Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.01.2013, 10:18   #1
stefan_com
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



Hallo Leute,

Ich habe mir vor 2 Tagen den (österr.) Polizei Trojaner eingefangen und nun kann ich meinen Computer nur mehr im abgesichterten Modus mit Eingabeaufforderung starten, ohne dass der typische Blockierbildschirm kommt.

Ich habe mich hier ein wenig über ähnliche Fälle informiert und mir so eine Reatogo Boot CD gebrannt um OTPLE auszuführen. Den Scan habe ich durchgeführt und wollte hier nun fragen ob mir wer bei der Auswertung der Files helfen kann.

Vielen Dank schon mal.

Anbei die Log-files otl.txt und extra.txt

Code:
ATTFilter
OTL logfile created on: 1/20/2013 10:53:40 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.29 Gb Total Space | 3.17 Gb Free Space | 2.73% Space Free | Partition Type: NTFS
Drive D: | 115.13 Gb Total Space | 1.26 Gb Free Space | 1.10% Space Free | Partition Type: NTFS
Drive E: | 3.60 Gb Total Space | 2.59 Gb Free Space | 71.97% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2013/01/18 13:41:28 | 000,143,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Users\Stefan\AppData\Local\Temp\wpbt0.dll -- (Winmgmt)
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/08 14:15:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 14:15:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/03/23 06:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/03/08 12:30:54 | 000,194,048 | ---- | M] (Telefónica I+D) [Auto] -- C:\Program Files\Movistar\Escritorio Movistar\ImpWiFiSvc.exe -- (TGCM_ImportWiFiSvc)
SRV - [2010/03/04 16:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008/08/25 02:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 13:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/05 11:05:55 | 004,493,312 | ---- | M] (Expansion Programs International, Inc.) [Auto] -- C:\Program Files\SIMULIA\Documentation\monitor.exe -- (Texis Monitor)
SRV - [2008/04/24 03:21:56 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService)
SRV - [2008/04/16 17:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 09:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/03 10:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 10:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/10/05 05:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 09:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/11/17 07:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2012/05/08 14:15:38 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/08 14:15:38 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/09/16 10:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/03/23 06:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009/12/08 07:19:22 | 000,113,664 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/12/07 06:53:18 | 000,103,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/11/27 10:53:24 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/11/12 07:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/12 02:22:56 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/10/08 10:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/06/08 21:18:16 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2008/11/16 11:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008/07/18 11:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/07/15 12:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/06/20 05:37:06 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/04/27 23:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/04/15 03:05:08 | 000,118,784 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/02/15 11:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/10 12:34:44 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007/11/09 07:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/08/08 15:06:40 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2007/07/30 04:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 03:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/01/18 10:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/28 08:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 07:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/10/23 09:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 04:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2005/10/18 04:00:00 | 000,004,096 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\cvintdrv.sys -- (cvintdrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\Stefan_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\Stefan_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Stefan_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\Stefan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\System32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@Senseless.TV: C:\Users\Stefan\AppData\Roaming\SenselessTV\ffextension [2012/12/23 07:33:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/01/01 11:12:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@Senseless.TV: C:\Users\Stefan\AppData\Roaming\SenselessTV\ffextension [2012/12/23 07:33:37 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (SenselessTV Video Plugin) - {991D97B8-F0D8-4EA1-9100-7A65EA2D3A63} - C:\Users\Stefan\AppData\Roaming\SenselessTV\bho.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKU\Stefan_ON_C\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKU\Stefan_ON_C\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe (Corel Corporation)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [SmoothView]  File not found
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Stefan_ON_C..\Run: [Spotify Web Helper] C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\Stefan_ON_C..\Run: [TOSCDSPD]  File not found
O4 - HKU\Stefan_ON_C..\Run: [Winsweep] C:\Users\Stefan\AppData\Roaming\WinSweep\WinSweep.exe (Software-Entwicklung Frank Oliver Dzewas)
O4 - HKU\Stefan_ON_C..\Run: [Winsweep Popupblocker]  File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRDownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRBrowse.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - Reg Error: Key error. File not found
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/12/18 13:49:28 | 000,000,000 | ---D | M] - E:\Automation -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{31b28bf2-db6d-11de-af48-001e33a8ab28}\Shell - "" = AutoRun
O33 - MountPoints2\{31b28bf2-db6d-11de-af48-001e33a8ab28}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{60bbddc8-6aa9-11e0-b973-001e33a8ab28}\Shell - "" = AutoRun
O33 - MountPoints2\{60bbddc8-6aa9-11e0-b973-001e33a8ab28}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{61ec95a1-2d9e-11df-8907-001e33a8ab28}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\vmfoP.Exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/20 10:49:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/18 12:01:07 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Mozilla
[2013/01/17 12:00:05 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\MATLAB
[2013/01/17 11:58:42 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\MathWorks
[2013/01/17 11:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
[2013/01/17 11:49:17 | 000,407,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSHFLXGD.OCX
[2013/01/17 11:49:17 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RICHTX32.OCX
[2013/01/17 11:30:37 | 000,000,000 | ---D | C] -- C:\Program Files\MATLAB
[2013/01/17 10:24:41 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Free Download Manager
[2013/01/17 10:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
[2013/01/17 10:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2013/01/17 10:23:29 | 007,681,100 | ---- | C] (FreeDownloadManager.ORG                                     ) -- C:\Users\Stefan\Desktop\fd88minst.exe
[2012/12/23 07:33:37 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\SenselessTV
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Stefan\Desktop\*.tmp files -> C:\Users\Stefan\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/19 13:09:11 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/19 12:43:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/19 12:43:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/19 07:00:13 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013/01/19 06:42:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/19 06:42:54 | 3082,805,248 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/19 06:41:05 | 095,023,320 | ---- | M] () -- C:\ProgramData\0tbpw.pad
[2013/01/18 13:42:19 | 000,001,356 | ---- | M] () -- C:\Users\Stefan\AppData\Local\d3d9caps.dat
[2013/01/18 13:41:44 | 000,003,176 | ---- | M] () -- C:\ProgramData\0tbpw.js
[2013/01/18 13:41:44 | 000,000,913 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013/01/18 11:36:07 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/01/18 11:36:07 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/18 11:36:07 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/01/18 11:36:07 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/18 10:34:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/17 11:50:01 | 000,001,022 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2011b.lnk
[2013/01/17 11:50:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
[2013/01/17 11:26:59 | 000,053,248 | ---- | M] () -- C:\Users\Stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/17 10:24:28 | 000,000,893 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2013/01/17 10:24:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
[2013/01/17 10:23:29 | 007,681,100 | ---- | M] (FreeDownloadManager.ORG                                     ) -- C:\Users\Stefan\Desktop\fd88minst.exe
[2013/01/08 03:18:00 | 002,848,990 | ---- | M] () -- C:\Users\Stefan\Documents\kolbenringe.xps
[2013/01/01 11:12:35 | 000,001,400 | ---- | M] () -- C:\Users\Stefan\Desktop\DivX Movies.lnk
[2013/01/01 11:12:07 | 000,000,922 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013/01/01 11:12:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013/01/01 11:11:50 | 000,000,962 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/12/27 15:34:52 | 000,084,437 | ---- | M] () -- C:\Users\Stefan\Desktop\115500458.sLMAJs2Q.ViennaOct08133.jpg
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Stefan\Desktop\*.tmp files -> C:\Users\Stefan\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/01/19 06:42:54 | 3082,805,248 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/18 13:41:44 | 000,003,176 | ---- | C] () -- C:\ProgramData\0tbpw.js
[2013/01/18 13:41:44 | 000,000,913 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013/01/18 13:41:35 | 095,023,320 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2013/01/17 11:50:01 | 000,001,022 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2011b.lnk
[2013/01/17 11:49:41 | 000,000,548 | ---- | C] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2013/01/17 11:48:55 | 000,645,120 | ---- | C] () -- C:\Windows\System32\config.gms
[2013/01/17 10:24:28 | 000,000,893 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2013/01/08 03:18:00 | 002,848,990 | ---- | C] () -- C:\Users\Stefan\Documents\kolbenringe.xps
[2013/01/01 11:12:35 | 000,001,400 | ---- | C] () -- C:\Users\Stefan\Desktop\DivX Movies.lnk
[2013/01/01 11:12:07 | 000,000,922 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013/01/01 11:11:50 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/12/27 15:34:52 | 000,084,437 | ---- | C] () -- C:\Users\Stefan\Desktop\115500458.sLMAJs2Q.ViennaOct08133.jpg
[2012/10/16 15:00:20 | 000,108,544 | ---- | C] () -- C:\ProgramData\ucekgypa.exe
[2012/10/16 15:00:15 | 000,074,137 | ---- | C] () -- C:\ProgramData\mvcdhudzfiqcpwe
[2011/05/29 16:58:44 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/05/29 16:57:02 | 000,022,723 | ---- | C] () -- C:\Windows\System32\ssp2ml3.dll
[2010/10/30 06:58:51 | 000,010,709 | ---- | C] () -- C:\Windows\hpwscr19.dat
[2010/10/30 06:57:42 | 000,202,713 | ---- | C] () -- C:\Windows\hpwins19.dat
[2010/10/30 06:57:42 | 000,000,997 | ---- | C] () -- C:\Windows\hpwmdl19.dat
[2010/09/04 01:30:41 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010/07/24 10:49:25 | 000,001,356 | ---- | C] () -- C:\Users\Stefan\AppData\Local\d3d9caps.dat
[2010/06/08 08:19:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2010/06/08 08:19:24 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2010/03/23 06:26:48 | 000,201,512 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2009/05/22 04:34:38 | 000,000,016 | -H-- | C] () -- C:\Users\Stefan\AppData\Roaming\mxfilerelatedcache.mxc2
[2009/05/22 04:34:38 | 000,000,016 | -H-- | C] () -- C:\Users\Stefan\AppData\mxfilerelatedcache.mxc2
[2009/05/22 04:34:38 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2009/05/22 04:34:36 | 000,000,016 | -H-- | C] () -- C:\Users\Stefan\AppData\Local\mxfilerelatedcache.mxc2
[2009/05/22 04:19:30 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
[2009/05/22 04:19:30 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
[2009/05/09 06:33:43 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/05/09 06:33:40 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/05/09 06:33:39 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/09 06:33:38 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/05/02 05:42:39 | 000,006,504 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\PrimoPDFSet.xml
[2009/05/02 05:41:57 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2009/04/08 18:10:59 | 000,053,248 | ---- | C] () -- C:\Users\Stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/08 04:19:49 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/04/08 04:19:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/04/08 02:20:37 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/04/08 02:20:37 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/04/08 02:20:37 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/04/08 02:20:37 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/10/07 03:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/08/04 05:30:01 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/08/04 05:30:01 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/08/04 05:29:59 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/08/04 05:29:59 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/08/04 05:29:58 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/07/03 04:34:43 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/07/03 04:27:11 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008/07/03 04:17:58 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/07/03 04:17:58 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/07/03 04:17:58 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/07/03 04:17:58 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/07/03 04:17:58 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/07/03 04:17:58 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/07/03 03:51:19 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC1.dat
[2008/07/03 03:51:19 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat
[2008/07/03 03:51:19 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008/07/03 03:51:19 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008/07/03 03:51:19 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008/07/03 03:51:19 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/07/03 02:57:12 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/04/28 11:13:33 | 000,000,310 | ---- | C] () -- C:\Windows\primopdf.ini
[2008/01/21 02:15:58 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 02:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 02:15:58 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 02:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/12/21 09:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/05/09 18:39:28 | 000,003,584 | ---- | C] () -- C:\Windows\System32\CNCFLdNL.DLL
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,419,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/10/18 04:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\System32\drivers\cvintdrv.sys
[2005/09/28 10:26:34 | 000,000,244 | ---- | C] () -- C:\Windows\System32\nirpc.ini
[2005/07/22 14:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
 
