0626 2908  [ B792D35B8BDC5FC4106808FF5C7770AB ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
12:15:49.0642 2908  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - warning
12:15:49.0642 2908  TOSHIBA HDD SSD Alert Service - detected UnsignedFile.Multi.Generic (1)
12:15:49.0673 2908  [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
12:15:49.0689 2908  tos_sps32 - ok
12:15:49.0751 2908  [ 1A6FA701F66B58192B814570322521B2 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
12:15:49.0767 2908  TPCHSrv - ok
12:15:49.0798 2908  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
12:15:49.0845 2908  TrkWks - ok
12:15:49.0891 2908  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:15:49.0907 2908  TrustedInstaller - ok
12:15:49.0938 2908  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:15:49.0969 2908  tssecsrv - ok
12:15:50.0001 2908  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
12:15:50.0016 2908  tunmp - ok
12:15:50.0047 2908  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:15:50.0063 2908  tunnel - ok
12:15:50.0094 2908  [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:15:50.0110 2908  TVALZ - ok
12:15:50.0141 2908  [ 009AECD4C19209B09669A6615EA1E889 ] TVALZFL         C:\Windows\system32\DRIVERS\TVALZFL.sys
12:15:50.0141 2908  TVALZFL - ok
12:15:50.0172 2908  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:15:50.0188 2908  uagp35 - ok
12:15:50.0235 2908  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:15:50.0250 2908  udfs - ok
12:15:50.0297 2908  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:15:50.0344 2908  UI0Detect - ok
12:15:50.0375 2908  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:15:50.0391 2908  uliagpkx - ok
12:15:50.0406 2908  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
12:15:50.0437 2908  uliahci - ok
12:15:50.0437 2908  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:15:50.0453 2908  UlSata - ok
12:15:50.0484 2908  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
12:15:50.0484 2908  ulsata2 - ok
12:15:50.0531 2908  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:15:50.0578 2908  umbus - ok
12:15:50.0625 2908  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
12:15:50.0656 2908  upnphost - ok
12:15:50.0687 2908  [ B1B8BEE26227DAD9835019201552CB05 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
12:15:50.0703 2908  upperdev - ok
12:15:50.0749 2908  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
12:15:50.0765 2908  USBAAPL - ok
12:15:50.0796 2908  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:15:50.0843 2908  usbccgp - ok
12:15:50.0859 2908  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:15:50.0905 2908  usbcir - ok
12:15:50.0937 2908  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:15:50.0968 2908  usbehci - ok
12:15:50.0983 2908  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:15:51.0015 2908  usbhub - ok
12:15:51.0046 2908  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:15:51.0093 2908  usbohci - ok
12:15:51.0124 2908  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:15:51.0139 2908  usbprint - ok
12:15:51.0186 2908  [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser          C:\Windows\system32\drivers\usbser.sys
12:15:51.0202 2908  usbser - ok
12:15:51.0217 2908  [ 98E1FF1D732C6C7200B6C59D4FF8C1C3 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
12:15:51.0249 2908  UsbserFilt - ok
12:15:51.0295 2908  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:15:51.0311 2908  USBSTOR - ok
12:15:51.0327 2908  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:15:51.0373 2908  usbuhci - ok
12:15:51.0405 2908  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:15:51.0436 2908  usbvideo - ok
12:15:51.0451 2908  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
12:15:51.0467 2908  UxSms - ok
12:15:51.0498 2908  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
12:15:51.0545 2908  vds - ok
12:15:51.0592 2908  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:15:51.0623 2908  vga - ok
12:15:51.0639 2908  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:15:51.0670 2908  VgaSave - ok
12:15:51.0670 2908  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:15:51.0685 2908  viaagp - ok
12:15:51.0685 2908  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:15:51.0717 2908  ViaC7 - ok
12:15:51.0717 2908  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
12:15:51.0732 2908  viaide - ok
12:15:51.0748 2908  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:15:51.0763 2908  volmgr - ok
12:15:51.0795 2908  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:15:51.0810 2908  volmgrx - ok
12:15:51.0841 2908  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:15:51.0857 2908  volsnap - ok
12:15:51.0888 2908  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:15:51.0904 2908  vsmraid - ok
12:15:51.0951 2908  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
12:15:52.0029 2908  VSS - ok
12:15:52.0044 2908  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
12:15:52.0075 2908  W32Time - ok
12:15:52.0107 2908  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:15:52.0169 2908  WacomPen - ok
12:15:52.0185 2908  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:15:52.0200 2908  Wanarp - ok
12:15:52.0200 2908  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:15:52.0231 2908  Wanarpv6 - ok
12:15:52.0263 2908  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:15:52.0294 2908  wcncsvc - ok
12:15:52.0309 2908  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:15:52.0356 2908  WcsPlugInService - ok
12:15:52.0387 2908  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
12:15:52.0403 2908  Wd - ok
12:15:52.0434 2908  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:15:52.0450 2908  Wdf01000 - ok
12:15:52.0465 2908  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:15:52.0512 2908  WdiServiceHost - ok
12:15:52.0512 2908  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:15:52.0543 2908  WdiSystemHost - ok
