| |
| |||||||
Log-Analyse und Auswertung: Telekom Abuse Team - generic Trojaner/VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
09.03.2015, 21:21
| #1 |
 |  Telekom Abuse Team - generic Trojaner/Virus Moin moin, es geht um das oben genannte Thema (kommt ja anscheinend öfters vor). Meine Mutter hat in letzter Zeit zwei solcher E-Mails erhalten (wobei die E-Mail Adresse im Empfang gar nicht mit ihrer @t-online.de Adresse übereinstimmt). Außerdem steht in den Details u.a. auch die Absende-Adresse mailin56.aul.t-online.de. Sie nutzt Windows Mail. Deshalb zweifel ich an sich schon die Echtheit dieser E-Mails an. Ich habe AntiVir über ihren Laptop laufen lassen und Avast Mobile über ihr Smartphone. Beide konnten nichts finden. Wie kann ich nun herausfinden, ob meine Mutti einen generic Virus auf dem Laptop hat bzw. es sicher ausschließen? Hier nochmal die E-Mail (Name in der Anschrift und Kundennummer waren auf jeden Fall richtig!): Sehr geehrte Kundin, sehr geehrter Kunde, uns liegen Hinweise von Sicherheitsexperten vor, dass mindestens ein Rechner, der sich über Ihren Internetzugang mit dem Internet verbindet, mit einem Virus/Trojaner infiziert ist. Die folgende IP-Adresse war zu dem genannten Zeitpunkt Ihnen zugeordnet: IP-Adresse: 79.227.13.189 Zeitangabe: 05.03.2015, 22:45:53 (MEZ) Infektion: generic Wir empfehlen Ihnen jetzt folgende Schritte: 1. Bitte stellen Sie sicher, dass Ihr Computer frei von Viren und Trojanern ist. Verwenden Sie hierzu bitte eine Schutzsoftware Ihrer Wahl. 2. Ändern Sie dann alle Passwörter: - das 'Persönliche Kennwort' (für die Einwahl ins Internet) - das 'Passwort' (für das E-Mail- und Kundencenter) - das 'E-Mail-Passwort' (für E-Mail Programme, wie z.B. Microsoft Outlook) für die Dienste der Deutschen Telekom. Dies können Sie zentral im Kundencenter unter https://kundencenter.telekom.de/kundencenter/kundendaten/passwoerter tätigen. Vergessen Sie nicht etwaige Passwörter für Onlinebanking, eBay, Amazon, Paypal und so weiter, falls Sie solche Dienste nutzen. 3. Bitte prüfen Sie auch die Einstellungen Ihres Computers, ob das Betriebssystem und die installierte Software aktuell sind. Die Reihenfolge ist wichtig, da die neuen Passwörter sonst direkt wieder von Dritten ausgelesen werden könnten, wenn eine vorhandene Schadsoftware nicht zuvor entfernt wurde. Wenn Sie hierbei Unterstützung benötigen, erreichen Sie uns von Montag bis Freitag von 08:00 Uhr bis 18:00 Uhr direkt unter der kostenfreien Rufnummer 0800 5544 300. Halten Sie hierzu Ihre Abuse-ID und Zugangsnummer, welche Sie im Betreff finden, bereit. Auf unserer Seite https://abusefaq.telekom.de haben wir Ihnen viele hilfreiche Tipps und Links zum Thema "Sicherheit" zusammengestellt. Wenn Sie Fragen zu unserer E-Mail haben, schreiben Sie uns an abuse@telekom.de und geben Sie dabei Ihre im Betreff genannte Zugangsnummer an. Mit freundlichen Grüßen Deutsche Telekom AG SEC-CDM / Abuse-Team T-Online-Allee 1 D-64295 Darmstadt E-Mail: abuse@telekom.de hxxp://www.t-online.de/abuse hxxp://www.telekom.de ERLEBEN, WAS VERBINDET. Die gesetzlichen Pflichtangaben finden Sie unter: www.telekom.com/pflichtangaben Große Veränderungen fangen klein an - Ressourcen schonen und nicht jede E-Mail drucken. Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und löschen Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail und der darin enthaltenen Informationen sind nicht gestattet. Vielleicht habt ihr ja eine schnelle, hilfreiche Idee. Das Problem ist, dass meine Mutti 0 Ahnung von PCs hat und ich ihr nur bis morgen Nachmittag helfen kann, da ich dann wieder abreisen muss ^^ So schlimm ist es nicht, da sie auch nichts am PC macht, außer Bilder zu speichern und mal ne Mail zu tippen. Vielen Dank vorab, Doeksn |
|
09.03.2015, 22:01
| #2 |
| /// the machine /// TB-Ausbilder    | Telekom Abuse Team - generic Trojaner/Virus Hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.03.2015, 23:00
| #3 |
| | Telekom Abuse Team - generic Trojaner/Virus So Scan wurde durchgeführt, hier die Log-Dateien:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-03-2015 01
Ran by Johanna (administrator) on JOHANNA-PC on 09-03-2015 22:54:00
Running from C:\Users\Johanna\Downloads
Loaded Profiles: Johanna (Available profiles: Johanna)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TEco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
() C:\Program Files\MP4 Player\Mp4Player.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [421888 2007-04-16] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [SVPWUTIL] => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2008-11-21] (TOSHIBA)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1011712 2009-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-04-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [468320 2009-03-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [503808 2009-03-31] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [729088 2009-03-23] (TOSHIBA Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [184320 2009-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-03-24] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1323008 2009-04-24] (TOSHIBA Corporation)
HKLM\...\Run: [TPCHWMsg] => C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe [570736 2009-04-15] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [299008 2009-05-12] (TOSHIBA CORPORATION)
HKLM\...\Run: [cfFncEnabler.exe] => C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe [16384 2009-03-24] (Toshiba Corporation)
HKLM\...\Run: [TWebCamera] => C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2513472 2009-04-16] (TOSHIBA)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [96144 2009-03-04] (Toshiba Europe GmbH)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-448599090-1542697344-2977108501-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [135680 2008-07-03] (Microsoft Corporation)
HKU\S-1-5-21-448599090-1542697344-2977108501-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files\MyDrive Connect\MyDriveConnect.exe [1792376 2014-10-03] (TomTom)
HKU\S-1-5-21-448599090-1542697344-2977108501-1000\...\Run: [MP4 Player] => C:\Program Files\MP4 Player\mp4Player.exe [772096 2008-11-06] ()
HKU\S-1-5-21-448599090-1542697344-2977108501-1000\...\MountPoints2: {e34ed5c5-13ec-11df-b537-0026222f6621} - G:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
HKU\S-1-5-21-448599090-1542697344-2977108501-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/webhp?rls=ig
HKU\S-1-5-21-448599090-1542697344-2977108501-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
SearchScopes: HKLM -> DefaultScope {D6790075-F3F5-431A-885F-682CA0F86141} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;
SearchScopes: HKLM -> {D6790075-F3F5-431A-885F-682CA0F86141} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;
SearchScopes: HKU\S-1-5-21-448599090-1542697344-2977108501-1000 -> DefaultScope {D6790075-F3F5-431A-885F-682CA0F86141} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG_deDE345
SearchScopes: HKU\S-1-5-21-448599090-1542697344-2977108501-1000 -> {06442FAE-894B-4C90-BA8D-9DD5283265F1} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-448599090-1542697344-2977108501-1000 -> {726CFF9C-FE01-48F0-B0CB-2A125231E680} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-448599090-1542697344-2977108501-1000 -> {D6790075-F3F5-431A-885F-682CA0F86141} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG_deDE345
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-13] (Oracle Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120805182421.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-13] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.)