========== LOP Check ==========
 
[2012/08/21 02:16:38 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\A1 Servicecenter
[2012/12/27 16:03:52 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Azureus
[2012/03/01 02:43:48 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Babylon
[2010/09/04 01:30:55 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Canneverbe Limited
[2013/01/17 11:14:24 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DAEMON Tools Lite
[2011/10/08 07:26:04 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DVDVideoSoft
[2011/10/08 07:25:11 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/01/17 11:12:02 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Free Download Manager
[2011/10/23 16:16:35 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\GetRight
[2012/03/23 09:18:39 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\GetRightToGo
[2011/09/18 11:12:51 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\gtk-2.0
[2011/10/17 02:38:38 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Mobipocket
[2012/08/21 02:21:28 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\mquadr.at
[2009/07/04 12:39:20 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\myphotobook
[2009/04/08 04:34:53 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Opera
[2012/12/23 07:33:39 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\SenselessTV
[2011/03/14 11:19:38 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Softplicity
[2012/11/21 13:54:17 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Spotify
[2011/04/19 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Telefónica
[2009/05/14 09:19:58 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\Toshiba
[2010/11/27 06:32:44 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\TuneUp Software
[2011/09/27 03:10:25 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\WinSweep
[2011/10/21 10:03:49 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\XMedia Recode
[2009/04/08 02:12:45 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/03/01 02:43:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2010/09/04 01:30:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Canneverbe Limited
[2009/05/19 15:30:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2009/11/27 10:52:28 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/04/08 02:12:45 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009/04/08 02:12:45 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/04/08 03:46:26 | 000,000,000 | ---D | M] -- C:\ProgramData\IsolatedStorage
[2012/08/21 02:21:29 | 000,000,000 | ---D | M] -- C:\ProgramData\m2backup
[2012/08/21 02:16:58 | 000,000,000 | ---D | M] -- C:\ProgramData\m2portal
[2008/07/03 04:28:40 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2012/08/21 02:20:33 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2009/11/19 12:44:15 | 000,000,000 | ---D | M] -- C:\ProgramData\National Instruments
[2012/10/16 15:00:20 | 000,000,000 | ---D | M] -- C:\ProgramData\nhyiupfubrtlidq
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/04/08 02:12:45 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2011/10/20 01:52:30 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/04/08 02:19:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Toshiba
[2009/04/08 02:17:09 | 000,000,000 | ---D | M] -- C:\ProgramData\ToshibaEurope
[2010/11/27 06:32:35 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2008/07/03 04:17:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2009/04/08 02:12:45 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2011/09/06 13:03:20 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2008/07/03 08:05:54 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2012/08/21 02:18:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\{605AE1A0-14F6-482E-99EB-62B6E9D9474E}
[2012/08/21 02:18:44 | 000,000,000 | -H-D | M] -- C:\ProgramData\{6789B11A-FBE5-4DBD-8487-E346A9DBDCD0}
[2012/08/21 02:19:41 | 000,000,000 | -H-D | M] -- C:\ProgramData\{8E6CEEA5-9AE9-4FCA-83CB-ADBFDD856DC6}
[2012/02/20 06:01:46 | 000,000,000 | -H-D | M] -- C:\ProgramData\{AA8ED54A-22C1-4CAF-809C-EF137A8D3C2E}
[2011/10/17 02:46:57 | 000,000,000 | -H-D | M] -- C:\ProgramData\{AACD5E81-4AE2-4E76-847B-315E24090C4C}
[2010/11/27 06:31:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2013/01/19 07:00:13 | 000,000,548 | ---- | M] () -- C:\Windows\Tasks\MATLAB R2011b Startup Accelerator.job
[2013/01/18 01:31:05 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\Stefan\Desktop\Rebeca 1940.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Stefan\Desktop\1962.flv:TOC.WMV
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:7631EA83
< End of report >
         
und extras..

Code:
ATTFilter
OTL Extras logfile created on: 1/20/2013 10:53:40 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.29 Gb Total Space | 3.17 Gb Free Space | 2.73% Space Free | Partition Type: NTFS
Drive D: | 115.13 Gb Total Space | 1.26 Gb Free Space | 1.10% Space Free | Partition Type: NTFS
Drive E: | 3.60 Gb Total Space | 2.59 Gb Free Space | 71.97% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Hewlett-Packard\HP-MPI\bin\mpid.exe" = C:\Program Files\Hewlett-Packard\HP-MPI\bin\mpid.exe:LocalSubNet:Enabled:mpid.exe -- ()
"C:\Program Files\Hewlett-Packard\HP-MPI\bin\mpirun.exe" = C:\Program Files\Hewlett-Packard\HP-MPI\bin\mpirun.exe:LocalSubNet:Enabled:mpirun.exe -- ()
"C:\Program Files\Hewlett-Packard\HP-MPI\bin\mpidiag.exe" = C:\Program Files\Hewlett-Packard\HP-MPI\bin\mpidiag.exe:LocalSubNet:Enabled:mpidiag.exe
"C:\Program Files\Hewlett-Packard\HP-MPI\bin\mpisrvutil.exe" = C:\Program Files\Hewlett-Packard\HP-MPI\bin\mpisrvutil.exe:LocalSubNet:Enabled:mpisrvutil.exe
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}" = Toshiba TEMPRO
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{291A06BB-7145-443F-9257-8913A928BD40}" = A1 Webassistent
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{743EE0D1-9E28-4410-AFDA-19DA9ED4CE09}_is1" = WinSweep 7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E4FBD52-148F-49EE-AFCC-96FB498F4D7D}" = A1 Servicecenter
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EEA1427-5C0D-469F-9FC6-A622A99D98EB}" = Trixie
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{905A7A49-C6AE-4F77-8E69-AE8B9629D719}" = A1 Internet Software
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}" = Cisco Systems VPN Client 5.0.07.0290
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B27154AB-89DD-4A3C-9A98-6834C2646E31}" = UniLex Pro
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE9B7817-E580-445c-ADD7-3D9C76124A0F}" = PONS Deutsch-Spanisch
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EC1F1209-E48D-38B0-BE25-B37C6BFCF676}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.4967)
"{EC1F1209-E48D-38B0-BE25-B37C6BFCF676}.vc_x86runtime_30729_4967" = Visual C++ 2008 x86 Runtime - v9.0.30729.4967
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}" = HDMI Control Manager
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 4.65
"8461-7759-5462-8226" = Vuze
"A1 Internet Software" = A1 Internet Software
"A1 Servicecenter" = A1 Servicecenter
"A1 Webassistent" = A1 Webassistent
"Abaqus 6.11 Student Edition" = Abaqus 6.11 Student Edition
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Buensoft Alemán_is1" = Buensoft Alemán 2004
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Derive 6 Trial Edition" = Derive 6 Trial Edition
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Free Download Manager_is1" = Free Download Manager 3.9.2
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"GetRight_is1" = GetRight
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP-MPI_is1" = HP-MPI 1.1
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 3.10.02.00
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.8.0 (Full)
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Matlab R2011b" = MATLAB R2011b
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"movistarES" = Escritorio Movistar
"myphotobook" = myphotobook 3.5
"Opera 12.12.1707" = Opera 12.12
"Picasa 3" = Picasa 3
"PONS Deutsch-Spanisch" = PONS Deutsch-Spanisch
"PrimoPDF4.1.0.9" = PrimoPDF
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"Scan-To-Web" = HP Scan-to-Web Wizard
"Scribus 1.3.3.14" = Scribus 1.3.3.14
"Selingua" = Selingua
"Senseless.TV Video Plugin" = Senseless.TV Video Plugin 1.0
"SopCast" = SopCast 3.0.3
"Spotify" = Spotify
"Stellar Phoenix Photo Recovery_is1" = Stellar Phoenix Photo Recovery
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Total Audio Converter_is1" = TotalAudioConverter
"TVAnts 1.0" = TVAnts 1.0
"UniLex Pro" = UniLex Pro
"VLC media player" = VLC media player 1.1.11
"vShare" = vShare Plugin
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 3.0.3.4
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Stefan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"pdfsam" = pdfsam
 
< End of report >
         

Alt 20.01.2013, 13:32   #2
markusg
/// Malware-holic
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



hi
kein Wunder, wenn du dein System nicht mit Updates versorgst!
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
O4 - Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
[2013/01/18 13:41:44 | 000,003,176 | ---- | C] () -- C:\ProgramData\0tbpw.js
[2013/01/18 13:41:44 | 000,000,913 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013/01/18 13:41:35 | 095,023,320 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2013/01/17 11:50:01 | 000,001,022 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2011b.lnk
:Files
C:\Users\Stefan\AppData\Local\Temp\wpbt0.dll

:Commands
[EMPTYFLASH] 
[emptytemp]
         


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________

__________________

Alt 20.01.2013, 21:29   #3
stefan_com
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



Hallo Markus,

Vielen Dank! Ich kann jetzt wieder normal starten und der Blockierbildschirm kommt nicht.