12:15:52.0575 2908  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
12:15:52.0590 2908  WebClient - ok
12:15:52.0606 2908  [ 905214925A88311FCE52F66153DE7610 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:15:52.0637 2908  Wecsvc - ok
12:15:52.0668 2908  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:15:52.0715 2908  wercplsupport - ok
12:15:52.0731 2908  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:15:52.0762 2908  WerSvc - ok
12:15:52.0809 2908  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:15:52.0824 2908  WinDefend - ok
12:15:52.0840 2908  WinHttpAutoProxySvc - ok
12:15:52.0887 2908  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:15:52.0902 2908  Winmgmt - ok
12:15:52.0933 2908  [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:15:52.0980 2908  WinRM - ok
12:15:53.0027 2908  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:15:53.0058 2908  Wlansvc - ok
12:15:53.0074 2908  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:15:53.0105 2908  WmiAcpi - ok
12:15:53.0152 2908  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:15:53.0183 2908  wmiApSrv - ok
12:15:53.0245 2908  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:15:53.0277 2908  WMPNetworkSvc - ok
12:15:53.0308 2908  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:15:53.0339 2908  WPCSvc - ok
12:15:53.0370 2908  [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:15:53.0386 2908  WPDBusEnum - ok
12:15:53.0417 2908  [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:15:53.0448 2908  WpdUsb - ok
12:15:53.0479 2908  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:15:53.0511 2908  ws2ifsl - ok
12:15:53.0542 2908  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
12:15:53.0557 2908  wscsvc - ok
12:15:53.0573 2908  WSearch - ok
12:15:53.0651 2908  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
12:15:53.0713 2908  wuauserv - ok
12:15:53.0745 2908  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:15:53.0776 2908  WUDFRd - ok
12:15:53.0854 2908  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:15:53.0901 2908  wudfsvc - ok
12:15:53.0901 2908  ================ Scan global ===============================
12:15:53.0932 2908  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:15:53.0979 2908  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:15:53.0994 2908  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:15:54.0025 2908  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:15:54.0025 2908  [Global] - ok
12:15:54.0025 2908  ================ Scan MBR ==================================
12:15:54.0041 2908  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:15:55.0320 2908  \Device\Harddisk0\DR0 - ok
12:15:55.0320 2908  ================ Scan VBR ==================================
12:15:55.0351 2908  [ 6046502FFCCD6478DCEADF19556E819B ] \Device\Harddisk0\DR0\Partition1
12:15:55.0351 2908  \Device\Harddisk0\DR0\Partition1 - ok
12:15:55.0367 2908  [ 9265617E33251A4B1BCBDABF9BDA7BA5 ] \Device\Harddisk0\DR0\Partition2
12:15:55.0383 2908  \Device\Harddisk0\DR0\Partition2 - ok
12:15:55.0383 2908  ============================================================
12:15:55.0383 2908  Scan finished
12:15:55.0383 2908  ============================================================
12:15:55.0398 3892  Detected object count: 5
12:15:55.0398 3892  Actual detected object count: 5
12:17:24.0147 3892  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0147 3892  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:17:24.0147 3892  FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0147 3892  FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:17:24.0147 3892  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0147 3892  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:17:24.0162 3892  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0162 3892  TOSHIBA eco Utility Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:17:24.0162 3892  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:24.0162 3892  TOSHIBA HDD SSD Alert Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-03 11:45:00
-----------------------------
11:45:00.990    OS Version: Windows 6.0.6002 Service Pack 2
11:45:00.990    Number of processors: 2 586 0x170A
11:45:00.990    ComputerName: SARAHS-PC  UserName: Kirsten_2
11:45:28.116    Initialize success
11:55:43.536    AVAST engine defs: 13010201
11:56:06.000    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:56:06.015    Disk 0 Vendor: TOSHIBA_ FG01 Size: 381554MB BusType: 3
11:56:06.031    Disk 0 MBR read successfully
11:56:06.031    Disk 0 MBR scan
11:56:06.031    Disk 0 Windows VISTA default MBR code
11:56:06.046    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS         1500 MB offset 2048
11:56:06.062    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       191000 MB offset 3074048
11:56:06.093    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       189052 MB offset 394242048
11:56:06.109    Disk 0 scanning sectors +781420544
11:56:06.171    Disk 0 scanning C:\Windows\system32\drivers
11:56:15.924    Service scanning
11:56:54.597    Modules scanning
11:57:04.850    Disk 0 trace - called modules:
11:57:04.881    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
11:57:04.881    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8703fac8]
11:57:04.881    3 CLASSPNP.SYS[8330b8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85cd1028]
11:57:05.552    AVAST engine scan C:\Windows
11:57:07.221    AVAST engine scan C:\Windows\system32
12:00:08.698    AVAST engine scan C:\Windows\system32\drivers
12:00:21.286    AVAST engine scan C:\Users\Kirsten_2
12:01:21.747    AVAST engine scan C:\ProgramData
12:03:13.794    Scan finished successfully
12:04:35.256    Disk 0 MBR has been saved successfully to "C:\Users\Kirsten_2\Desktop\Test\MBR.dat"
12:04:35.266    The log file has been saved successfully to "C:\Users\Kirsten_2\Desktop\Test\aswMBR.txt"
         