Toolbar: HKU\S-1-5-21-448599090-1542697344-2977108501-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\eqjf5o0j.default
FF SelectedSearchEngine: Sichere Suche
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-09] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2013-04-02] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-03-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-03-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-03-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-03-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-03-05] (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\eqjf5o0j.default\Extensions\abs@avira.com [2015-03-09]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\eqjf5o0j.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-06]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-03-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-18]
FF HKLM\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files\Common Files\McAfee\SystemCore
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 camsvc; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136 2011-02-11] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [176128 2009-04-24] (TOSHIBA Corporation) [File not signed]
R2 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [73728 2009-03-17] (TOSHIBA Corporation) [File not signed]
R2 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [656752 2009-04-15] (TOSHIBA Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-05-07] (COMPAL ELECTRONIC INC.)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [22272 2009-03-18] (TOSHIBA Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [154272 2008-11-11] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-29] (Avira GmbH)
R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-03-20] (TOSHIBA Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-09 22:54 - 2015-03-09 22:55 - 00021045 _____ () C:\Users\Johanna\Downloads\FRST.txt
2015-03-09 22:53 - 2015-03-09 22:54 - 00000000 ____D () C:\FRST
2015-03-09 22:25 - 2015-03-09 22:25 - 01134592 _____ (Farbar) C:\Users\Johanna\Downloads\FRST.exe
2015-03-06 16:54 - 2015-03-06 16:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-06 15:42 - 2009-10-27 17:19 - 00001661 _____ () C:\Users\Johanna\Desktop\Windows Update.lnk
2015-03-06 09:52 - 2015-03-06 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-18 23:20 - 2014-10-15 13:38 - 06821496 _____ (TomTom International B.V.) C:\Users\Johanna\Downloads\InstallMyDriveConnect_3_3_0_1812.exe
2015-02-17 20:27 - 2015-01-23 04:00 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-17 20:27 - 2015-01-23 03:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-13 23:31 - 2014-11-26 03:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 23:18 - 2015-01-13 02:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 23:18 - 2015-01-09 01:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 23:15 - 2015-01-15 05:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 23:15 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 23:13 - 2015-02-13 23:13 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-02-13 17:55 - 2015-01-14 02:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 17:55 - 2015-01-14 02:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-13 17:55 - 2015-01-14 02:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 17:55 - 2015-01-14 02:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 17:55 - 2015-01-14 02:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 17:55 - 2015-01-14 02:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 17:55 - 2015-01-14 02:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 17:55 - 2015-01-14 02:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 17:55 - 2015-01-14 02:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 17:55 - 2015-01-14 02:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-13 17:55 - 2015-01-14 02:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-13 17:55 - 2015-01-14 02:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-13 17:55 - 2015-01-14 02:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-13 17:55 - 2015-01-14 02:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 17:55 - 2015-01-14 02:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-13 17:55 - 2015-01-14 02:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-13 17:55 - 2015-01-14 02:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 17:55 - 2015-01-14 02:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-13 17:55 - 2015-01-14 02:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-13 17:55 - 2015-01-14 02:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-09 22:18 - 2014-03-03 21:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-09 22:08 - 2009-08-17 12:34 - 01102826 _____ () C:\Windows\WindowsUpdate.log
2015-03-09 21:19 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-09 21:19 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-09 13:21 - 2006-11-02 13:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-09 13:19 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-09 01:42 - 2006-11-02 14:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-09 01:26 - 2008-01-21 08:16 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 22:04 - 2012-04-29 10:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-06 09:52 - 2014-08-08 12:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-06 09:52 - 2013-09-29 16:54 - 00000000 ____D () C:\Program Files\Avira
2015-02-18 23:20 - 2014-03-03 20:12 - 00000000 ____D () C:\Program Files\MyDrive Connect
2015-02-18 21:07 - 2006-11-02 13:52 - 00110810 _____ () C:\Windows\setupact.log
2015-02-17 20:20 - 2009-06-09 10:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-14 09:47 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-14 09:08 - 2006-11-02 13:47 - 00305216 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 23:37 - 2013-08-16 16:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 23:31 - 2006-11-02 11:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-02-13 23:16 - 2014-03-03 20:21 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-13 23:14 - 2009-06-09 10:10 - 00000000 ____D () C:\Program Files\Java
2015-02-13 23:13 - 2014-12-20 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-13 23:12 - 2014-12-20 00:35 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-02-13 23:12 - 2014-12-20 00:35 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-02-13 23:12 - 2014-12-20 00:35 - 00176552 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-02-13 23:12 - 2014-12-20 00:35 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-02-09 17:18 - 2014-03-03 21:16 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-09 17:18 - 2014-03-03 21:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-08-24 21:45 - 2014-08-24 21:45 - 0000036 ____H () C:\Users\Johanna\AppData\Roaming\swk.ini
2010-01-26 20:38 - 2010-01-27 18:33 - 0024227 _____ () C:\Users\Johanna\AppData\Roaming\UserTile.png
2009-09-18 10:33 - 2014-01-06 17:38 - 0001374 _____ () C:\Users\Johanna\AppData\Roaming\wklnhst.dat
2010-11-13 17:05 - 2014-12-11 03:00 - 0000680 _____ () C:\Users\Johanna\AppData\Local\d3d9caps.dat
2009-09-18 12:39 - 2014-12-22 17:27 - 0059904 _____ () C:\Users\Johanna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-29 16:38 - 2012-09-29 16:38 - 0017408 _____ () C:\Users\Johanna\AppData\Local\WebpageIcons.db
Some content of TEMP:
====================
C:\Users\Johanna\AppData\Local\Temp\7o-g3dze.dll
C:\Users\Johanna\AppData\Local\Temp\avgnt.exe
C:\Users\Johanna\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Johanna\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Johanna\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Johanna\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u15-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u19-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Johanna\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Johanna\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Johanna\AppData\Local\Temp\TEMPRO_2.3.1.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-09 13:27
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-03-2015 01
Ran by Johanna at 2015-03-09 22:55:50
Running from C:\Users\Johanna\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.302.105 - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{4324E4DD-C67C-A413-5C12-5DC694A99AF6}) (Version: 3.0.723.0 - ATI Technologies, Inc.)
Avira (HKLM\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP550 series Benutzerregistrierung (HKLM\...\Canon MP550 series Benutzerregistrierung) (Version: - )
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
ccc-core-static (Version: 2009.0421.2132.36832 - Ihr Firmenname) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP4 Player (HKLM\...\MP4 Player) (Version: - )
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1812 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
myphotobook 3.65 (HKLM\...\myphotobook) (Version: 3.65 - myphotobook)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC runtime (HKLM\...\{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}) (Version: 1 - Microsoft Corporation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0004 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20132 - Realtek Semiconductor Corp.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Skins (Version: 2009.0421.2132.36832 - ATI) Hidden
TeamViewer 4 (HKLM\...\TeamViewer 4) (Version: 4.1.6911 - TeamViewer GmbH)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.10 - TOSHIBA)
TOSHIBA Benutzerhandbücher (HKLM\...\{1C971EE3-B4C4-4367-9676-57549919C6CE}) (Version: 7.40 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}) (Version: 7.4.9 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.3 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.00.1.04-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.0.3.0 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.0.5.32 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.3C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.0.0.1 - TOSHIBA Corporation)
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.06.0000 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.3.2.0 - TOSHIBA Corporation)
TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 - TOSHIBA)
TOSHIBA Recovery Disk Creator Reminder (HKLM\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0017 - TOSHIBA)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.6 - TOSHIBA)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Supervisorkennwort (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.3C - TOSHIBA CORPORATION)
Toshiba TEMPRO (HKLM\...\{0D8E81A5-B61C-4360-910C-A738FD1B220A}) (Version: 2.31 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.8 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.0.1.8 - TOSHIBA Corporation)
TRORDCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.6 - TOSHIBA)
TRORDCLauncher (Version: 1.0.0.6 - TOSHIBA) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Utility Common Driver (Version: 1.0.50.22C - TOSHIBA) Hidden
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
14-01-2015 11:50:47 Windows Update
16-01-2015 00:05:06 Geplanter Prüfpunkt
19-01-2015 18:19:35 Geplanter Prüfpunkt
13-02-2015 23:13:50 Windows Update
14-02-2015 09:13:51 Windows Update
17-02-2015 20:17:37 Windows Update
17-02-2015 20:27:44 Windows Update
18-02-2015 21:09:26 Windows Update
06-03-2015 15:43:06 Windows Update
09-03-2015 17:42:03 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {15FE9FF6-B2AC-4C8A-ABD3-7296D83B427B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09] (Adobe Systems Incorporated)
Task: {618D1EB7-DC80-40D0-B519-3E33D46448C4} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Johanna => C:\Program Files\Windows Calendar\wincal.exe [2009-04-10] (Microsoft Corporation)
Task: {6229B155-7319-491A-A250-F35EABB7DD62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {9BA1EF09-F21F-4895-9315-35716D54CCB3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2009-08-17 12:39 - 2009-04-21 21:05 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-04-24 10:39 - 2009-04-24 10:39 - 00516096 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2009-01-30 21:11 - 2009-01-30 21:11 - 00073728 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2009-03-07 13:15 - 2009-03-07 13:15 - 07005496 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2008-07-14 10:37 - 2008-07-14 10:37 - 00095544 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2009-06-09 10:13 - 2006-10-10 11:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 18:08 - 2009-03-12 18:08 - 00049152 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 11:57 - 2006-10-07 11:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2006-12-01 17:55 - 2006-12-01 17:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00026488 _____ () C:\Program Files\MyDrive Connect\DeviceDetection.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00087416 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00398712 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll
2008-11-06 18:23 - 2008-11-06 18:23 - 00772096 _____ () C:\Program Files\MP4 Player\Mp4Player.exe
2009-08-17 12:40 - 2009-08-17 12:40 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-01-30 09:41 - 2009-01-30 09:41 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-08-17 12:40 - 2009-08-17 12:40 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Johanna\Documents\Anmeldung zu Fortbildungen.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-448599090-1542697344-2977108501-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Johanna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
==================== Accounts: =============================
Administrator (S-1-5-21-448599090-1542697344-2977108501-500 - Administrator - Disabled)
Gast (S-1-5-21-448599090-1542697344-2977108501-501 - Limited - Disabled)
Johanna (S-1-5-21-448599090-1542697344-2977108501-1000 - Administrator - Enabled) => C:\Users\Johanna
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/09/2015 01:21:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/09/2015 01:18:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2015 10:06:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/08/2015 01:31:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/07/2015 02:32:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3010851
Error: (03/07/2015 02:32:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3010851
Error: (03/07/2015 02:32:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/07/2015 01:40:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung iTunes.exe, Version 11.4.0.18, Zeitstempel 0x54045c47, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x3fec0e00,
Prozess-ID 0x11e4, Anwendungsstartzeit iTunes.exe0.