Den Moved_files.zip-Ordner konnte ich ohne Probleme uploaden.

Welche weiteren Schritte gibt es nun?
__________________

Alt 21.01.2013, 11:45   #4
markusg
/// Malware-holic
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



hi,
upload hat geklappt.

1.:
http://download.bleepingcomputer.com...ta/Winmgmt.reg
laden, doppelklicken, nachfrage bestätigen, neustarten.
2.
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 21.01.2013, 13:24   #5
stefan_com
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



So, hab alles weitere durchgeführt. Anbei das LOG des TDSS Killers:

Code:
ATTFilter
14:19:00.0524 4184  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:19:00.0613 4184  ============================================================
14:19:00.0613 4184  Current date / time: 2013/01/21 14:19:00.0613
14:19:00.0613 4184  SystemInfo:
14:19:00.0613 4184  
14:19:00.0613 4184  OS Version: 6.0.6001 ServicePack: 1.0
14:19:00.0613 4184  Product type: Workstation
14:19:00.0613 4184  ComputerName: STEFAN-PC
14:19:00.0613 4184  UserName: Stefan
14:19:00.0613 4184  Windows directory: C:\Windows
14:19:00.0613 4184  System windows directory: C:\Windows
14:19:00.0613 4184  Processor architecture: Intel x86
14:19:00.0613 4184  Number of processors: 2
14:19:00.0614 4184  Page size: 0x1000
14:19:00.0614 4184  Boot type: Normal boot
14:19:00.0614 4184  ============================================================
14:19:01.0338 4184  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:19:01.0340 4184  ============================================================
14:19:01.0340 4184  \Device\Harddisk0\DR0:
14:19:01.0340 4184  MBR partitions:
14:19:01.0340 4184  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xE893000
14:19:01.0340 4184  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xEB81800, BlocksNum 0xE643970
14:19:01.0340 4184  ============================================================
14:19:01.0415 4184  C: <-> \Device\Harddisk0\DR0\Partition1
14:19:01.0467 4184  E: <-> \Device\Harddisk0\DR0\Partition2
14:19:01.0468 4184  ============================================================
14:19:01.0468 4184  Initialize success
14:19:01.0468 4184  ============================================================
14:21:21.0009 5508  ============================================================
14:21:21.0009 5508  Scan started
14:21:21.0009 5508  Mode: Manual; SigCheck; TDLFS; 
14:21:21.0009 5508  ============================================================
14:21:21.0985 5508  ================ Scan system memory ========================
14:21:21.0985 5508  System memory - ok
14:21:21.0985 5508  ================ Scan services =============================
14:21:22.0149 5508  [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI            C:\Windows\system32\drivers\acpi.sys
14:21:22.0265 5508  ACPI - ok
14:21:22.0334 5508  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:21:22.0380 5508  adp94xx - ok
14:21:22.0445 5508  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:21:22.0479 5508  adpahci - ok
14:21:22.0514 5508  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
14:21:22.0533 5508  adpu160m - ok
14:21:22.0575 5508  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:21:22.0594 5508  adpu320 - ok
14:21:22.0652 5508  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:21:22.0735 5508  AeLookupSvc - ok
14:21:22.0814 5508  [ 48EB99503533C27AC6135648E5474457 ] AFD             C:\Windows\system32\drivers\afd.sys
14:21:22.0895 5508  AFD - ok
14:21:22.0933 5508  [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
14:21:22.0987 5508  AgereModemAudio - ok
14:21:23.0044 5508  [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem  C:\Windows\system32\DRIVERS\AGRSM.sys
14:21:23.0184 5508  AgereSoftModem - ok
14:21:23.0224 5508  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:21:23.0241 5508  agp440 - ok
14:21:23.0274 5508  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
14:21:23.0293 5508  aic78xx - ok
14:21:23.0335 5508  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
14:21:23.0367 5508  ALG - ok
14:21:23.0393 5508  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:21:23.0408 5508  aliide - ok
14:21:23.0452 5508  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
14:21:23.0468 5508  amdagp - ok
14:21:23.0509 5508  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:21:23.0524 5508  amdide - ok
14:21:23.0563 5508  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
14:21:23.0618 5508  AmdK7 - ok
14:21:23.0625 5508  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:21:23.0661 5508  AmdK8 - ok
14:21:23.0777 5508  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:21:23.0789 5508  AntiVirSchedulerService - ok
14:21:23.0852 5508  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:21:23.0861 5508  AntiVirService - ok
14:21:23.0919 5508  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
14:21:23.0960 5508  Appinfo - ok
14:21:23.0981 5508  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
14:21:23.0999 5508  arc - ok
14:21:24.0055 5508  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:21:24.0073 5508  arcsas - ok
14:21:24.0103 5508  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:21:24.0156 5508  AsyncMac - ok
14:21:24.0172 5508  [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:21:24.0188 5508  atapi - ok
14:21:24.0212 5508  [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:21:24.0253 5508  AudioEndpointBuilder - ok
14:21:24.0279 5508  [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:21:24.0306 5508  Audiosrv - ok
14:21:24.0364 5508  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:21:24.0412 5508  avgntflt - ok
14:21:24.0492 5508  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:21:24.0512 5508  avipbb - ok
14:21:24.0546 5508  [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:21:24.0561 5508  avkmgr - ok
14:21:24.0611 5508  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:21:24.0652 5508  Beep - ok
14:21:24.0709 5508  [ 8582E233C346AEFE759833E8A30DD697 ] BFE             C:\Windows\System32\bfe.dll
14:21:24.0757 5508  BFE - ok
14:21:24.0810 5508  [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS            C:\Windows\System32\qmgr.dll
14:21:24.0884 5508  BITS - ok
14:21:24.0898 5508  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:21:24.0948 5508  blbdrive - ok
14:21:24.0981 5508  [ 8153396D5551276227FA146900F734E6 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:21:25.0039 5508  bowser - ok
14:21:25.0096 5508  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
14:21:25.0140 5508  BrFiltLo - ok
14:21:25.0164 5508  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
14:21:25.0211 5508  BrFiltUp - ok
14:21:25.0243 5508  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
14:21:25.0298 5508  Browser - ok
14:21:25.0321 5508  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
14:21:25.0515 5508  Brserid - ok
14:21:25.0545 5508  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
14:21:25.0620 5508  BrSerWdm - ok
14:21:25.0642 5508  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
14:21:25.0712 5508  BrUsbMdm - ok
14:21:25.0730 5508  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
14:21:25.0799 5508  BrUsbSer - ok
14:21:25.0832 5508  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:21:25.0890 5508  BTHMODEM - ok
14:21:25.0907 5508  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:21:25.0947 5508  cdfs - ok
14:21:25.0986 5508  [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:21:26.0030 5508  cdrom - ok
14:21:26.0069 5508  [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc     C:\Windows\System32\certprop.dll
14:21:26.0104 5508  CertPropSvc - ok
14:21:26.0129 5508  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
14:21:26.0171 5508  circlass - ok
14:21:26.0199 5508  [ 465745561C832B29F7C48B488AAB3842 ] CLFS            C:\Windows\system32\CLFS.sys
14:21:26.0231 5508  CLFS - ok
14:21:26.0315 5508  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:21:26.0333 5508  clr_optimization_v2.0.50727_32 - ok
14:21:26.0428 5508  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:21:26.0440 5508  clr_optimization_v4.0.30319_32 - ok
14:21:26.0483 5508  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:21:26.0529 5508  CmBatt - ok
14:21:26.0551 5508  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:21:26.0566 5508  cmdide - ok
14:21:26.0588 5508  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:21:26.0603 5508  Compbatt - ok
14:21:26.0609 5508  COMSysApp - ok
14:21:26.0712 5508  [ D10D01B2DFCD8D2F32A32ED29E8DA1C2 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
14:21:26.0727 5508  ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
14:21:26.0727 5508  ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
14:21:26.0733 5508  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:21:26.0749 5508  crcdisk - ok
14:21:26.0772 5508  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
14:21:26.0824 5508  Crusoe - ok
14:21:26.0871 5508  [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:21:26.0897 5508  CryptSvc - ok
14:21:26.0958 5508  [ DBD89BC0DBE00DCD245BE8F61DBEE291 ] cvintdrv        C:\Windows\system32\drivers\cvintdrv.sys
14:21:26.0984 5508  cvintdrv ( UnsignedFile.Multi.Generic ) - warning
14:21:26.0984 5508  cvintdrv - detected UnsignedFile.Multi.Generic (1)
14:21:27.0032 5508  [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
14:21:27.0072 5508  CVirtA - ok
14:21:27.0185 5508  [ 66257CB4E4FB69887CDDC71663741435 ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
14:21:27.0270 5508  CVPND - ok
14:21:27.0302 5508  [ 18994842386FD3039279D7865740ABBD ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
14:21:27.0356 5508  CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
14:21:27.0356 5508  CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
14:21:27.0412 5508  [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:21:27.0454 5508  DcomLaunch - ok
14:21:27.0500 5508  [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:21:27.0540 5508  DfsC - ok
14:21:27.0632 5508  [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR            C:\Windows\system32\DFSR.exe
14:21:27.0880 5508  DFSR - ok
14:21:27.0941 5508  [ 7F19DBA1A467B838CCB23124A2C55568 ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
14:21:27.0959 5508  DgiVecp ( UnsignedFile.Multi.Generic ) - warning
14:21:27.0959 5508  DgiVecp - detected UnsignedFile.Multi.Generic (1)
14:21:28.0036 5508  [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
14:21:28.0079 5508  Dhcp - ok
14:21:28.0109 5508  [ 64109E623ABD6955C8FB110B592E68B7 ] disk            C:\Windows\system32\drivers\disk.sys