Alt 03.01.2013, 11:33   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Das ist alles sehr unauffällig.
War das bisher der erste und einzige Fund?`

Alt 03.01.2013, 11:36   #11
Elvi
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Ja, der eine Fund von Malwarebytes.
Der Rechner ist so extrem langsam geworden. das war whnsinn. Jetzt scheint er flotter zu sein, kann das sein?

Alt 03.01.2013, 11:37   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Zitat:
Ja, der eine Fund von Malwarebytes.
Das war nicht meine Frage. Bitte lies sie nochmal und beantworte sie richtig.

Zitat:
Jetzt scheint er flotter zu sein, kann das sein?
Was soll ich mit solchen subjektiven Einsätzungen bitte anfangen? Ich seh deinen Rechner aus der Ferne doch nicht!

Alt 03.01.2013, 11:43   #13
Elvi
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Zitat:
Zitat von cosinus Beitrag anzeigen
Das war nicht meine Frage. Bitte lies sie nochmal und beantworte sie richtig.
Entschuldigung! Es tut mir sehr leid! da hilfst Du mir und ich dummchen verstehe Deine Frage nicht. Entschuldige! Ich hoffe ich beantworte sie richtig und in Deinem Sinne wenn ich schreibe "Ja, das war bislang der erste und einzige Fund".



Zitat:
Was soll ich mit solchen subjektiven Einsätzungen bitte anfangen? Ich seh deinen Rechner aus der Ferne doch nicht!
Entschuldigung! Ich wollte Dich nicht abermals vor den Kopf stossen indem ich versucht habe meine subjektive Meinung zu äussern. Ich verspreche Dir, es kommt nicht wieer vor und ich werde mich fortan nur noch an harte Fakten halten. Sorry!

Geändert von Elvi (03.01.2013 um 11:48 Uhr)

Alt 03.01.2013, 11:46   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Du kannst ja deine Beobachtungen schildern aber WAS bitte erwartest du von einem Helfer als Antwort wenn du ihm Input gibst wie "eben war alles langsam jetzt ist alles flott, was ist das" - merkst du denn nicht dass das einfach zu wenig Infos sind um sinnvolle Antworten finden zu können?!