Error: (03/07/2015 00:55:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 148685
Error: (03/07/2015 00:55:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 148685
System errors:
=============
Error: (03/09/2015 01:21:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (03/09/2015 01:18:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (03/08/2015 10:07:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7F6316B4-4D69-4765-B0A3-B2598F2FA80A}
Error: (03/08/2015 10:06:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (03/08/2015 10:04:38 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (03/08/2015 01:31:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Notebook Performance Tuning Service (TEMPRO)
Error: (03/08/2015 01:31:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (03/07/2015 00:06:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7F6316B4-4D69-4765-B0A3-B2598F2FA80A}
Error: (03/07/2015 00:06:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Notebook Performance Tuning Service (TEMPRO)
Error: (03/07/2015 00:06:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Microsoft Office Sessions:
=========================
Error: (02/21/2010 08:53:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18326 seconds with 10860 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-09-29 17:34:59.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLKBDFLTX86\klkbdflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:58.990
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLKBDFLTX86\klkbdflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:58.678
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLKBDFLTX86\klkbdflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:58.360
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLKBDFLTX86\klkbdflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:57.781
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLMOUFLTX86\klmouflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:57.456
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLMOUFLTX86\klmouflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:57.113
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLMOUFLTX86\klmouflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:56.709
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLMOUFLTX86\klmouflt.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:55.929
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLTDIX86\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-29 17:34:55.627
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLTDIX86\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 58%
Total physical RAM: 3035.93 MB
Available physical RAM: 1266.01 MB
Total Pagefile: 6278.13 MB
Available Pagefile: 4309.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.14 MB
==================== Drives ================================
Drive c: (Vista) (Fixed) (Total:186.31 GB) (Free:57.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:184.84 GB) (Free:171 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 372.6 GB) (Disk ID: 7878FC96)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=184.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
10.03.2015, 19:36
| #4 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team - generic Trojaner/Virus hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.03.2015, 20:51
| #5 |
| | Telekom Abuse Team - generic Trojaner/Virus Guten Abend, vielen Dank für die weitere Antwort. Ich habe das erste Programm 1 Mal durchlaufen lassen (Ergebnis steht noch aus, da ich dann abreisen musste). Ich werde das Verfahren nächste Woche Freitag fortführen, da meine Mutter das alleine eher nicht hinbekommen wird. Mittlerweile hat sie von der Telekom auch eine postalische Nachricht bekommen, von daher scheint die Warnung wohl doch echt zu sein :-/ |
|
17.03.2015, 10:02
| #6 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team - generic Trojaner/Virus ok 
__________________ --> Telekom Abuse Team - generic Trojaner/Virus |
|
27.03.2015, 19:45
| #7 |
| | Telekom Abuse Team - generic Trojaner/Virus so moin moin =) malware lief nun 2 mal durch, hat nichts gefunden. tds werde ich am sonntag mittag starten. hier noch die beiden logs: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.13.04
rootkit: v2015.02.25.01
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Johanna :: JOHANNA-PC [administrator]
13.03.2015 11:06:42
mbar-log-2015-03-13 (11-06-42).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 327921
Time elapsed: 43 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.27.08
rootkit: v2015.03.26.01
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Johanna :: JOHANNA-PC [administrator]
27.03.2015 18:51:11
mbar-log-2015-03-27 (18-51-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 331651
Time elapsed: 44 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
28.03.2015, 03:34
| #8 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team - generic Trojaner/Virus alles klar
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.03.2015, 13:53
| #9 |
| | Telekom Abuse Team - generic Trojaner/Virus So der TDSSKiller hat auch nichts gefunden. Ist doch alles in Ordnung oder gibt es nochn Programm? =) Code:
ATTFilter 14:42:46.0132 0x16a8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:42:51.0175 0x16a8 ============================================================
14:42:51.0175 0x16a8 Current date / time: 2015/03/29 14:42:51.0175
14:42:51.0175 0x16a8 SystemInfo:
14:42:51.0175 0x16a8
14:42:51.0175 0x16a8 OS Version: 6.0.6002 ServicePack: 2.0
14:42:51.0175 0x16a8 Product type: Workstation
14:42:51.0175 0x16a8 ComputerName: JOHANNA-PC
14:42:51.0176 0x16a8 UserName: Johanna
14:42:51.0176 0x16a8 Windows directory: C:\Windows
14:42:51.0176 0x16a8 System windows directory: C:\Windows
14:42:51.0176 0x16a8 Processor architecture: Intel x86
14:42:51.0176 0x16a8 Number of processors: 2
14:42:51.0176 0x16a8 Page size: 0x1000
14:42:51.0176 0x16a8 Boot type: Normal boot
14:42:51.0176 0x16a8 ============================================================
14:42:51.0993 0x16a8 KLMD registered as C:\Windows\system32\drivers\05707541.sys
14:42:52.0527 0x16a8 System UUID: {AEB1DA4D-7120-6BA0-C1C6-CC50F6A23A62}
14:42:53.0717 0x16a8 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 ( 372.61 Gb ), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:42:53.0719 0x16a8 ============================================================
14:42:53.0719 0x16a8 \Device\Harddisk0\DR0:
14:42:53.0719 0x16a8 MBR partitions:
14:42:53.0719 0x16a8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1749C800
14:42:53.0719 0x16a8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1778B000, BlocksNum 0x171AE000
14:42:53.0719 0x16a8 ============================================================
14:42:53.0835 0x16a8 C: <-> \Device\Harddisk0\DR0\Partition1
14:42:53.0895 0x16a8 E: <-> \Device\Harddisk0\DR0\Partition2
14:42:53.0895 0x16a8 ============================================================
14:42:53.0895 0x16a8 Initialize success
14:42:53.0895 0x16a8 ============================================================
14:44:10.0851 0x0a60 ============================================================
14:44:10.0851 0x0a60 Scan started
14:44:10.0851 0x0a60 Mode: Manual; SigCheck; TDLFS;
14:44:10.0851 0x0a60 ============================================================
14:44:10.0851 0x0a60 KSN ping started
14:44:13.0727 0x0a60 KSN ping finished: true
14:44:57.0478 0x0a60 ================ Scan system memory ========================
14:44:57.0479 0x0a60 System memory - ok
14:44:57.0479 0x0a60 ================ Scan services =============================
14:44:58.0706 0x0a60 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:45:09.0716 0x0a60 ACPI - ok
14:45:10.0438 0x0a60 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
14:45:10.0463 0x0a60 AdobeARMservice - ok
14:45:11.0159 0x0a60 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:45:11.0180 0x0a60 AdobeFlashPlayerUpdateSvc - ok
14:45:12.0760 0x0a60 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:45:13.0420 0x0a60 adp94xx - ok
14:45:13.0683 0x0a60 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:45:14.0080 0x0a60 adpahci - ok
14:45:14.0160 0x0a60 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:45:14.0183 0x0a60 adpu160m - ok
14:45:14.0399 0x0a60 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:45:14.0417 0x0a60 adpu320 - ok
14:45:14.0548 0x0a60 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:45:15.0998 0x0a60 AeLookupSvc - ok
14:45:16.0378 0x0a60 [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
14:45:17.0127 0x0a60 AFD - ok
14:45:17.0722 0x0a60 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:45:17.0751 0x0a60 agp440 - ok
14:45:17.0844 0x0a60 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:45:17.0961 0x0a60 aic78xx - ok
14:45:18.0015 0x0a60 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
14:45:20.0091 0x0a60 ALG - ok
14:45:20.0344 0x0a60 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
14:45:20.0426 0x0a60 aliide - ok
14:45:20.0618 0x0a60 [ 761F38EE3C1146A7434AD72763382544, B9ECCFB92AB1E569E36A7542A6D3D6805B3C4D105C22C84C3A1BC53662D86ED7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:45:20.0804 0x0a60 AMD External Events Utility - ok
14:45:21.0031 0x0a60 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:45:21.0059 0x0a60 amdagp - ok
14:45:21.0169 0x0a60 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
14:45:21.0189 0x0a60 amdide - ok
14:45:21.0578 0x0a60 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:45:22.0028 0x0a60 AmdK7 - ok
14:45:22.0136 0x0a60 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:45:22.0212 0x0a60 AmdK8 - ok
14:45:22.0810 0x0a60 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:45:22.0851 0x0a60 AntiVirSchedulerService - ok
14:45:22.0985 0x0a60 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:45:23.0046 0x0a60 AntiVirService - ok
14:45:23.0634 0x0a60 [ 7983B808D27CEFADD0BCBCAB30736B5B, 5E723476EF71F4C7AFC9E65113F6E78357DC908ED6E09F1142C4DB19B78DC5EF ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:45:23.0772 0x0a60 AntiVirWebService - ok
14:45:23.0840 0x0a60 [ 95116E2BCFAF5A36AF0369050E92B9A5, 34F7D6B2F37379698DAA80FEB98F0EA092968AEE7021E5917019E782CD260FFC ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
14:45:23.0887 0x0a60 ApfiltrService - ok
14:45:24.0033 0x0a60 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