14:21:28.0127 5508  disk - ok
14:21:28.0195 5508  [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
14:21:28.0204 5508  DNE - ok
14:21:28.0242 5508  [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:21:28.0294 5508  Dnscache - ok
14:21:28.0331 5508  [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:21:28.0367 5508  dot3svc - ok
14:21:28.0439 5508  [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
14:21:28.0496 5508  Dot4 - ok
14:21:28.0536 5508  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:21:28.0581 5508  Dot4Print - ok
14:21:28.0606 5508  [ C55004CA6B419B6695970DFE849B122F ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
14:21:28.0650 5508  dot4usb - ok
14:21:28.0670 5508  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
14:21:28.0714 5508  DPS - ok
14:21:28.0759 5508  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:21:28.0798 5508  drmkaud - ok
14:21:28.0839 5508  [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:21:28.0945 5508  DXGKrnl - ok
14:21:28.0987 5508  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
14:21:29.0032 5508  E1G60 - ok
14:21:29.0046 5508  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
14:21:29.0077 5508  EapHost - ok
14:21:29.0105 5508  [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache          C:\Windows\system32\drivers\ecache.sys
14:21:29.0129 5508  Ecache - ok
14:21:29.0191 5508  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:21:29.0235 5508  ehRecvr - ok
14:21:29.0252 5508  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
14:21:29.0291 5508  ehSched - ok
14:21:29.0307 5508  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
14:21:29.0330 5508  ehstart - ok
14:21:29.0373 5508  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:21:29.0408 5508  elxstor - ok
14:21:29.0452 5508  [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
14:21:29.0555 5508  EMDMgmt - ok
14:21:29.0574 5508  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:21:29.0613 5508  ErrDev - ok
14:21:29.0671 5508  [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem     C:\Windows\system32\es.dll
14:21:29.0711 5508  EventSystem - ok
14:21:29.0750 5508  [ 4B36D96340200512C7974307D0F7D8B3 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
14:21:29.0797 5508  ewusbnet - ok
14:21:29.0823 5508  [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat           C:\Windows\system32\drivers\exfat.sys
14:21:29.0878 5508  exfat - ok
14:21:29.0893 5508  [ 3C489390C2E2064563727752AF8EAB9E ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:21:29.0944 5508  fastfat - ok
14:21:30.0015 5508  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:21:30.0059 5508  fdc - ok
14:21:30.0086 5508  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:21:30.0132 5508  fdPHost - ok
14:21:30.0145 5508  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:21:30.0207 5508  FDResPub - ok
14:21:30.0229 5508  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:21:30.0245 5508  FileInfo - ok
14:21:30.0270 5508  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:21:30.0321 5508  Filetrace - ok
14:21:30.0444 5508  [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
14:21:30.0607 5508  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
14:21:30.0607 5508  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
14:21:30.0632 5508  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:21:30.0675 5508  flpydisk - ok
14:21:30.0695 5508  [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:21:30.0717 5508  FltMgr - ok
14:21:30.0789 5508  [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:21:30.0798 5508  FontCache3.0.0.0 - ok
14:21:30.0812 5508  [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:21:30.0849 5508  Fs_Rec - ok
14:21:30.0889 5508  [ CBC22823628544735625B280665E434E ] FwLnk           C:\Windows\system32\DRIVERS\FwLnk.sys
14:21:30.0919 5508  FwLnk - ok
14:21:30.0941 5508  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:21:30.0958 5508  gagp30kx - ok
14:21:31.0033 5508  [ D9F1113D9401185245573350712F92FC ] gpsvc           C:\Windows\System32\gpsvc.dll
14:21:31.0147 5508  gpsvc - ok
14:21:31.0265 5508  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:21:31.0273 5508  gupdate - ok
14:21:31.0294 5508  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:21:31.0302 5508  gupdatem - ok
14:21:31.0336 5508  [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:21:31.0356 5508  gusvc - ok
14:21:31.0397 5508  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:21:31.0467 5508  HdAudAddService - ok
14:21:31.0495 5508  [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:21:31.0532 5508  HDAudBus - ok
14:21:31.0557 5508  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:21:31.0615 5508  HidBth - ok
14:21:31.0636 5508  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:21:31.0696 5508  HidIr - ok
14:21:31.0713 5508  [ 8FA640195279ACE21BEA91396A0054FC ] hidserv         C:\Windows\system32\hidserv.dll
14:21:31.0757 5508  hidserv - ok
14:21:31.0786 5508  [ 854CA287AB7FAF949617A788306D967E ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:21:31.0833 5508  HidUsb - ok
14:21:31.0857 5508  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:21:31.0884 5508  hkmsvc - ok
14:21:31.0908 5508  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
14:21:31.0924 5508  HpCISSs - ok
14:21:32.0034 5508  [ B14328CFEEB6B736BE44C2C9DB3B162C ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:21:32.0071 5508  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:21:32.0071 5508  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:21:32.0106 5508  [ 96E241624C71211A79C84F50A8E71CAB ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:21:32.0196 5508  HTTP - ok
14:21:32.0253 5508  [ C1258ADCBE6E51A3C06C234D2BDB81B5 ] Huawei          C:\Windows\system32\DRIVERS\ewdcsc.sys
14:21:32.0289 5508  Huawei - ok
14:21:32.0333 5508  [ 1FC7A63148E4F2BD831DAB0DC732026D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:21:32.0372 5508  hwdatacard - ok
14:21:32.0397 5508  [ A259D3619AA23D4562581067F85E2006 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
14:21:32.0443 5508  hwusbdev - ok
14:21:32.0484 5508  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
14:21:32.0500 5508  i2omp - ok
14:21:32.0546 5508  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:21:32.0588 5508  i8042prt - ok
14:21:32.0625 5508  [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:21:32.0637 5508  iaStor - ok
14:21:32.0662 5508  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
14:21:32.0695 5508  iaStorV - ok
14:21:32.0775 5508  [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:21:32.0868 5508  idsvc - ok
14:21:32.0963 5508  [ 6FB1858D1F0923D122B0331865695041 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
14:21:33.0193 5508  igfx - ok
14:21:33.0218 5508  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:21:33.0233 5508  iirsp - ok
14:21:33.0278 5508  [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT          C:\Windows\System32\ikeext.dll
14:21:33.0347 5508  IKEEXT - ok
14:21:33.0454 5508  [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:21:33.0618 5508  IntcAzAudAddService - ok
14:21:33.0652 5508  [ 45C0E97875F0C67B32B814749DF24B30 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
14:21:33.0699 5508  IntcHdmiAddService - ok
14:21:33.0743 5508  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:21:33.0758 5508  intelide - ok
14:21:33.0798 5508  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:21:33.0831 5508  intelppm - ok
14:21:33.0862 5508  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:21:33.0895 5508  IPBusEnum - ok
14:21:33.0912 5508  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:21:33.0957 5508  IpFilterDriver - ok
14:21:34.0000 5508  [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:21:34.0044 5508  iphlpsvc - ok
14:21:34.0049 5508  IpInIp - ok
14:21:34.0074 5508  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
14:21:34.0122 5508  IPMIDRV - ok
14:21:34.0149 5508  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
14:21:34.0202 5508  IPNAT - ok
14:21:34.0222 5508  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:21:34.0271 5508  IRENUM - ok
14:21:34.0292 5508  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:21:34.0309 5508  isapnp - ok
14:21:34.0370 5508  [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:21:34.0382 5508  iScsiPrt - ok
14:21:34.0395 5508  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
14:21:34.0411 5508  iteatapi - ok
14:21:34.0434 5508  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
14:21:34.0449 5508  iteraid - ok
14:21:34.0478 5508  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:21:34.0494 5508  kbdclass - ok
14:21:34.0522 5508  [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:21:34.0571 5508  kbdhid - ok
14:21:34.0602 5508  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso          C:\Windows\system32\lsass.exe
14:21:34.0637 5508  KeyIso - ok
14:21:34.0668 5508  [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:21:34.0715 5508  KSecDD - ok
14:21:34.0765 5508  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:21:34.0850 5508  KtmRm - ok
14:21:34.0885 5508  [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:21:34.0910 5508  LanmanServer - ok
14:21:34.0953 5508  [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:21:34.0999 5508  LanmanWorkstation - ok
14:21:35.0042 5508  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:21:35.0089 5508  lltdio - ok
14:21:35.0124 5508  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:21:35.0160 5508  lltdsvc - ok
14:21:35.0182 5508  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:21:35.0233 5508  lmhosts - ok
14:21:35.0256 5508  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:21:35.0275 5508  LSI_FC - ok
14:21:35.0294 5508  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:21:35.0311 5508  LSI_SAS - ok
14:21:35.0337 5508  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:21:35.0355 5508  LSI_SCSI - ok
14:21:35.0385 5508  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
14:21:35.0411 5508  luafv - ok
14:21:35.0431 5508  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:21:35.0459 5508  Mcx2Svc - ok
14:21:35.0492 5508  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:21:35.0507 5508  megasas - ok
14:21:35.0530 5508  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
14:21:35.0565 5508  MegaSR - ok
14:21:35.0637 5508  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:21:35.0654 5508  Microsoft Office Groove Audit Service - ok
14:21:35.0685 5508  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
14:21:35.0726 5508  MMCSS - ok