Alt 03.01.2013, 11:53   #15
Elvi
 
Malwarebytes meldet Fund und Rechner ist lahm - Standard

Malwarebytes meldet Fund und Rechner ist lahm



Lieber Cosinus,
ich bin nur eine Journalistin und habe von Technik überhaupt keine Ahnung. Zudem wusste ich nicht, welch harscher Umgangston hier weht. Ich habe darum in Deinen Augen große Fehler gemacht. Sie sind jedoch meinem technischen Unvermögen geschuldet. Aufgrund meines technischen Unvermögens war ich froh, dieses Forum von Fachleuten gefunden zu haben. Dass meine Antworten leider nicht die von Dir gewünschte Präzision besitzen sondern sehr laienhaft rüberkommen, tut mir sehr leid. Ich kann Dir jedoch versichern, all meine Antworten kamen und kommen von mir mit viel Ernst an der Sache!
Sollte ich Dir zu dumm sein, dann schreibe einfach, dass das mit uns hier nichts wird und ich verstehe es und werde Dich nicht weioter mit meiner Dummheit belästigen. Für alles andere noch einmal meine ehrliche Entschuldigung!
Elvira

Antwort

Themen zu Malwarebytes meldet Fund und Rechner ist lahm
anbei, ausgeführt, dankbar, forum, fund, geschwindigkeit, lahm, langsamer, malware, malwarebytes, melde, meldet, rechner, rechner wird immer langsamer, stimme, stimmen, taste, tasten



Ähnliche Themen: Malwarebytes meldet Fund und Rechner ist lahm


  1. Malwarebytes fund
    Log-Analyse und Auswertung - 02.11.2015 (21)
  2. Fund Malwarebytes
    Log-Analyse und Auswertung - 11.09.2015 (11)
  3. Malwarebytes-Scan mit Fund
    Log-Analyse und Auswertung - 17.06.2015 (28)
  4. Windows 7: Avira meldet Fund
    Log-Analyse und Auswertung - 13.03.2015 (15)
  5. Malwarebytes-Scan mit Fund
    Log-Analyse und Auswertung - 12.09.2014 (19)
  6. Avira meldet Fund: 'TR/Crypt.XPACK.Gen2, Malwarebytes findet PUP.Optional.OpenCandy. Was tun?
    Plagegeister aller Art und deren Bekämpfung - 21.05.2014 (14)
  7. Antivir meldet Fund TR/spy.banker.gen
    Log-Analyse und Auswertung - 16.07.2013 (17)
  8. Avira meldet Fund EXP/Java.AM
    Log-Analyse und Auswertung - 23.01.2013 (31)
  9. Malwarebytes meldet Fund - syshost.exe
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (16)
  10. AntiVir meldet Fund: EXP/MS-0513.A
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (5)
  11. Malwarebytes - Fund
    Log-Analyse und Auswertung - 17.06.2012 (11)
  12. Malwarebytes Fund - PUP.OfferBundler.ST
    Log-Analyse und Auswertung - 02.06.2012 (1)
  13. ANtivir meldet Fund - Rechner langsam
    Plagegeister aller Art und deren Bekämpfung - 17.10.2011 (0)
  14. Mal wieder TR/Crypt.XPACK.Gen - legt Malwarebytes und Netzwerkadapter lahm.
    Log-Analyse und Auswertung - 07.10.2011 (1)
  15. Antivir meldet Fund: DR/Fakepic.Gen
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (1)
  16. Malwarebytes Fund
    Log-Analyse und Auswertung - 24.12.2009 (7)
  17. AntiVir meldet den Fund von inject.aed
    Log-Analyse und Auswertung - 21.03.2008 (2)

Zum Thema Malwarebytes meldet Fund und Rechner ist lahm - Liebes Forum, mein Rechner wird immer langsamer und manchmal übereinstimmen die Tastennicht mit dem überein, was sie "mache" sollten. Habe daraufhin Malwarebytes ausgeführt und es wurde ein Fund ausgespuckt. Anbei - Malwarebytes meldet Fund und Rechner ist lahm...
Archiv
Du betrachtest: Malwarebytes meldet Fund und Rechner ist lahm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.