14:45:24.0146 0x0a60 Appinfo - ok
14:45:24.0458 0x0a60 [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:45:24.0482 0x0a60 Apple Mobile Device - ok
14:45:24.0553 0x0a60 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
14:45:24.0576 0x0a60 arc - ok
14:45:24.0658 0x0a60 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:45:24.0681 0x0a60 arcsas - ok
14:45:24.0999 0x0a60 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:45:25.0367 0x0a60 aspnet_state - ok
14:45:25.0468 0x0a60 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:45:25.0566 0x0a60 AsyncMac - ok
14:45:25.0648 0x0a60 [ 9C0E70031905ADBF94EDB9EA14AF943B, 88E4A250C22E919DECEDF1D59566265C473CDFAC97440F25A6D05E6200223194 ] atapi C:\Windows\system32\drivers\atapi.sys
14:45:25.0679 0x0a60 atapi - ok
14:45:26.0212 0x0a60 [ 53DF058C7115B3E6259954D2A2DBF8E9, 5B405E47124096BE4EC30B9EEDDF93D898D8E50996834FAB3497C1112FD25555 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:45:27.0038 0x0a60 atikmdag - ok
14:45:27.0246 0x0a60 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:45:27.0512 0x0a60 AudioEndpointBuilder - ok
14:45:27.0593 0x0a60 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:45:27.0639 0x0a60 Audiosrv - ok
14:45:27.0742 0x0a60 [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:45:27.0771 0x0a60 avgntflt - ok
14:45:27.0991 0x0a60 [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:45:28.0020 0x0a60 avipbb - ok
14:45:28.0191 0x0a60 [ ABDAEBEB09E98D13D765A0C57F3FAF88, F9E5F9A13E983BEAF32FA53736FB188280AAA44740696DFB95B8C10E8FEA466D ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
14:45:28.0215 0x0a60 Avira.OE.ServiceHost - ok
14:45:28.0380 0x0a60 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:45:28.0410 0x0a60 avkmgr - ok
14:45:28.0551 0x0a60 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
14:45:28.0660 0x0a60 Beep - ok
14:45:28.0785 0x0a60 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
14:45:28.0998 0x0a60 BFE - ok
14:45:29.0190 0x0a60 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
14:45:29.0445 0x0a60 BITS - ok
14:45:29.0496 0x0a60 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:45:29.0592 0x0a60 blbdrive - ok
14:45:29.0712 0x0a60 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:45:29.0767 0x0a60 Bonjour Service - ok
14:45:29.0863 0x0a60 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:45:30.0000 0x0a60 bowser - ok
14:45:30.0144 0x0a60 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:45:30.0223 0x0a60 BrFiltLo - ok
14:45:30.0433 0x0a60 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:45:30.0531 0x0a60 BrFiltUp - ok
14:45:30.0679 0x0a60 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
14:45:30.0763 0x0a60 Browser - ok
14:45:30.0928 0x0a60 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:45:31.0951 0x0a60 Brserid - ok
14:45:31.0978 0x0a60 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:45:32.0098 0x0a60 BrSerWdm - ok
14:45:32.0134 0x0a60 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:45:32.0244 0x0a60 BrUsbMdm - ok
14:45:32.0317 0x0a60 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:45:32.0505 0x0a60 BrUsbSer - ok
14:45:32.0863 0x0a60 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:45:33.0104 0x0a60 BTHMODEM - ok
14:45:33.0473 0x0a60 [ F1140ED3A1E1D6824A63F27AFD9EEF32, AF40AA352857A4161B500C404B88DEBD41E0A06640393B57CD5FD14E325BBE97 ] camsvc C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
14:45:33.0492 0x0a60 camsvc - ok
14:45:33.0586 0x0a60 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:45:33.0729 0x0a60 cdfs - ok
14:45:33.0940 0x0a60 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:45:34.0030 0x0a60 cdrom - ok
14:45:34.0075 0x0a60 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
14:45:34.0163 0x0a60 CertPropSvc - ok
14:45:34.0212 0x0a60 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
14:45:34.0280 0x0a60 circlass - ok
14:45:34.0370 0x0a60 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
14:45:34.0407 0x0a60 CLFS - ok
14:45:34.0506 0x0a60 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:45:34.0545 0x0a60 clr_optimization_v2.0.50727_32 - ok
14:45:34.0586 0x0a60 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:45:35.0129 0x0a60 clr_optimization_v4.0.30319_32 - ok
14:45:35.0299 0x0a60 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:45:35.0371 0x0a60 CmBatt - ok
14:45:35.0411 0x0a60 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:45:35.0442 0x0a60 cmdide - ok
14:45:35.0517 0x0a60 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:45:35.0570 0x0a60 Compbatt - ok
14:45:35.0583 0x0a60 COMSysApp - ok
14:45:35.0660 0x0a60 [ CAB0EEAF5295FC96DDD3E19DCE27E131, 87BCAC18D920153322D325AA5B93BB0B447577D67261FDCC01C5B60643CEA792 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
14:45:35.0681 0x0a60 ConfigFree Service - ok
14:45:36.0007 0x0a60 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:45:36.0027 0x0a60 crcdisk - ok
14:45:36.0125 0x0a60 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:45:36.0205 0x0a60 Crusoe - ok
14:45:36.0277 0x0a60 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:45:36.0504 0x0a60 CryptSvc - ok
14:45:36.0684 0x0a60 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:45:36.0846 0x0a60 DcomLaunch - ok
14:45:36.0932 0x0a60 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:45:37.0067 0x0a60 DfsC - ok
14:45:37.0606 0x0a60 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
14:45:38.0636 0x0a60 DFSR - ok
14:45:38.0727 0x0a60 [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
14:45:38.0750 0x0a60 dg_ssudbus - ok
14:45:39.0074 0x0a60 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:45:39.0212 0x0a60 Dhcp - ok
14:45:39.0424 0x0a60 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
14:45:39.0545 0x0a60 disk - ok
14:45:39.0634 0x0a60 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:45:39.0748 0x0a60 Dnscache - ok
14:45:39.0789 0x0a60 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
14:45:39.0847 0x0a60 dot3svc - ok
14:45:39.0928 0x0a60 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
14:45:40.0019 0x0a60 DPS - ok
14:45:40.0099 0x0a60 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:45:40.0359 0x0a60 drmkaud - ok
14:45:40.0716 0x0a60 [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:45:41.0033 0x0a60 DXGKrnl - ok
14:45:41.0129 0x0a60 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:45:41.0289 0x0a60 E1G60 - ok
14:45:41.0426 0x0a60 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
14:45:41.0468 0x0a60 EapHost - ok
14:45:41.0708 0x0a60 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
14:45:41.0760 0x0a60 Ecache - ok
14:45:41.0943 0x0a60 [ 3A511ED3C9A9DA2CD5A50FF46178063A, FA8732D1B078E01EC2337BE1997B58B37BC3C39747D932F8CAB1B98C6BC754F5 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:45:42.0135 0x0a60 ehRecvr - ok
14:45:42.0167 0x0a60 [ A3D94C93333619458AF4BDE7531234C5, E01860EDC1AA3D9B58F9EC5BE20838A7C7B0A1F68B0264281AEDD6F5B69AA1BD ] ehSched C:\Windows\ehome\ehsched.exe
14:45:42.0211 0x0a60 ehSched - ok
14:45:42.0228 0x0a60 [ 487BA5C5BB442BD172F120DC197811C2, C43068044443FFB2368BAD0008DADF5D4218D0DCD9AB9F1D492540DE9CDC7EB9 ] ehstart C:\Windows\ehome\ehstart.dll
14:45:42.0261 0x0a60 ehstart - ok
14:45:42.0367 0x0a60 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:45:42.0445 0x0a60 elxstor - ok
14:45:42.0626 0x0a60 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:45:43.0052 0x0a60 EMDMgmt - ok
14:45:43.0719 0x0a60 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:45:43.0857 0x0a60 ErrDev - ok
14:45:44.0009 0x0a60 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
14:45:44.0063 0x0a60 EventSystem - ok
14:45:44.0224 0x0a60 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
14:45:44.0591 0x0a60 exfat - ok
14:45:44.0723 0x0a60 [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:45:45.0056 0x0a60 fastfat - ok
14:45:45.0176 0x0a60 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:45:45.0299 0x0a60 fdc - ok
14:45:45.0376 0x0a60 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
14:45:45.0509 0x0a60 fdPHost - ok
14:45:45.0593 0x0a60 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
14:45:45.0662 0x0a60 FDResPub - ok
14:45:45.0778 0x0a60 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:45:46.0149 0x0a60 FileInfo - ok
14:45:46.0460 0x0a60 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:45:46.0559 0x0a60 Filetrace - ok
14:45:46.0576 0x0a60 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:45:46.0647 0x0a60 flpydisk - ok
14:45:46.0788 0x0a60 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:45:46.0821 0x0a60 FltMgr - ok
14:45:47.0024 0x0a60 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
14:45:47.0627 0x0a60 FontCache - ok
14:45:47.0926 0x0a60 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:45:47.0948 0x0a60 FontCache3.0.0.0 - ok
14:45:48.0182 0x0a60 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:45:48.0383 0x0a60 Fs_Rec - ok
14:45:48.0519 0x0a60 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:45:48.0542 0x0a60 gagp30kx - ok
14:45:48.0639 0x0a60 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:45:48.0656 0x0a60 GEARAspiWDM - ok
14:45:48.0760 0x0a60 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
14:45:49.0210 0x0a60 gpsvc - ok
14:45:49.0584 0x0a60 [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:45:49.0628 0x0a60 gusvc - ok
14:45:50.0453 0x0a60 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:45:50.0547 0x0a60 HdAudAddService - ok
14:45:50.0697 0x0a60 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:45:50.0765 0x0a60 HDAudBus - ok
14:45:51.0355 0x0a60 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:45:51.0411 0x0a60 HidBth - ok
14:45:51.0451 0x0a60 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
14:45:51.0505 0x0a60 HidIr - ok
14:45:51.0550 0x0a60 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
14:45:51.0635 0x0a60 hidserv - ok
14:45:51.0726 0x0a60 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:45:51.0807 0x0a60 HidUsb - ok
14:45:51.0849 0x0a60 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
14:45:51.0915 0x0a60 hkmsvc - ok
14:45:51.0972 0x0a60 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:45:51.0995 0x0a60 HpCISSs - ok
14:45:52.0099 0x0a60 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:45:52.0319 0x0a60 HTTP - ok
14:45:52.0433 0x0a60 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:45:52.0458 0x0a60 i2omp - ok