14:21:35.0746 5508  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
14:21:35.0784 5508  Modem - ok
14:21:35.0802 5508  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:21:35.0826 5508  monitor - ok
14:21:35.0835 5508  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:21:35.0850 5508  mouclass - ok
14:21:35.0868 5508  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:21:35.0917 5508  mouhid - ok
14:21:35.0933 5508  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
14:21:35.0950 5508  MountMgr - ok
14:21:35.0991 5508  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:21:36.0011 5508  mpio - ok
14:21:36.0034 5508  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:21:36.0070 5508  mpsdrv - ok
14:21:36.0098 5508  [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:21:36.0151 5508  MpsSvc - ok
14:21:36.0187 5508  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
14:21:36.0202 5508  Mraid35x - ok
14:21:36.0224 5508  [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:21:36.0278 5508  MRxDAV - ok
14:21:36.0307 5508  [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:21:36.0348 5508  mrxsmb - ok
14:21:36.0392 5508  [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:21:36.0453 5508  mrxsmb10 - ok
14:21:36.0469 5508  [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:21:36.0502 5508  mrxsmb20 - ok
14:21:36.0527 5508  [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:21:36.0544 5508  msahci - ok
14:21:36.0572 5508  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:21:36.0590 5508  msdsm - ok
14:21:36.0611 5508  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
14:21:36.0645 5508  MSDTC - ok
14:21:36.0680 5508  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:21:36.0725 5508  Msfs - ok
14:21:36.0757 5508  [ 1E00B9B8601F24A96AD71A7D0FC5F136 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:21:36.0771 5508  msisadrv - ok
14:21:36.0813 5508  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:21:36.0865 5508  MSiSCSI - ok
14:21:36.0870 5508  msiserver - ok
14:21:36.0899 5508  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:21:36.0947 5508  MSKSSRV - ok
14:21:36.0963 5508  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:21:36.0991 5508  MSPCLOCK - ok
14:21:37.0010 5508  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:21:37.0039 5508  MSPQM - ok
14:21:37.0068 5508  [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:21:37.0089 5508  MsRPC - ok
14:21:37.0100 5508  [ 215634CF935B696E3EBCA813D02E9165 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:21:37.0110 5508  mssmbios - ok
14:21:37.0143 5508  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:21:37.0172 5508  MSTEE - ok
14:21:37.0190 5508  [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup             C:\Windows\system32\Drivers\mup.sys
14:21:37.0207 5508  Mup - ok
14:21:37.0238 5508  [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent        C:\Windows\system32\qagentRT.dll
14:21:37.0269 5508  napagent - ok
14:21:37.0312 5508  [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:21:37.0359 5508  NativeWifiP - ok
14:21:37.0399 5508  [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:21:37.0420 5508  NDIS - ok
14:21:37.0457 5508  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:21:37.0491 5508  NdisTapi - ok
14:21:37.0508 5508  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:21:37.0537 5508  Ndisuio - ok
14:21:37.0574 5508  [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:21:37.0607 5508  NdisWan - ok
14:21:37.0619 5508  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:21:37.0645 5508  NDProxy - ok
14:21:37.0673 5508  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:21:37.0678 5508  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:21:37.0678 5508  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:21:37.0691 5508  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:21:37.0734 5508  NetBIOS - ok
14:21:37.0753 5508  [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
14:21:37.0799 5508  netbt - ok
14:21:37.0806 5508  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon        C:\Windows\system32\lsass.exe
14:21:37.0820 5508  Netlogon - ok
14:21:37.0847 5508  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
14:21:37.0937 5508  Netman - ok
14:21:37.0981 5508  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
14:21:38.0011 5508  netprofm - ok
14:21:38.0048 5508  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:21:38.0069 5508  NetTcpPortSharing - ok
14:21:38.0212 5508  [ E559EA9138C77B5D1FDA8C558764A25F ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
14:21:38.0669 5508  NETw5v32 - ok
14:21:38.0698 5508  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:21:38.0714 5508  nfrd960 - ok
14:21:38.0750 5508  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:21:38.0795 5508  NlaSvc - ok
14:21:38.0860 5508  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess       C:\Program Files\CDBurnerXP\NMSAccessU.exe
14:21:38.0867 5508  NMSAccess - ok
14:21:38.0882 5508  [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:21:38.0920 5508  Npfs - ok
14:21:38.0936 5508  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
14:21:38.0964 5508  nsi - ok
14:21:38.0973 5508  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:21:39.0013 5508  nsiproxy - ok
14:21:39.0062 5508  [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:21:39.0183 5508  Ntfs - ok
14:21:39.0200 5508  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
14:21:39.0249 5508  ntrigdigi - ok
14:21:39.0274 5508  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
14:21:39.0302 5508  Null - ok
14:21:39.0329 5508  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:21:39.0347 5508  nvraid - ok
14:21:39.0370 5508  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:21:39.0386 5508  nvstor - ok
14:21:39.0400 5508  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:21:39.0419 5508  nv_agp - ok
14:21:39.0424 5508  NwlnkFlt - ok
14:21:39.0431 5508  NwlnkFwd - ok
14:21:39.0514 5508  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:21:39.0562 5508  odserv - ok
14:21:39.0590 5508  [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
14:21:39.0640 5508  ohci1394 - ok
14:21:39.0677 5508  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:21:39.0696 5508  ose - ok
14:21:39.0754 5508  [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
14:21:39.0867 5508  p2pimsvc - ok
14:21:39.0881 5508  [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:21:39.0928 5508  p2psvc - ok
14:21:39.0954 5508  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
14:21:40.0025 5508  Parport - ok
14:21:40.0050 5508  [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:21:40.0067 5508  partmgr - ok
14:21:40.0086 5508  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
14:21:40.0133 5508  Parvdm - ok
14:21:40.0157 5508  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:21:40.0189 5508  PcaSvc - ok
14:21:40.0205 5508  [ ECA39351296D905BAA4FA3244C152B00 ] pci             C:\Windows\system32\drivers\pci.sys
14:21:40.0227 5508  pci - ok
14:21:40.0239 5508  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
14:21:40.0254 5508  pciide - ok
14:21:40.0281 5508  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:21:40.0303 5508  pcmcia - ok
14:21:40.0344 5508  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:21:40.0438 5508  PEAUTH - ok
14:21:40.0507 5508  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
14:21:40.0623 5508  pla - ok
14:21:40.0649 5508  [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:21:40.0688 5508  PlugPlay - ok
14:21:40.0739 5508  [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:21:40.0759 5508  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:21:40.0759 5508  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:21:40.0788 5508  [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
14:21:40.0815 5508  PNRPAutoReg - ok
14:21:40.0877 5508  [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
14:21:40.0918 5508  PNRPsvc - ok
14:21:40.0980 5508  [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:21:41.0092 5508  PolicyAgent - ok
14:21:41.0149 5508  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:21:41.0193 5508  PptpMiniport - ok
14:21:41.0219 5508  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
14:21:41.0251 5508  Processor - ok
14:21:41.0282 5508  [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:21:41.0319 5508  ProfSvc - ok
14:21:41.0339 5508  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:21:41.0363 5508  ProtectedStorage - ok
14:21:41.0394 5508  [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
14:21:41.0434 5508  PSched - ok
14:21:41.0454 5508  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
14:21:41.0472 5508  PxHelp20 - ok
14:21:41.0542 5508  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:21:41.0654 5508  ql2300 - ok
14:21:41.0676 5508  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:21:41.0694 5508  ql40xx - ok
14:21:41.0741 5508  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
14:21:41.0792 5508  QWAVE - ok
14:21:41.0810 5508  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:21:41.0835 5508  QWAVEdrv - ok
14:21:41.0854 5508  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:21:41.0899 5508  RasAcd - ok
14:21:41.0924 5508  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
14:21:41.0958 5508  RasAuto - ok
14:21:41.0978 5508  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:21:42.0010 5508  Rasl2tp - ok
14:21:42.0025 5508  [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan          C:\Windows\System32\rasmans.dll
14:21:42.0055 5508  RasMan - ok
14:21:42.0074 5508  [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:21:42.0104 5508  RasPppoe - ok
14:21:42.0122 5508  [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:21:42.0153 5508  RasSstp - ok
14:21:42.0188 5508  [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:21:42.0225 5508  rdbss - ok
14:21:42.0239 5508  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:21:42.0279 5508  RDPCDD - ok
14:21:42.0314 5508  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
14:21:42.0354 5508  rdpdr - ok
14:21:42.0359 5508  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:21:42.0406 5508  RDPENCDD - ok
14:21:42.0434 5508  [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:21:42.0469 5508  RDPWD - ok
14:21:42.0509 5508  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:21:42.0547 5508  RemoteAccess - ok
14:21:42.0573 5508  [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:21:42.0627 5508  RemoteRegistry - ok
14:21:42.0644 5508  [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