14:45:52.0601 0x0a60 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:45:52.0718 0x0a60 i8042prt - ok
14:45:52.0828 0x0a60 [ 71ECC07BC7C5E24C3DD01D8A29A24054, 03BB7E80212B038E26B439F41D757152B00CBC5E20ADE54B0FC903B199B73E88 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:45:52.0854 0x0a60 iaStor - ok
14:45:52.0933 0x0a60 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:45:52.0969 0x0a60 iaStorV - ok
14:45:53.0159 0x0a60 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:45:53.0692 0x0a60 idsvc - ok
14:45:53.0858 0x0a60 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:45:53.0936 0x0a60 iirsp - ok
14:45:54.0245 0x0a60 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
14:45:54.0783 0x0a60 IKEEXT - ok
14:45:55.0683 0x0a60 [ 2E4F8AD76CB1203D68DB6E8F02E4AF74, 88224DFD93408E8345644D8C65429C300229EE5D457F45F27DEFF4E4E0F871EF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:45:57.0447 0x0a60 IntcAzAudAddService - ok
14:45:58.0164 0x0a60 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
14:45:58.0190 0x0a60 intelide - ok
14:45:58.0319 0x0a60 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:45:58.0390 0x0a60 intelppm - ok
14:45:58.0491 0x0a60 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:45:58.0591 0x0a60 IPBusEnum - ok
14:45:59.0181 0x0a60 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:45:59.0318 0x0a60 IpFilterDriver - ok
14:45:59.0385 0x0a60 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:45:59.0462 0x0a60 iphlpsvc - ok
14:45:59.0470 0x0a60 IpInIp - ok
14:45:59.0553 0x0a60 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:45:59.0616 0x0a60 IPMIDRV - ok
14:45:59.0669 0x0a60 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:45:59.0726 0x0a60 IPNAT - ok
14:46:00.0979 0x0a60 [ 781ABA6C29AD40259602703A328DAEC6, 2DB936C8DE6D4424C6A10D4200F3D7F97A3A129A3B1064A83AB9846C3A828BE0 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:46:01.0081 0x0a60 iPod Service - ok
14:46:01.0146 0x0a60 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:46:01.0297 0x0a60 IRENUM - ok
14:46:01.0367 0x0a60 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:46:01.0405 0x0a60 isapnp - ok
14:46:01.0455 0x0a60 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:46:01.0494 0x0a60 iScsiPrt - ok
14:46:01.0550 0x0a60 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:46:01.0581 0x0a60 iteatapi - ok
14:46:01.0653 0x0a60 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:46:01.0678 0x0a60 iteraid - ok
14:46:01.0746 0x0a60 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:46:01.0775 0x0a60 kbdclass - ok
14:46:01.0966 0x0a60 [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:46:02.0029 0x0a60 kbdhid - ok
14:46:02.0098 0x0a60 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
14:46:02.0345 0x0a60 KeyIso - ok
14:46:02.0489 0x0a60 [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:46:02.0555 0x0a60 KSecDD - ok
14:46:02.0648 0x0a60 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:46:02.0847 0x0a60 KtmRm - ok
14:46:02.0982 0x0a60 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
14:46:03.0181 0x0a60 LanmanServer - ok
14:46:03.0427 0x0a60 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:46:03.0578 0x0a60 LanmanWorkstation - ok
14:46:03.0677 0x0a60 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:46:03.0863 0x0a60 lltdio - ok
14:46:04.0019 0x0a60 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:46:04.0168 0x0a60 lltdsvc - ok
14:46:04.0198 0x0a60 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:46:04.0256 0x0a60 lmhosts - ok
14:46:04.0334 0x0a60 [ 31F74D5D47EEA83E5E89447586917774, 5B8C99FDC77E8782A4362907424432A36AAA487756CA3E6CCC7E0F9759662145 ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
14:46:04.0442 0x0a60 LPCFilter - ok
14:46:04.0497 0x0a60 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:46:04.0523 0x0a60 LSI_FC - ok
14:46:04.0573 0x0a60 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:46:04.0598 0x0a60 LSI_SAS - ok
14:46:04.0648 0x0a60 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:46:04.0675 0x0a60 LSI_SCSI - ok
14:46:04.0708 0x0a60 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
14:46:04.0779 0x0a60 luafv - ok
14:46:04.0838 0x0a60 [ 3BD2AD18179DEAD6652E87157FB98E4A, 66416F10BF5E29CA8E47D8DB8A906164669C722EDF985598A605C096A92A87AF ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:46:04.0884 0x0a60 Mcx2Svc - ok
14:46:04.0949 0x0a60 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
14:46:04.0998 0x0a60 megasas - ok
14:46:05.0250 0x0a60 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
14:46:05.0302 0x0a60 MegaSR - ok
14:46:05.0387 0x0a60 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
14:46:05.0442 0x0a60 MMCSS - ok
14:46:05.0478 0x0a60 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
14:46:05.0593 0x0a60 Modem - ok
14:46:05.0679 0x0a60 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:46:05.0759 0x0a60 monitor - ok
14:46:05.0784 0x0a60 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:46:05.0814 0x0a60 mouclass - ok
14:46:05.0859 0x0a60 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:46:05.0936 0x0a60 mouhid - ok
14:46:05.0969 0x0a60 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:46:05.0993 0x0a60 MountMgr - ok
14:46:06.0125 0x0a60 [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:46:06.0164 0x0a60 MozillaMaintenance - ok
14:46:06.0195 0x0a60 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:46:06.0221 0x0a60 mpio - ok
14:46:06.0240 0x0a60 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:46:06.0564 0x0a60 mpsdrv - ok
14:46:06.0672 0x0a60 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:46:06.0763 0x0a60 MpsSvc - ok
14:46:06.0886 0x0a60 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:46:06.0909 0x0a60 Mraid35x - ok
14:46:06.0962 0x0a60 [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:46:07.0163 0x0a60 MRxDAV - ok
14:46:07.0242 0x0a60 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:46:07.0424 0x0a60 mrxsmb - ok
14:46:07.0707 0x0a60 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:46:07.0773 0x0a60 mrxsmb10 - ok
14:46:07.0895 0x0a60 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:46:08.0069 0x0a60 mrxsmb20 - ok
14:46:08.0158 0x0a60 [ AA305CFF241DA187BD5077DE4A2A043D, 1D0FAE34A617E350DA6B0A2380AD4522EFF78F1CC02BE1199023F5CCD465411D ] msahci C:\Windows\system32\drivers\msahci.sys
14:46:08.0188 0x0a60 msahci - ok
14:46:08.0295 0x0a60 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:46:08.0480 0x0a60 msdsm - ok
14:46:08.0957 0x0a60 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
14:46:09.0038 0x0a60 MSDTC - ok
14:46:09.0100 0x0a60 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:46:09.0186 0x0a60 Msfs - ok
14:46:09.0331 0x0a60 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:46:09.0354 0x0a60 msisadrv - ok
14:46:09.0409 0x0a60 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:46:09.0508 0x0a60 MSiSCSI - ok
14:46:09.0514 0x0a60 msiserver - ok
14:46:09.0595 0x0a60 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:46:09.0648 0x0a60 MSKSSRV - ok
14:46:09.0739 0x0a60 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:46:09.0794 0x0a60 MSPCLOCK - ok
14:46:09.0851 0x0a60 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:46:09.0922 0x0a60 MSPQM - ok
14:46:10.0021 0x0a60 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:46:10.0049 0x0a60 MsRPC - ok
14:46:10.0163 0x0a60 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:46:10.0178 0x0a60 mssmbios - ok
14:46:10.0358 0x0a60 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:46:10.0405 0x0a60 MSTEE - ok
14:46:10.0489 0x0a60 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
14:46:10.0514 0x0a60 Mup - ok
14:46:10.0661 0x0a60 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
14:46:10.0709 0x0a60 napagent - ok
14:46:10.0804 0x0a60 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:46:10.0833 0x0a60 NativeWifiP - ok
14:46:11.0059 0x0a60 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:46:11.0099 0x0a60 NDIS - ok
14:46:11.0282 0x0a60 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:46:11.0485 0x0a60 NdisTapi - ok
14:46:11.0514 0x0a60 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:46:11.0545 0x0a60 Ndisuio - ok
14:46:11.0633 0x0a60 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:46:11.0718 0x0a60 NdisWan - ok
14:46:12.0101 0x0a60 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:46:12.0129 0x0a60 NDProxy - ok
14:46:12.0285 0x0a60 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:46:12.0324 0x0a60 NetBIOS - ok
14:46:12.0458 0x0a60 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:46:12.0591 0x0a60 netbt - ok
14:46:12.0647 0x0a60 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
14:46:12.0697 0x0a60 Netlogon - ok
14:46:12.0786 0x0a60 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
14:46:12.0876 0x0a60 Netman - ok
14:46:12.0981 0x0a60 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:13.0177 0x0a60 NetMsmqActivator - ok
14:46:13.0281 0x0a60 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:13.0303 0x0a60 NetPipeActivator - ok
14:46:13.0380 0x0a60 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
14:46:13.0560 0x0a60 netprofm - ok
14:46:13.0626 0x0a60 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:13.0645 0x0a60 NetTcpActivator - ok
14:46:13.0653 0x0a60 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:13.0675 0x0a60 NetTcpPortSharing - ok
14:46:14.0339 0x0a60 [ 8DE67BD902095A13329FD82C85A1FA09, 7F0B058D0C306A845F7BF14B24B0BDBCE6F152A054331072549F46284E75A367 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
14:46:17.0089 0x0a60 NETw5v32 - ok
14:46:17.0188 0x0a60 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:46:17.0227 0x0a60 nfrd960 - ok
14:46:17.0381 0x0a60 [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:46:17.0482 0x0a60 NlaSvc - ok
14:46:17.0545 0x0a60 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:46:17.0578 0x0a60 Npfs - ok
14:46:17.0655 0x0a60 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
14:46:17.0783 0x0a60 nsi - ok
14:46:17.0851 0x0a60 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:46:17.0926 0x0a60 nsiproxy - ok
14:46:18.0266 0x0a60 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:46:19.0305 0x0a60 Ntfs - ok
14:46:19.0382 0x0a60 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:46:19.0504 0x0a60 ntrigdigi - ok
14:46:19.0552 0x0a60 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
14:46:19.0688 0x0a60 Null - ok
14:46:19.0718 0x0a60 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:46:19.0767 0x0a60 nvraid - ok
14:46:19.0806 0x0a60 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:46:19.0855 0x0a60 nvstor - ok
14:46:19.0900 0x0a60 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:46:19.0921 0x0a60 nv_agp - ok
14:46:19.0927 0x0a60 NwlnkFlt - ok
14:46:19.0936 0x0a60 NwlnkFwd - ok
14:46:20.0162 0x0a60 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:46:20.0207 0x0a60 odserv - ok
14:46:20.0285 0x0a60 [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:46:20.0521 0x0a60 ohci1394 - ok
14:46:20.0869 0x0a60 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:46:20.0898 0x0a60 ose - ok
14:46:21.0308 0x0a60 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:46:21.0535 0x0a60 p2pimsvc - ok
14:46:21.0574 0x0a60 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
14:46:21.0612 0x0a60 p2psvc - ok
14:46:21.0671 0x0a60 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
14:46:21.0733 0x0a60 Parport - ok
14:46:21.0867 0x0a60 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:46:21.0891 0x0a60 partmgr - ok
14:46:21.0978 0x0a60 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:46:22.0054 0x0a60 Parvdm - ok
14:46:22.0171 0x0a60 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
14:46:22.0394 0x0a60 PcaSvc - ok
14:46:22.0470 0x0a60 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
14:46:22.0496 0x0a60 pci - ok
14:46:22.0567 0x0a60 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:46:22.0592 0x0a60 pciide - ok
14:46:22.0668 0x0a60 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:46:22.0723 0x0a60 pcmcia - ok
14:46:23.0253 0x0a60 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:46:23.0632 0x0a60 PEAUTH - ok
14:46:23.0674 0x0a60 [ 28F7FFFF50C474CF8BE16A2CACC7CE42, E17F79BD51BED437A02F2E48A73E1DB668D8173996C2193DE15643FE2251E8E7 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
14:46:23.0732 0x0a60 PGEffect - ok
14:46:24.0009 0x0a60 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
14:46:24.0480 0x0a60 pla - ok
14:46:24.0644 0x0a60 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:46:24.0747 0x0a60 PlugPlay - ok
14:46:24.0930 0x0a60 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:46:25.0034 0x0a60 PNRPAutoReg - ok
14:46:25.0082 0x0a60 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:46:25.0458 0x0a60 PNRPsvc - ok
14:46:25.0539 0x0a60 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:46:25.0586 0x0a60 PolicyAgent - ok
14:46:25.0626 0x0a60 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:46:25.0677 0x0a60 PptpMiniport - ok
14:46:25.0753 0x0a60 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
14:46:25.0865 0x0a60 Processor - ok
14:46:25.0913 0x0a60 [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
14:46:25.0974 0x0a60 ProfSvc - ok
14:46:25.0987 0x0a60 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
14:46:26.0003 0x0a60 ProtectedStorage - ok
14:46:26.0038 0x0a60 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:46:26.0082 0x0a60 PSched - ok
14:46:26.0105 0x0a60 [ 49452BFCEC22F36A7A9B9C2181BC3042, C01A2005E9897B142FF9BC6155770F70C19725C425E48D14239195E81E2E42D0 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
14:46:26.0128 0x0a60 PxHelp20 - ok
14:46:26.0398 0x0a60 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:46:26.0660 0x0a60 ql2300 - ok
14:46:26.0794 0x0a60 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:46:26.0820 0x0a60 ql40xx - ok
14:46:26.0889 0x0a60 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
14:46:26.0942 0x0a60 QWAVE - ok
14:46:26.0980 0x0a60 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:46:27.0000 0x0a60 QWAVEdrv - ok
14:46:27.0013 0x0a60 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:46:27.0064 0x0a60 RasAcd - ok
14:46:27.0109 0x0a60 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
14:46:27.0163 0x0a60 RasAuto - ok
14:46:27.0275 0x0a60 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:46:27.0330 0x0a60 Rasl2tp - ok
14:46:27.0438 0x0a60 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
14:46:27.0501 0x0a60 RasMan - ok
14:46:27.0539 0x0a60 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:46:27.0577 0x0a60 RasPppoe - ok
14:46:27.0602 0x0a60 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:46:27.0625 0x0a60 RasSstp - ok
14:46:27.0701 0x0a60 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:46:27.0843 0x0a60 rdbss - ok
14:46:28.0223 0x0a60 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:46:28.0279 0x0a60 RDPCDD - ok
14:46:28.0425 0x0a60 [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:46:28.0475 0x0a60 rdpdr - ok
14:46:28.0490 0x0a60 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:46:28.0548 0x0a60 RDPENCDD - ok
14:46:28.0629 0x0a60 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:46:28.0712 0x0a60 RDPWD - ok
14:46:28.0848 0x0a60 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
14:46:28.0892 0x0a60 RemoteAccess - ok
14:46:28.0939 0x0a60 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:46:28.0993 0x0a60 RemoteRegistry - ok
14:46:29.0031 0x0a60 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
14:46:29.0202 0x0a60 RpcLocator - ok
14:46:29.0245 0x0a60 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
14:46:29.0345 0x0a60 RpcSs - ok
14:46:29.0400 0x0a60 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:46:29.0441 0x0a60 rspndr - ok
14:46:29.0482 0x0a60 [ D85DA4371AF61359EDFCA4EA06619DD4, 8A0EFCEF8909B9DC17046C299B3E3597F60D1C7052F6A3D5B98B8B8091D04E15 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
14:46:29.0543 0x0a60 RTHDMIAzAudService - ok
14:46:29.0646 0x0a60 [ 470253597930E765DD08B30E723C1FA2, A39E48ED2130D3DB00010F3B8A2F688AA928A1E02064171FFD64F7F0BF402C59 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
14:46:29.0746 0x0a60 RTL8169 - ok
14:46:29.0875 0x0a60 [ 52532A4CA8B251775DECC87C4813ABFB, D10633C8BFF66A1CF855E86157B93E48AC4E5BF380CDA8C3C1061CA6A8DA0030 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
14:46:29.0974 0x0a60 RTSTOR - ok
14:46:29.0999 0x0a60 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
14:46:30.0020 0x0a60 SamSs - ok
14:46:30.0100 0x0a60 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:46:30.0121 0x0a60 sbp2port - ok
14:46:30.0154 0x0a60 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:46:30.0180 0x0a60 SCardSvr - ok
14:46:30.0333 0x0a60 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
14:46:30.0451 0x0a60 Schedule - ok
14:46:30.0501 0x0a60 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
14:46:30.0522 0x0a60 SCPolicySvc - ok
14:46:30.0571 0x0a60 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:46:30.0660 0x0a60 SDRSVC - ok
14:46:30.0707 0x0a60 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:46:30.0815 0x0a60 secdrv - ok
14:46:30.0863 0x0a60 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
14:46:30.0938 0x0a60 seclogon - ok
14:46:31.0005 0x0a60 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
14:46:31.0037 0x0a60 SENS - ok
14:46:31.0107 0x0a60 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:46:31.0157 0x0a60 Serenum - ok
14:46:31.0204 0x0a60 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
14:46:31.0258 0x0a60 Serial - ok
14:46:31.0277 0x0a60 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:46:31.0311 0x0a60 sermouse - ok
14:46:31.0361 0x0a60 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
14:46:31.0395 0x0a60 SessionEnv - ok
14:46:31.0424 0x0a60 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:46:31.0449 0x0a60 sffdisk - ok
14:46:31.0494 0x0a60 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:46:31.0542 0x0a60 sffp_mmc - ok
14:46:31.0579 0x0a60 [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:46:31.0674 0x0a60 sffp_sd - ok
14:46:31.0700 0x0a60 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:46:31.0761 0x0a60 sfloppy - ok
14:46:31.0826 0x0a60 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:46:31.0896 0x0a60 SharedAccess - ok
14:46:31.0977 0x0a60 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:46:32.0063 0x0a60 ShellHWDetection - ok
14:46:32.0115 0x0a60 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:46:32.0137 0x0a60 sisagp - ok
14:46:32.0164 0x0a60 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:46:32.0188 0x0a60 SiSRaid2 - ok
14:46:32.0216 0x0a60 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:46:32.0282 0x0a60 SiSRaid4 - ok
14:46:32.0709 0x0a60 [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:46:32.0734 0x0a60 SkypeUpdate - ok
14:46:33.0977 0x0a60 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
14:46:35.0690 0x0a60 slsvc - ok
14:46:35.0740 0x0a60 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:46:35.0767 0x0a60 SLUINotify - ok
14:46:35.0796 0x0a60 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:46:35.0900 0x0a60 Smb - ok
14:46:35.0960 0x0a60 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:46:35.0997 0x0a60 SNMPTRAP - ok
14:46:36.0196 0x0a60 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
14:46:36.0231 0x0a60 spldr - ok
14:46:36.0280 0x0a60 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
14:46:36.0355 0x0a60 Spooler - ok
14:46:36.0452 0x0a60 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
14:46:36.0708 0x0a60 srv - ok
14:46:36.0992 0x0a60 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:46:37.0151 0x0a60 srv2 - ok
14:46:37.0249 0x0a60 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:46:37.0293 0x0a60 srvnet - ok
14:46:37.0423 0x0a60 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:46:37.0468 0x0a60 SSDPSRV - ok
14:46:37.0650 0x0a60 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
14:46:37.0666 0x0a60 ssmdrv - ok
14:46:37.0726 0x0a60 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:46:37.0761 0x0a60 SstpSvc - ok
14:46:37.0946 0x0a60 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
14:46:38.0078 0x0a60 stisvc - ok
14:46:38.0112 0x0a60 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:46:38.0131 0x0a60 swenum - ok
14:46:38.0257 0x0a60 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
14:46:38.0313 0x0a60 swprv - ok
14:46:38.0341 0x0a60 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:46:38.0381 0x0a60 Symc8xx - ok
14:46:38.0445 0x0a60 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:46:38.0464 0x0a60 Sym_hi - ok