14:21:42.0679 5508  rimmptsk - ok
14:21:42.0710 5508  [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
14:21:42.0751 5508  rimsptsk - ok
14:21:42.0757 5508  [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
14:21:42.0803 5508  rismxdp - ok
14:21:42.0827 5508  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
14:21:42.0867 5508  RpcLocator - ok
14:21:42.0899 5508  [ 301AE00E12408650BADDC04DBC832830 ] RpcSs           C:\Windows\system32\rpcss.dll
14:21:42.0939 5508  RpcSs - ok
14:21:42.0982 5508  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:21:43.0013 5508  rspndr - ok
14:21:43.0039 5508  [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
14:21:43.0093 5508  RTL8169 - ok
14:21:43.0107 5508  [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs           C:\Windows\system32\lsass.exe
14:21:43.0120 5508  SamSs - ok
14:21:43.0145 5508  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:21:43.0162 5508  sbp2port - ok
14:21:43.0201 5508  [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:21:43.0248 5508  SCardSvr - ok
14:21:43.0292 5508  [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule        C:\Windows\system32\schedsvc.dll
14:21:43.0354 5508  Schedule - ok
14:21:43.0368 5508  [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:21:43.0393 5508  SCPolicySvc - ok
14:21:43.0414 5508  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
14:21:43.0460 5508  sdbus - ok
14:21:43.0481 5508  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:21:43.0527 5508  SDRSVC - ok
14:21:43.0546 5508  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:21:43.0605 5508  secdrv - ok
14:21:43.0621 5508  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
14:21:43.0654 5508  seclogon - ok
14:21:43.0663 5508  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
14:21:43.0705 5508  SENS - ok
14:21:43.0732 5508  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:21:43.0782 5508  Serenum - ok
14:21:43.0798 5508  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
14:21:43.0850 5508  Serial - ok
14:21:43.0866 5508  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:21:43.0896 5508  sermouse - ok
14:21:43.0934 5508  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:21:43.0961 5508  SessionEnv - ok
14:21:43.0978 5508  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
14:21:44.0001 5508  sffdisk - ok
14:21:44.0021 5508  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:21:44.0050 5508  sffp_mmc - ok
14:21:44.0071 5508  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
14:21:44.0099 5508  sffp_sd - ok
14:21:44.0106 5508  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:21:44.0175 5508  sfloppy - ok
14:21:44.0212 5508  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:21:44.0275 5508  SharedAccess - ok
14:21:44.0313 5508  [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:21:44.0366 5508  ShellHWDetection - ok
14:21:44.0383 5508  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
14:21:44.0401 5508  sisagp - ok
14:21:44.0411 5508  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
14:21:44.0427 5508  SiSRaid2 - ok
14:21:44.0447 5508  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:21:44.0464 5508  SiSRaid4 - ok
14:21:44.0544 5508  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:21:44.0553 5508  SkypeUpdate - ok
14:21:44.0638 5508  [ 0BA91E1358AD25236863039BB2609A2E ] slsvc           C:\Windows\system32\SLsvc.exe
14:21:44.0822 5508  slsvc - ok
14:21:44.0841 5508  [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
14:21:44.0875 5508  SLUINotify - ok
14:21:44.0920 5508  [ 8EB3988C74FD9D0E0934977E36B5F9E6 ] SmartFaceVWatchSrv C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
14:21:44.0933 5508  SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - warning
14:21:44.0933 5508  SmartFaceVWatchSrv - detected UnsignedFile.Multi.Generic (1)
14:21:44.0967 5508  [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:21:45.0012 5508  Smb - ok
14:21:45.0029 5508  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:21:45.0043 5508  SNMPTRAP - ok
14:21:45.0057 5508  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
14:21:45.0073 5508  spldr - ok
14:21:45.0101 5508  [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler         C:\Windows\System32\spoolsv.exe
14:21:45.0143 5508  Spooler - ok
14:21:45.0187 5508  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\Windows\system32\Drivers\sptd.sys
14:21:45.0188 5508  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
14:21:45.0190 5508  sptd ( LockedFile.Multi.Generic ) - warning
14:21:45.0190 5508  sptd - detected LockedFile.Multi.Generic (1)
14:21:45.0225 5508  [ 2252AEF839B1093D16761189F45AF885 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:21:45.0279 5508  srv - ok
14:21:45.0328 5508  [ B7FF59408034119476B00A81BB53D5D1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:21:45.0384 5508  srv2 - ok
14:21:45.0417 5508  [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:21:45.0453 5508  srvnet - ok
14:21:45.0484 5508  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:21:45.0523 5508  SSDPSRV - ok
14:21:45.0558 5508  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
14:21:45.0570 5508  ssmdrv - ok
14:21:45.0590 5508  [ EF3458337D7341A05169CEFC73709264 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
14:21:45.0615 5508  SSPORT ( UnsignedFile.Multi.Generic ) - warning
14:21:45.0615 5508  SSPORT - detected UnsignedFile.Multi.Generic (1)
14:21:45.0641 5508  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:21:45.0673 5508  SstpSvc - ok
14:21:45.0727 5508  [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
14:21:45.0742 5508  StarOpen ( UnsignedFile.Multi.Generic ) - warning
14:21:45.0742 5508  StarOpen - detected UnsignedFile.Multi.Generic (1)
14:21:45.0772 5508  [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc          C:\Windows\System32\wiaservc.dll
14:21:45.0797 5508  stisvc - ok
14:21:45.0831 5508  [ 97E089971A6ABA49AD5592BD6298E416 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:21:45.0845 5508  swenum - ok
14:21:45.0865 5508  [ B36C7CDB86F7F7A8E884479219766950 ] swprv           C:\Windows\System32\swprv.dll
14:21:45.0922 5508  swprv - ok
14:21:45.0945 5508  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
14:21:45.0960 5508  Symc8xx - ok
14:21:45.0973 5508  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
14:21:45.0987 5508  Sym_hi - ok
14:21:46.0006 5508  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
14:21:46.0021 5508  Sym_u3 - ok
14:21:46.0047 5508  [ 55F6E55CC2430CA8713387106FA79817 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:21:46.0067 5508  SynTP - ok
14:21:46.0093 5508  [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain         C:\Windows\system32\sysmain.dll
14:21:46.0197 5508  SysMain - ok
14:21:46.0218 5508  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:21:46.0258 5508  TabletInputService - ok
14:21:46.0274 5508  [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:21:46.0318 5508  TapiSrv - ok
14:21:46.0335 5508  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
14:21:46.0374 5508  TBS - ok
14:21:46.0420 5508  [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:21:46.0486 5508  Tcpip - ok
14:21:46.0505 5508  [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
14:21:46.0547 5508  Tcpip6 - ok
14:21:46.0573 5508  [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:21:46.0620 5508  tcpipreg - ok
14:21:46.0663 5508  [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
14:21:46.0701 5508  tdcmdpst - ok
14:21:46.0717 5508  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:21:46.0761 5508  TDPIPE - ok
14:21:46.0783 5508  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:21:46.0827 5508  TDTCP - ok
14:21:46.0841 5508  [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:21:46.0888 5508  tdx - ok
14:21:46.0948 5508  [ CE0B5D587839614A16480D7B8395FFE9 ] TempoMonitoringService C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
14:21:46.0956 5508  TempoMonitoringService - ok
14:21:46.0969 5508  [ 718B2F4355CD8EB2844741ADDAC0E622 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:21:46.0986 5508  TermDD - ok
14:21:47.0031 5508  [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService     C:\Windows\System32\termsrv.dll
14:21:47.0068 5508  TermService - ok
14:21:47.0100 5508  Texis Monitor - ok
14:21:47.0165 5508  [ F6B82925BC410C0A7DDE5F5FFF0EDE3D ] TGCM_ImportWiFiSvc C:\Program Files\Movistar\Escritorio Movistar\ImpWiFiSvc.exe
14:21:47.0171 5508  TGCM_ImportWiFiSvc ( UnsignedFile.Multi.Generic ) - warning
14:21:47.0171 5508  TGCM_ImportWiFiSvc - detected UnsignedFile.Multi.Generic (1)
14:21:47.0193 5508  [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes          C:\Windows\system32\shsvcs.dll
14:21:47.0210 5508  Themes - ok
14:21:47.0225 5508  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:21:47.0252 5508  THREADORDER - ok
14:21:47.0279 5508  [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv        C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
14:21:47.0288 5508  TNaviSrv - ok
14:21:47.0319 5508  [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
14:21:47.0331 5508  TODDSrv - ok
14:21:47.0376 5508  [ DA6903958CBDC091FFCBBCA70CCFF34C ] TosCoSrv        C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
14:21:47.0391 5508  TosCoSrv - ok
14:21:47.0432 5508  [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
14:21:47.0448 5508  TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
14:21:47.0448 5508  TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
14:21:47.0453 5508  Tosrfcom - ok
14:21:47.0466 5508  [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec         C:\Windows\system32\DRIVERS\tosrfec.sys
14:21:47.0509 5508  tosrfec - ok
14:21:47.0558 5508  [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32       C:\Windows\system32\DRIVERS\tos_sps32.sys
14:21:47.0590 5508  tos_sps32 - ok
14:21:47.0623 5508  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
14:21:47.0652 5508  TrkWks - ok
14:21:47.0720 5508  [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:21:47.0763 5508  TrustedInstaller - ok
14:21:47.0782 5508  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:21:47.0822 5508  tssecsrv - ok
14:21:47.0837 5508  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
14:21:47.0866 5508  tunmp - ok
14:21:47.0898 5508  [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:21:47.0911 5508  tunnel - ok
14:21:47.0948 5508  [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ           C:\Windows\system32\DRIVERS\TVALZ_O.SYS
14:21:47.0960 5508  TVALZ - ok
14:21:48.0006 5508  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:21:48.0023 5508  uagp35 - ok
14:21:48.0041 5508  [ C985B36E127EA9B8A92396120BFF52D8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:21:48.0099 5508  udfs - ok
14:21:48.0139 5508  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:21:48.0180 5508  UI0Detect - ok
14:21:48.0254 5508  [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
14:21:48.0260 5508  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
14:21:48.0260 5508  UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
14:21:48.0279 5508  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:21:48.0296 5508  uliagpkx - ok
14:21:48.0328 5508  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
14:21:48.0351 5508  uliahci - ok
14:21:48.0374 5508  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
14:21:48.0392 5508  UlSata - ok
14:21:48.0411 5508  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
14:21:48.0430 5508  ulsata2 - ok
14:21:48.0451 5508  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:21:48.0496 5508  umbus - ok
14:21:48.0522 5508  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
14:21:48.0552 5508  upnphost - ok
14:21:48.0604 5508  [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:21:48.0636 5508  usbaudio - ok
14:21:48.0666 5508  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:21:48.0691 5508  usbccgp - ok
14:21:48.0718 5508  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:21:48.0771 5508  usbcir - ok
14:21:48.0798 5508  [ CEBE90821810E76320155BEBA722FCF9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:21:48.0828 5508  usbehci - ok
14:21:48.0842 5508  [ CC6B28E4CE39951357963119CE47B143 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:21:48.0880 5508  usbhub - ok
14:21:48.0903 5508  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:21:48.0950 5508  usbohci - ok
14:21:48.0984 5508  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:21:49.0035 5508  usbprint - ok
14:21:49.0080 5508  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:21:49.0104 5508  usbscan - ok
14:21:49.0129 5508  [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:21:49.0161 5508  USBSTOR - ok
14:21:49.0169 5508  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:21:49.0194 5508  usbuhci - ok
14:21:49.0216 5508  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:21:49.0258 5508  usbvideo - ok
14:21:49.0280 5508  [ 237C444FBD1C697A2E3FA60F02C61F22 ] UVCFTR          C:\Windows\system32\Drivers\UVCFTR_S.SYS
14:21:49.0292 5508  UVCFTR - ok
14:21:49.0325 5508  [ 032A0ACC3909AE7215D524E29D536797 ] UxSms           C:\Windows\System32\uxsms.dll
14:21:49.0354 5508  UxSms - ok
14:21:49.0380 5508  [ B13BC395B9D6116628F5AF47E0802AC4 ] vds             C:\Windows\System32\vds.exe
14:21:49.0465 5508  vds - ok
14:21:49.0489 5508  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:21:49.0536 5508  vga - ok
14:21:49.0548 5508  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:21:49.0590 5508  VgaSave - ok
14:21:49.0628 5508  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
14:21:49.0645 5508  viaagp - ok
14:21:49.0660 5508  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
14:21:49.0695 5508  ViaC7 - ok
14:21:49.0714 5508  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
14:21:49.0728 5508  viaide - ok
14:21:49.0749 5508  [ BDD98BBE7323FC0975A26373D8050471 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:21:49.0765 5508  volmgr - ok
14:21:49.0776 5508  [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:21:49.0801 5508  volmgrx - ok
14:21:49.0813 5508  [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:21:49.0845 5508  volsnap - ok
14:21:49.0882 5508  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:21:49.0901 5508  vsmraid - ok
14:21:49.0954 5508  [ D5FB73D19C46ADE183F968E13F186B23 ] VSS             C:\Windows\system32\vssvc.exe
14:21:50.0132 5508  VSS - ok
14:21:50.0154 5508  [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time         C:\Windows\system32\w32time.dll
14:21:50.0199 5508  W32Time - ok
14:21:50.0225 5508  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:21:50.0273 5508  WacomPen - ok
14:21:50.0294 5508  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:21:50.0338 5508  Wanarp - ok
14:21:50.0345 5508  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:21:50.0370 5508  Wanarpv6 - ok
14:21:50.0395 5508  [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:21:50.0465 5508  wcncsvc - ok
14:21:50.0498 5508  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:21:50.0525 5508  WcsPlugInService - ok
14:21:50.0542 5508  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
14:21:50.0556 5508  Wd - ok
14:21:50.0588 5508  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:21:50.0636 5508  Wdf01000 - ok
14:21:50.0650 5508  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:21:50.0693 5508  WdiServiceHost - ok
14:21:50.0698 5508  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:21:50.0727 5508  WdiSystemHost - ok
14:21:50.0748 5508  [ CF9A5F41789B642DB967021DE06A2713 ] WebClient       C:\Windows\System32\webclnt.dll
14:21:50.0772 5508  WebClient - ok
14:21:50.0813 5508  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:21:50.0856 5508  Wecsvc - ok
14:21:50.0879 5508  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:21:50.0911 5508  wercplsupport - ok
14:21:50.0945 5508  [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:21:50.0963 5508  WerSvc - ok
14:21:51.0052 5508  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
14:21:51.0066 5508  WinDefend - ok
14:21:51.0073 5508  WinHttpAutoProxySvc - ok
14:21:51.0137 5508  [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:21:51.0171 5508  Winmgmt - ok
14:21:51.0222 5508  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:21:51.0408 5508  WinRM - ok
14:21:51.0486 5508  [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:21:51.0561 5508  Wlansvc - ok
14:21:51.0590 5508  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:21:51.0624 5508  WmiAcpi - ok
14:21:51.0662 5508  [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:21:51.0713 5508  wmiApSrv - ok
14:21:51.0792 5508  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
14:21:51.0893 5508  WMPNetworkSvc - ok
14:21:51.0925 5508  [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:21:51.0973 5508  WPCSvc - ok
14:21:51.0988 5508  [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:21:52.0027 5508  WPDBusEnum - ok
14:21:52.0079 5508  [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
14:21:52.0111 5508  WpdUsb - ok
14:21:52.0214 5508  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:21:52.0264 5508  WPFFontCache_v0400 - ok
14:21:52.0294 5508  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:21:52.0322 5508  ws2ifsl - ok
14:21:52.0341 5508  [ 683DD16B590372F2C9661D277F35E49C ] wscsvc          C:\Windows\System32\wscsvc.dll
14:21:52.0357 5508  wscsvc - ok
14:21:52.0365 5508  WSearch - ok
14:21:52.0444 5508  [ 6298277B73C77FA99106B271A7525163 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:21:52.0552 5508  wuauserv - ok
14:21:52.0569 5508  [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:21:52.0603 5508  WUDFRd - ok
14:21:52.0612 5508  [ 575A4190D989F64732119E4114045A4F ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:21:52.0657 5508  wudfsvc - ok
14:21:52.0698 5508  ================ Scan global ===============================
14:21:52.0729 5508  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:21:52.0776 5508  [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
14:21:52.0809 5508  [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
14:21:52.0841 5508  [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
14:21:52.0847 5508  [Global] - ok
14:21:52.0848 5508  ================ Scan MBR ==================================
14:21:52.0857 5508  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:21:53.0429 5508  \Device\Harddisk0\DR0 - ok
14:21:53.0429 5508  ================ Scan VBR ==================================
14:21:53.0433 5508  [ BFEC8C3B2E835C252F756C03A4D5405F ] \Device\Harddisk0\DR0\Partition1
14:21:53.0435 5508  \Device\Harddisk0\DR0\Partition1 - ok
14:21:53.0465 5508  [ 8792BA92133463EC91E86C70FDEC51CE ] \Device\Harddisk0\DR0\Partition2
14:21:53.0467 5508  \Device\Harddisk0\DR0\Partition2 - ok
14:21:53.0467 5508  ============================================================
14:21:53.0467 5508  Scan finished
14:21:53.0467 5508  ============================================================
14:21:53.0478 5420  Detected object count: 15
14:21:53.0478 5420  Actual detected object count: 15
14:22:16.0452 5420  ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0452 5420  ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0454 5420  cvintdrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0454 5420  cvintdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0456 5420  CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0457 5420  CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0457 5420  DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0457 5420  DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0461 5420  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0461 5420  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0461 5420  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0462 5420  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0464 5420  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0464 5420  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0466 5420  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0466 5420  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0468 5420  SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0468 5420  SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0470 5420  sptd ( LockedFile.Multi.Generic ) - skipped by user
14:22:16.0470 5420  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0472 5420  SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0472 5420  SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0474 5420  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0474 5420  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0476 5420  TGCM_ImportWiFiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0476 5420  TGCM_ImportWiFiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0478 5420  TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0479 5420  TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:22:16.0481 5420  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
14:22:16.0481 5420  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 21.01.2013, 14:20   #6
markusg
/// Malware-holic
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