14:46:38.0476 0x0a60 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:46:38.0536 0x0a60 Sym_u3 - ok
14:46:38.0656 0x0a60 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
14:46:38.0722 0x0a60 SysMain - ok
14:46:38.0784 0x0a60 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:46:42.0295 0x0a60 TabletInputService - ok
14:46:42.0400 0x0a60 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:46:42.0597 0x0a60 TapiSrv - ok
14:46:43.0163 0x0a60 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
14:46:43.0242 0x0a60 TBS - ok
14:46:43.0448 0x0a60 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:46:43.0654 0x0a60 Tcpip - ok
14:46:43.0690 0x0a60 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:46:43.0851 0x0a60 Tcpip6 - ok
14:46:43.0871 0x0a60 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:46:44.0194 0x0a60 tcpipreg - ok
14:46:44.0240 0x0a60 [ 6FDFBA25002CE4BAC463AC866AE71405, E2952EA6E10543910931612D8AC18D340589C2AC88CF059F65866189CA03602A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
14:46:44.0267 0x0a60 tdcmdpst - ok
14:46:44.0317 0x0a60 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:46:44.0347 0x0a60 TDPIPE - ok
14:46:44.0382 0x0a60 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:46:44.0418 0x0a60 TDTCP - ok
14:46:44.0538 0x0a60 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:46:44.0694 0x0a60 tdx - ok
14:46:44.0887 0x0a60 [ 392E619012F752D071910917E9307CC9, 8E65033667EAB5D8989808A6E217697BB20BADD3649B0CD2FB62720E9D26C4A6 ] TeamViewer4 C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
14:46:44.0913 0x0a60 TeamViewer4 - ok
14:46:45.0090 0x0a60 [ 24EA631FEC13E87AFE07A2B28732EF38, 7BF70BBAA340DC50B49FC8BBFD73D920B108FAE5D8389114D76136D31C13E618 ] TemproMonitoringService C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
14:46:45.0109 0x0a60 TemproMonitoringService - ok
14:46:45.0237 0x0a60 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:46:45.0305 0x0a60 TermDD - ok
14:46:45.0531 0x0a60 [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
14:46:45.0648 0x0a60 TermService - ok
14:46:45.0741 0x0a60 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
14:46:45.0778 0x0a60 Themes - ok
14:46:45.0802 0x0a60 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
14:46:45.0849 0x0a60 THREADORDER - ok
14:46:45.0960 0x0a60 [ F120967184A27E927052E8DDBB727851, B54A1D2B4D52C0DF19AC81617A26CA164C5779C568DB86A6FD97D0A14D5FEEB4 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
14:46:45.0980 0x0a60 TMachInfo - ok
14:46:46.0083 0x0a60 [ 22BC804EFE155F54252F389B0781D7F2, 10E88C4E4CF3170DDD9D778FFBB4FC04C4D0FBC8E7781D4CD79B600564E4022C ] TNaviSrv C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
14:46:46.0105 0x0a60 TNaviSrv - ok
14:46:46.0157 0x0a60 [ C5AC715B65B01788ABC22D10749DDDD8, 3237B8CBEA645F550CE588511BC7085358B3D1358D46AF5EED65F3BAC5174195 ] TODDSrv C:\Windows\system32\TODDSrv.exe
14:46:46.0183 0x0a60 TODDSrv - ok
14:46:46.0325 0x0a60 [ 5557E7F940CBCF09BE43379F551F6689, F20501196075FF9FF0992DB29F0D79391554F729B90BF3312A320E8CF67665A8 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
14:46:46.0366 0x0a60 TosCoSrv - ok
14:46:46.0519 0x0a60 [ 9D1C30CE9F1A8488D5D9102C0820743D, 6AFC48B1E4A2B298223A11DE874DEBB81F14500D02404FBDE3FE919ADBE5D824 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
14:46:46.0540 0x0a60 TOSHIBA eco Utility Service - detected UnsignedFile.Multi.Generic ( 1 )
14:46:49.0266 0x0a60 Detect skipped due to KSN trusted
14:46:49.0266 0x0a60 TOSHIBA eco Utility Service - ok
14:46:49.0678 0x0a60 [ B792D35B8BDC5FC4106808FF5C7770AB, BCC0999360B9CB431DCFD6A6ED3E9BD83EFDEF0E18055C61A2EB170C15389DB0 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
14:46:49.0717 0x0a60 TOSHIBA HDD SSD Alert Service - detected UnsignedFile.Multi.Generic ( 1 )
14:46:52.0438 0x0a60 Detect skipped due to KSN trusted
14:46:52.0438 0x0a60 TOSHIBA HDD SSD Alert Service - ok
14:46:52.0727 0x0a60 [ 4399A9BF7D8F49991A07FD86590A1619, D591D12EC3792B0B649944722BBBEBBB8B0D3346FCC8FC4B4B34799266AD2910 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
14:46:52.0754 0x0a60 tos_sps32 - ok
14:46:52.0820 0x0a60 [ 1A6FA701F66B58192B814570322521B2, 9F75C4CA828F4E68611410A097410E8D86601351B9C2A8A23986DAA7AA1DBE30 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
14:46:52.0852 0x0a60 TPCHSrv - ok
14:46:52.0907 0x0a60 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
14:46:52.0973 0x0a60 TrkWks - ok
14:46:53.0054 0x0a60 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:46:53.0111 0x0a60 TrustedInstaller - ok
14:46:53.0276 0x0a60 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:46:53.0557 0x0a60 tssecsrv - ok
14:46:53.0591 0x0a60 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:46:53.0666 0x0a60 tunmp - ok
14:46:53.0809 0x0a60 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:46:53.0857 0x0a60 tunnel - ok
14:46:53.0898 0x0a60 [ 792A8B80F8188ABA4B2BE271583F3E46, BFE96D13926F3CB7D807CEBB5E190736B742EB5C93F7FED08AA5D145F4B6A874 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
14:46:53.0917 0x0a60 TVALZ - ok
14:46:54.0017 0x0a60 [ 009AECD4C19209B09669A6615EA1E889, 58AEB6CEA36EB5B5A1F22392382773E812D22967C9A107FE03A43C899DBF6DD6 ] TVALZFL C:\Windows\system32\DRIVERS\TVALZFL.sys
14:46:54.0036 0x0a60 TVALZFL - ok
14:46:54.0194 0x0a60 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:46:54.0240 0x0a60 uagp35 - ok
14:46:54.0304 0x0a60 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:46:54.0344 0x0a60 udfs - ok
14:46:54.0528 0x0a60 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:46:54.0622 0x0a60 UI0Detect - ok
14:46:54.0663 0x0a60 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:46:54.0684 0x0a60 uliagpkx - ok
14:46:54.0719 0x0a60 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:46:54.0748 0x0a60 uliahci - ok
14:46:54.0810 0x0a60 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:46:54.0832 0x0a60 UlSata - ok
14:46:54.0864 0x0a60 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:46:54.0889 0x0a60 ulsata2 - ok
14:46:54.0966 0x0a60 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:46:55.0030 0x0a60 umbus - ok
14:46:55.0105 0x0a60 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
14:46:55.0171 0x0a60 upnphost - ok
14:46:55.0276 0x0a60 [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
14:46:55.0398 0x0a60 USBAAPL - ok
14:46:55.0492 0x0a60 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:46:55.0624 0x0a60 usbccgp - ok
14:46:55.0673 0x0a60 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:46:55.0755 0x0a60 usbcir - ok
14:46:55.0803 0x0a60 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:46:55.0824 0x0a60 usbehci - ok
14:46:55.0885 0x0a60 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:46:56.0021 0x0a60 usbhub - ok
14:46:56.0061 0x0a60 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:46:56.0117 0x0a60 usbohci - ok
14:46:56.0309 0x0a60 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:46:56.0377 0x0a60 usbprint - ok
14:46:56.0508 0x0a60 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:46:56.0646 0x0a60 usbscan - ok
14:46:56.0715 0x0a60 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:46:56.0784 0x0a60 USBSTOR - ok
14:46:56.0814 0x0a60 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:46:56.0886 0x0a60 usbuhci - ok
14:46:57.0015 0x0a60 [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:46:57.0195 0x0a60 usbvideo - ok
14:46:57.0453 0x0a60 [ 228F444F9AF0D3B9ECA9FC3F4FEB12F2, D29C9A0ED5602BCD529A0D7F538DFA8771B1CAC6F433AA686C3A4917DC596369 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
14:46:57.0656 0x0a60 usb_rndisx - ok
14:46:57.0729 0x0a60 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
14:46:57.0783 0x0a60 UxSms - ok
14:46:57.0883 0x0a60 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
14:46:57.0983 0x0a60 vds - ok
14:46:58.0050 0x0a60 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:46:58.0109 0x0a60 vga - ok
14:46:58.0192 0x0a60 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:46:58.0255 0x0a60 VgaSave - ok
14:46:58.0313 0x0a60 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:46:58.0336 0x0a60 viaagp - ok
14:46:58.0408 0x0a60 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:46:58.0444 0x0a60 ViaC7 - ok
14:46:58.0488 0x0a60 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
14:46:58.0502 0x0a60 viaide - ok
14:46:58.0584 0x0a60 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:46:58.0607 0x0a60 volmgr - ok
14:46:58.0714 0x0a60 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:46:58.0741 0x0a60 volmgrx - ok
14:46:58.0826 0x0a60 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:46:58.0859 0x0a60 volsnap - ok
14:46:58.0957 0x0a60 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:46:58.0981 0x0a60 vsmraid - ok
14:46:59.0090 0x0a60 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
14:46:59.0180 0x0a60 VSS - ok
14:46:59.0271 0x0a60 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
14:46:59.0312 0x0a60 W32Time - ok
14:46:59.0403 0x0a60 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:46:59.0571 0x0a60 WacomPen - ok
14:46:59.0612 0x0a60 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:46:59.0668 0x0a60 Wanarp - ok
14:46:59.0673 0x0a60 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:46:59.0695 0x0a60 Wanarpv6 - ok
14:46:59.0764 0x0a60 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:46:59.0799 0x0a60 wcncsvc - ok
14:46:59.0838 0x0a60 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:46:59.0883 0x0a60 WcsPlugInService - ok
14:46:59.0950 0x0a60 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
14:46:59.0969 0x0a60 Wd - ok
14:47:00.0030 0x0a60 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:47:00.0088 0x0a60 Wdf01000 - ok
14:47:00.0134 0x0a60 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:47:00.0188 0x0a60 WdiServiceHost - ok
14:47:00.0193 0x0a60 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:47:00.0224 0x0a60 WdiSystemHost - ok
14:47:00.0258 0x0a60 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
14:47:00.0284 0x0a60 WebClient - ok
14:47:00.0330 0x0a60 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:47:00.0407 0x0a60 Wecsvc - ok
14:47:00.0458 0x0a60 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:47:00.0495 0x0a60 wercplsupport - ok
14:47:00.0538 0x0a60 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
14:47:00.0564 0x0a60 WerSvc - ok
14:47:00.0896 0x0a60 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:47:00.0926 0x0a60 WinDefend - ok