Hi,
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert

Alt 22.01.2013, 10:13   #7
stefan_com
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



Hallo,

Combofix ausgeführt ohne Probleme. Anbei das Log-File:

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-01-21.04 - Stefan 22.01.2013  10:54:27.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.43.1031.18.2939.1635 [GMT 1:00]
ausgeführt von:: c:\users\Stefan\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\A1
c:\program files\A1\A1 Breitband\A1Breitband.chm
c:\program files\A1\A1 Breitband\A1Breitband.exe
c:\program files\A1\A1 Breitband\Browser\FF_Setup.exe
c:\program files\A1\A1 Breitband\inifiles.dat
c:\program files\A1\A1 Breitband\ipworks6.dll
c:\program files\A1\A1 Breitband\M2Updater.exe
c:\program files\A1\A1 Breitband\Setup\Setup_A1Dashboard.exe
c:\program files\A1\A1 Servicecenter\A1Servicecenter.chm
c:\program files\A1\A1 Servicecenter\A1Servicecenter.exe
c:\program files\A1\A1 Servicecenter\Content\broadband.html
c:\program files\A1\A1 Servicecenter\Content\cd_index.html
c:\program files\A1\A1 Servicecenter\Content\cd_more.html
c:\program files\A1\A1 Servicecenter\Content\fonts\a1ta_medium_web01-webfont.ttf
c:\program files\A1\A1 Servicecenter\Content\fonts\a1ta_regular_web01-webfont.ttf
c:\program files\A1\A1 Servicecenter\Content\img\01a_a1_breitband_200x300.png
c:\program files\A1\A1 Servicecenter\Content\img\01a_weitere_services.png
c:\program files\A1\A1 Servicecenter\Content\img\01a_wlan_einrichten.png
c:\program files\A1\A1 Servicecenter\Content\img\02a_a1_breitband_installieren_200x366.png
c:\program files\A1\A1 Servicecenter\Content\img\02a_modemkonfigurationssoftware.png
c:\program files\A1\A1 Servicecenter\Content\img\02a_modemwechselsoftware.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_breitband_unterwegs.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_breitband_zuhause.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_hinzufuegen.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_installation.png
c:\program files\A1\A1 Servicecenter\Content\img\02b_wiederherstellen.png
c:\program files\A1\A1 Servicecenter\Content\img\03_zusaetzliche_wlan_geraete.png
c:\program files\A1\A1 Servicecenter\Content\img\03_zusaetzliche_wlan_sicherheitseinstellungen.png
c:\program files\A1\A1 Servicecenter\Content\img\1x1_white_15.png
c:\program files\A1\A1 Servicecenter\Content\img\AdobeX_48x48.png
c:\program files\A1\A1 Servicecenter\Content\img\back.gif
c:\program files\A1\A1 Servicecenter\Content\img\bg_box_big.png
c:\program files\A1\A1 Servicecenter\Content\img\bg_box_small.png
c:\program files\A1\A1 Servicecenter\Content\img\bg_overlay.png
c:\program files\A1\A1 Servicecenter\Content\img\box_arrow_down.png
c:\program files\A1\A1 Servicecenter\Content\img\box_arrow_right.png
c:\program files\A1\A1 Servicecenter\Content\img\btn_close.png
c:\program files\A1\A1 Servicecenter\Content\img\FF_48x48.png
c:\program files\A1\A1 Servicecenter\Content\img\footer_trenner.gif
c:\program files\A1\A1 Servicecenter\Content\img\icon_warning.gif
c:\program files\A1\A1 Servicecenter\Content\img\IE_48x48.png
c:\program files\A1\A1 Servicecenter\Content\img\link_active_center.png
c:\program files\A1\A1 Servicecenter\Content\img\link_active_left.png
c:\program files\A1\A1 Servicecenter\Content\img\link_active_right.png
c:\program files\A1\A1 Servicecenter\Content\img\link_arrow.gif
c:\program files\A1\A1 Servicecenter\Content\img\link_arrow_back.gif
c:\program files\A1\A1 Servicecenter\Content\img\link_inactive_center.png
c:\program files\A1\A1 Servicecenter\Content\img\link_inactive_left.png
c:\program files\A1\A1 Servicecenter\Content\img\link_inactive_right.png
c:\program files\A1\A1 Servicecenter\Content\img\loader.gif
c:\program files\A1\A1 Servicecenter\Content\img\logo.jpg
c:\program files\A1\A1 Servicecenter\Content\img\logo_chrome_150.png
c:\program files\A1\A1 Servicecenter\Content\img\logo_chrome_48.png
c:\program files\A1\A1 Servicecenter\Content\img\logo_glas_48.png
c:\program files\A1\A1 Servicecenter\Content\img\logo_kabel_48.png
c:\program files\A1\A1 Servicecenter\Content\img\mm_icon_48x48.png
c:\program files\A1\A1 Servicecenter\Content\img\warning_bl.gif
c:\program files\A1\A1 Servicecenter\Content\img\warning_br.gif
c:\program files\A1\A1 Servicecenter\Content\img\warning_tl.gif
c:\program files\A1\A1 Servicecenter\Content\img\warning_tr.gif
c:\program files\A1\A1 Servicecenter\Content\includes\main.css
c:\program files\A1\A1 Servicecenter\Content\includes\main.js
c:\program files\A1\A1 Servicecenter\Content\index.html
c:\program files\A1\A1 Servicecenter\Content\more.html
c:\program files\A1\A1 Servicecenter\Content\wlan.html
c:\program files\A1\A1 Servicecenter\icudt42.dll
c:\program files\A1\A1 Servicecenter\libcef.dll
c:\program files\A1\A1 Servicecenter\M2Updater.exe
c:\program files\A1\A1 Servicecenter\reqdata.cfg
c:\program files\A1\A1 Servicecenter\Start.exe
c:\program files\A1\A1 Servicecenter\Start.ini
c:\program files\A1\A1 Webassistent\A1Breitband.chm
c:\program files\A1\A1 Webassistent\A1Breitband.exe
c:\program files\A1\A1 Webassistent\A1CMDTool.exe
c:\program files\A1\A1 Webassistent\A1Mailboxen.exe
c:\program files\A1\A1 Webassistent\A1Modemkonfigurator.exe
c:\program files\A1\A1 Webassistent\A1Webassistent.chm
c:\program files\A1\A1 Webassistent\A1Webassistent.exe
c:\program files\A1\A1 Webassistent\A1WLANAssistent.exe
c:\program files\A1\A1 Webassistent\inifiles.dat
c:\program files\A1\A1 Webassistent\ipworks6.dll
c:\program files\A1\A1 Webassistent\KCO.exe
c:\program files\A1\A1 Webassistent\M2Updater.exe
c:\programdata\tmp47E9.tmp
c:\programdata\tmp7C93.tmp
c:\programdata\tmpE86C.tmp
c:\programdata\ucekgypa.exe
c:\users\Stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\mxfilerelatedcache.mxc2
c:\users\Stefan\Favorites\mxfilerelatedcache.mxc2
c:\windows\system32\pt
c:\windows\system32\pt\toscdspd.cpl.mui
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-22 bis 2013-01-22  ))))))))))))))))))))))))))))))
.
.
2013-01-22 10:04 . 2013-01-22 10:04	--------	d-----w-	c:\users\Stefan\AppData\Local\temp
2013-01-22 10:04 . 2013-01-22 10:04	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-22 07:55 . 2013-01-08 04:57	6991832	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F51DD24E-D1BD-499E-9CD0-D54C7C003BA0}\mpengine.dll
2013-01-20 22:48 . 2013-01-20 16:58	--------	d-----w-	C:\_OTL
2013-01-20 22:48 . 2011-07-13 02:55	2237440	----a-r-	C:\OTLPE.exe
2013-01-17 16:58 . 2013-01-17 16:58	--------	d-----w-	c:\users\Stefan\AppData\Roaming\MathWorks
2013-01-17 16:49 . 2004-03-01 21:05	407104	----a-w-	c:\windows\system32\MSHFLXGD.OCX
2013-01-17 16:49 . 2004-02-11 13:37	203976	----a-w-	c:\windows\system32\RICHTX32.OCX
2013-01-17 16:30 . 2013-01-17 16:30	--------	d-----w-	c:\program files\MATLAB
2013-01-17 15:24 . 2013-01-17 16:12	--------	d-----w-	c:\users\Stefan\AppData\Roaming\Free Download Manager
2013-01-17 15:24 . 2013-01-17 15:24	--------	d-----w-	c:\program files\Free Download Manager
2012-12-23 12:33 . 2012-12-23 12:33	--------	d-----w-	c:\users\Stefan\AppData\Roaming\SenselessTV
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-13 20:29 . 2012-11-13 20:29	354216	----a-w-	c:\windows\system32\DivXControlPanelApplet.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{991D97B8-F0D8-4EA1-9100-7A65EA2D3A63}]
2012-08-28 06:53	84840	----a-w-	c:\users\Stefan\AppData\Roaming\SenselessTV\bho.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 09:49	176936	----a-w-	c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Winsweep"="c:\users\Stefan\AppData\Roaming\WinSweep\WinSweep.exe" [2010-04-28 862720]
"Spotify Web Helper"="c:\users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-21 1199576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"NDSTray.exe"="NDSTray.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe" [2003-11-27 733184]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2009-08-15 614400]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=c:\windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16	39792	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57	369200	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2012-11-30 02:06	1263512	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
2008-05-28 11:40	20480	----a-w-	c:\program files\Google\Google EULA\GoogleEULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36	30040	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2010-02-22 09:40	207504	----a-w-	c:\program files\pdf24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Toshiba Registration"=c:\program files\Toshiba\Registration\ToshibaRegistration.exe
"topi"=c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
"Toshiba TEMPO"=c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-29 10:58]
.
2013-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-29 10:58]
.
2013-01-22 c:\windows\Tasks\MATLAB R2011b Startup Accelerator.job
- c:\program files\MATLAB\R2011b\bin\win32\MATLABStartupAccelerator.exe [2013-01-17 14:36]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Alles mit FDM herunterladen - file://c:\program files\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\program files\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\program files\Free Download Manager\dllink.htm
IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm
IE: Free YouTube Download - c:\users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm
IE: Videos mit FDM herunterladen - file://c:\program files\Free Download Manager\dlfvideo.htm
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKCU-Run-Winsweep Popupblocker - (no file)
HKLM-Run-SmoothView - c:\program files\Toshiba\SmoothView\SmoothView.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-01-22 11:04
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2013-01-22  11:07:34
ComboFix-quarantined-files.txt  2013-01-22 10:07
.
Vor Suchlauf: 9.745.731.584 Bytes frei
Nach Suchlauf: 9.674.272.768 Bytes frei
.
- - End Of File - - 333809DCE78B63629E44D790C8F93BE7
         
--- --- ---

Alt 22.01.2013, 13:51   #8
markusg
/// Malware-holic
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



Hi
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 22.01.2013, 22:52   #9
stefan_com
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



Hallo Markus,

Hab den Malwarebytes scan durchgeführt, anbei das Logfile:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.22.04

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Stefan :: STEFAN-PC [Administrator]

22.01.2013 15:46:37
mbam-log-2013-01-22 (15-46-37).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 610438
Laufzeit: 3 Stunde(n), 22 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Qoobox\Quarantine\C\ProgramData\ucekgypa.exe.vir (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Alt 23.01.2013, 13:07   #10
markusg
/// Malware-holic
 
Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Standard

Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert



Hi
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert
32 bit, 7-zip, antivir, autorun, avira, bho, browser, cdburnerxp, computer, desktop, ebay, error, excel, firefox, flash player, frage, free download, home, install.exe, jdownloader, launch, logfile, monitor.exe, nur abgesicherter modus, office 2007, officejet, realtek, registry, rundll, scan, security, software, spotify web helper, starten, trojaner, vista



Ähnliche Themen: Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert


  1. GVU Trojaner-Abgesicherter Modus mit Eingabeaufforderung funktioniert nicht
    Log-Analyse und Auswertung - 09.02.2014 (3)
  2. GVU Trojaner-Abgesicherter Modus mit Eingabeaufforderung funktioniert nicht
    Log-Analyse und Auswertung - 07.01.2014 (6)
  3. GVU Trojaner-Abgesicherter Modus mit Eingabeaufforderung funktioniert nicht
    Alles rund um Windows - 24.12.2013 (2)
  4. GVA-Trojaner mit Webcambild, abgesicherter Modus mit Eingabeaufforderung nicht möglich
    Log-Analyse und Auswertung - 10.10.2013 (9)
  5. BKA/Interpol-Trojaner - Win 7 - Nur abgesicherter Modus mit Eingabeaufforderung möglich
    Plagegeister aller Art und deren Bekämpfung - 27.08.2013 (9)
  6. GVU Virus, abgesicherter Modus mit Eingabeaufforderung funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 02.08.2013 (25)
  7. Win 7 (64): GVU/BKA Trojaner - nur abgesicherter Modus mit Eingabeaufforderung möglich
    Plagegeister aller Art und deren Bekämpfung - 01.08.2013 (15)
  8. GVU-Trojaner (abgesicherter Modus mit Eingabeaufforderung funktioniert nicht)
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (11)
  9. weißer Bildschirm, abgesicherter modus funktioniert nur mit eingabeaufforderung
    Log-Analyse und Auswertung - 07.05.2013 (17)
  10. GVU-Trojaner, PC funktioniert nur im abgesicherten Modus mit Eingabeaufforderung
    Log-Analyse und Auswertung - 28.04.2013 (23)
  11. GVU Trojaner auf Windows XP; nur Abgesicherter Modus mit Eingabeaufforderung möglich
    Plagegeister aller Art und deren Bekämpfung - 08.01.2013 (15)
  12. GVU Trojaner, nur noch abgesicherter Modus mit Eingabeaufforderung möglich
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (28)
  13. Polizei Trojaner? Abgesicherter Modus funktioniert auch nicht mehr.
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (5)
  14. Polizei-Trojaner, abgesicherter Modus funktioniert nicht
    Log-Analyse und Auswertung - 02.10.2012 (30)
  15. Polizeivirus Österreich - nur abgesicherter Modus mit Eingabeaufforderung funktioniert
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (5)
  16. Polizei-Trojaner (Österreich) - abgesicherter Modus funktioniert nicht - 2 Partitionen am Laptop
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (3)
  17. Bundespolizei Virus --> "Abgesicherter Modus mit Eingabeaufforderung" funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (7)

Zum Thema Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert - Hallo Leute, Ich habe mir vor 2 Tagen den (österr.) Polizei Trojaner eingefangen und nun kann ich meinen Computer nur mehr im abgesichterten Modus mit Eingabeaufforderung starten, ohne dass der - Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert...
Archiv
Du betrachtest: Polizei Trojaner - nur abgesicherter Modus mit Eingabeaufforderung funktioniert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.