14:47:00.0935 0x0a60 WinHttpAutoProxySvc - ok
14:47:01.0036 0x0a60 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:47:01.0065 0x0a60 Winmgmt - ok
14:47:01.0397 0x0a60 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
14:47:01.0530 0x0a60 WinRM - ok
14:47:01.0673 0x0a60 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:47:01.0747 0x0a60 Wlansvc - ok
14:47:02.0002 0x0a60 [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:47:02.0108 0x0a60 wlidsvc - ok
14:47:02.0179 0x0a60 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:47:02.0232 0x0a60 WmiAcpi - ok
14:47:02.0309 0x0a60 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:47:02.0391 0x0a60 wmiApSrv - ok
14:47:02.0636 0x0a60 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:47:02.0751 0x0a60 WMPNetworkSvc - ok
14:47:02.0832 0x0a60 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:47:02.0921 0x0a60 WPCSvc - ok
14:47:02.0970 0x0a60 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:47:03.0028 0x0a60 WPDBusEnum - ok
14:47:03.0056 0x0a60 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
14:47:03.0072 0x0a60 WpdUsb - ok
14:47:03.0185 0x0a60 [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:47:03.0228 0x0a60 WPFFontCache_v0400 - ok
14:47:03.0265 0x0a60 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:47:03.0328 0x0a60 ws2ifsl - ok
14:47:03.0391 0x0a60 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
14:47:03.0436 0x0a60 wscsvc - ok
14:47:03.0440 0x0a60 WSearch - ok
14:47:03.0846 0x0a60 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
14:47:03.0956 0x0a60 wuauserv - ok
14:47:04.0180 0x0a60 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:47:04.0239 0x0a60 WudfPf - ok
14:47:04.0267 0x0a60 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:47:04.0342 0x0a60 WUDFRd - ok
14:47:04.0373 0x0a60 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:47:04.0425 0x0a60 wudfsvc - ok
14:47:04.0453 0x0a60 ================ Scan global ===============================
14:47:04.0483 0x0a60 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
14:47:04.0546 0x0a60 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
14:47:04.0571 0x0a60 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
14:47:04.0647 0x0a60 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
14:47:04.0658 0x0a60 [ Global ] - ok
14:47:04.0661 0x0a60 ================ Scan MBR ==================================
14:47:04.0680 0x0a60 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:47:06.0724 0x0a60 \Device\Harddisk0\DR0 - ok
14:47:06.0725 0x0a60 ================ Scan VBR ==================================
14:47:06.0765 0x0a60 [ C78B7C73AE1341DDE26AFE6294033CAD ] \Device\Harddisk0\DR0\Partition1
14:47:06.0874 0x0a60 \Device\Harddisk0\DR0\Partition1 - ok
14:47:06.0909 0x0a60 [ 6B6324ECC14244BDA7C9ED852AFBD197 ] \Device\Harddisk0\DR0\Partition2
14:47:08.0509 0x0a60 \Device\Harddisk0\DR0\Partition2 - ok
14:47:08.0510 0x0a60 ================ Scan generic autorun ======================
14:47:08.0622 0x0a60 [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
14:47:08.0701 0x0a60 Windows Defender - ok
14:47:08.0833 0x0a60 [ 82E781852BDE2A7180FA0BF5A1D653B9, 1CF54EA7E0AF554C9A8644AF904397BCB34F10DD99F71F198728C23B134E70EF ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
14:47:08.0907 0x0a60 HWSetup - detected UnsignedFile.Multi.Generic ( 1 )
14:47:11.0746 0x0a60 Detect skipped due to KSN trusted
14:47:11.0746 0x0a60 HWSetup - ok
14:47:11.0786 0x0a60 [ 81CC023D8EE53F137AEB735717CEA919, 7E2FC912BDEC160B37B459346A778CF62D03A4910D807C9810FDC7FBB9AA1CB2 ] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
14:47:11.0851 0x0a60 SVPWUTIL - detected UnsignedFile.Multi.Generic ( 1 )
14:47:14.0708 0x0a60 Detect skipped due to KSN trusted
14:47:14.0708 0x0a60 SVPWUTIL - ok
14:47:14.0744 0x0a60 [ C5B2679B0AE204FDD0415199B7AFEF20, A488839697F72F5E914DC87077F196F355E4AA85A5AC9C555D67BB47CC198750 ] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
14:47:14.0754 0x0a60 KeNotify - ok
14:47:14.0954 0x0a60 [ 5C639276655D8AE95C9F1C6C98CA9116, BA62781527B7EEBD3FE00C037DF144C575F867E45C29099E40F03B3C495C95EF ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
14:47:15.0186 0x0a60 TosSENotify - detected UnsignedFile.Multi.Generic ( 1 )
14:47:18.0044 0x0a60 Detect skipped due to KSN trusted
14:47:18.0044 0x0a60 TosSENotify - ok
14:47:19.0077 0x0a60 [ C8BB9FD980C413AFCAD221940D6B0A95, 98C3CBC8DABD9AC6AA3E9BC179D076268B183E51D4C447E8644B7D0B91211D10 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
14:47:19.0393 0x0a60 RtHDVCpl - ok
14:47:19.0701 0x0a60 [ 9C00C20E9763CB54BFBBD82B7058E5E4, 00CCB43ECC50F4FCBB8B7A4DF86CB4EBC25FFDC9032475AB0A28B9962CB37CF0 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:47:19.0709 0x0a60 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
14:47:23.0220 0x0a60 Detect skipped due to KSN trusted
14:47:23.0220 0x0a60 StartCCC - ok
14:47:23.0266 0x0a60 [ 91F4CDB6AE8F978EFCE5DDE4264BEB79, 095F036939BBD77FA51CF165868FCA263A4CA4966CB73153BCEC371C5EA4DE18 ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE
14:47:23.0289 0x0a60 TPwrMain - ok
14:47:23.0351 0x0a60 [ 1694B28EBF704C0C0DA037EA65CD051F, E3E1E58409B2B738FE7ED972F725C02606B18F4EDC848DCB91EF472FB39EDD31 ] C:\Program Files\TOSHIBA\TBS\HSON.exe
14:47:23.0361 0x0a60 HSON - ok
14:47:23.0404 0x0a60 [ C1344BCC06A3161C9D86F05612F720C4, F63261FA914D90AAF509D57577D9B6530FC9F9FEDA2CDBC82FDEF64ABF59F679 ] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
14:47:23.0446 0x0a60 SmoothView - detected UnsignedFile.Multi.Generic ( 1 )
14:47:26.0544 0x0a60 Detect skipped due to KSN trusted
14:47:26.0544 0x0a60 SmoothView - ok
14:47:26.0658 0x0a60 [ 543E009B1465864D9AE7C6F25DCFA83A, 37548EDC7FED7B0AF181FA7D4ABD6219205F1FECF437C787570EFF89D249B8C8 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
14:47:26.0920 0x0a60 00TCrdMain - detected UnsignedFile.Multi.Generic ( 1 )
14:47:29.0777 0x0a60 Detect skipped due to KSN trusted
14:47:29.0777 0x0a60 00TCrdMain - ok
14:47:29.0847 0x0a60 [ 7229B9EED3F44B0F9E8AA74D8CA2212F, BA30B8F829DF2EA7D0E033D87596B2065D82DC5495400B4B880C9B95636A21E6 ] C:\Program Files\Apoint2K\Apoint.exe
14:47:29.0906 0x0a60 Apoint - ok
14:47:29.0938 0x0a60 [ 532CBBE5848770281CF40909DD06C752, 69265112B6C4CF01A5671BBA25FAC76E08A72F25E46BF90CB1CFA245D35144D3 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
14:47:29.0977 0x0a60 SmartFaceVWatcher - detected UnsignedFile.Multi.Generic ( 1 )
14:47:32.0832 0x0a60 Detect skipped due to KSN trusted
14:47:32.0832 0x0a60 SmartFaceVWatcher - ok
14:47:32.0970 0x0a60 [ C6F29FC4363AED8566DB6F9B52AAB5FB, AFBB3F4F4AA57B5D89E8F186642D287228A86F1D9C33B707412D0E1DBE153A7C ] C:\Program Files\TOSHIBA\TECO\Teco.exe
14:47:33.0130 0x0a60 Teco - detected UnsignedFile.Multi.Generic ( 1 )
14:47:36.0051 0x0a60 Detect skipped due to KSN trusted
14:47:36.0051 0x0a60 Teco - ok
14:47:36.0225 0x0a60 [ 6E0A862D5471648ABA19AD2B5CEA80BD, 4B3FEB6E52D6FD9000D00BAD343F9B1F1B3C538131C5BC41C799203FC042C1FE ] C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
14:47:36.0250 0x0a60 TPCHWMsg - ok
14:47:36.0309 0x0a60 [ E09B922FB422AEFD1493E0657669BD8B, F0692307530C3F20E95D762A674366E6B7BB702EB445666995630EE7D1B18BEB ] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
14:47:36.0341 0x0a60 NDSTray.exe - detected UnsignedFile.Multi.Generic ( 1 )
14:47:39.0054 0x0a60 Detect skipped due to KSN trusted
14:47:39.0054 0x0a60 NDSTray.exe - ok
14:47:39.0083 0x0a60 [ 68120B7C3FF8A3664341D0536C0C3198, F7118E542A3ECAE6B29ADFBA88F2ADE4BCD3270D61993EDF6C340676B66003FD ] C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe
14:47:39.0089 0x0a60 cfFncEnabler.exe - detected UnsignedFile.Multi.Generic ( 1 )
14:47:41.0816 0x0a60 Detect skipped due to KSN trusted
14:47:41.0816 0x0a60 cfFncEnabler.exe - ok
14:47:41.0965 0x0a60 [ C08EEB50B0CA00F7D272AE94B1531F7D, 0DCCB39A25C77A2C77FC6D928922DD9C581FA4DEF41897A3708FF5BC811AE938 ] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
14:47:42.0119 0x0a60 TWebCamera - ok
14:47:42.0220 0x0a60 [ C238DBC0EDFA7E045E4A7C66567D10D4, 8319B9EC7E6D4A81A0DED9CFF3651E1CB7371CC9D68635CEE4FA2C552EA71899 ] C:\Program Files\Toshiba TEMPRO\TemproTray.exe
14:47:42.0287 0x0a60 Toshiba TEMPRO - ok
14:47:42.0499 0x0a60 [ DFB75217B883F58344DA719C9C7D32F4, 9D7F7FD5187F29A1B48D22EF3EA9E5642B86A33400A0D320754694869D4847EB ] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
14:47:42.0510 0x0a60 Toshiba Registration - ok
14:47:42.0635 0x0a60 [ C4479E62594E5F3D41DE9C509D2487A2, 16F0386F182D02B89F8F6679973EAF292B639C4B864FC6AAD75D3205D3CF8F4D ] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
14:47:42.0710 0x0a60 Skytel - ok
14:47:43.0663 0x0a60 [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
14:47:43.0694 0x0a60 avgnt - ok
14:47:43.0768 0x0a60 [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
14:47:43.0780 0x0a60 APSDaemon - ok
14:47:43.0846 0x0a60 [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files\QuickTime\QTTask.exe
14:47:43.0889 0x0a60 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
14:47:46.0644 0x0a60 Detect skipped due to KSN trusted
14:47:46.0644 0x0a60 QuickTime Task - ok
14:47:46.0724 0x0a60 [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files\iTunes\iTunesHelper.exe
14:47:46.0738 0x0a60 iTunesHelper - ok
14:47:46.0866 0x0a60 [ 8CB85437667AEDBD8497D2CA85F4A17A, 196F1F3208674944C554624E5DA6A614F8070467E32F0C1BAB9AC409783E5804 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
14:47:46.0878 0x0a60 Avira Systray - ok
14:47:47.0198 0x0a60 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:47:47.0495 0x0a60 Sidebar - ok
14:47:47.0503 0x0a60 WindowsWelcomeCenter - ok
14:47:47.0626 0x0a60 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:47:48.0332 0x0a60 Sidebar - ok
14:47:48.0339 0x0a60 WindowsWelcomeCenter - ok
14:47:48.0415 0x0a60 [ F2C201341735E6674F7AD892CEA3799B, BF1039D011834B4DDFD0ACDC4BE2F278D6DBB18CC5B40C2540E941FEDBDCB665 ] C:\Windows\ehome\ehTray.exe
14:47:48.0500 0x0a60 ehTray.exe - ok
14:47:48.0834 0x0a60 [ BE0186C2984A1A04E84FF94EE07ACA0C, FDDDAE41ED5A7CAA4F2FEDCF1288F24FA91E1D229D363A4DE28B50DF66EBE7D9 ] C:\Program Files\MyDrive Connect\MyDriveConnect.exe
14:47:50.0253 0x0a60 MyDriveConnect.exe - ok
14:47:50.0417 0x0a60 [ 4CD8FAEAE28BC807955245F3950AB299, 3B372FEF66170D4C8ADE9A759E4ED3FBA60F932B06CF3DCAB61499C9198B0414 ] C:\Program Files\MP4 Player\mp4Player.exe
14:47:50.0513 0x0a60 MP4 Player - detected UnsignedFile.Multi.Generic ( 1 )
14:47:53.0386 0x0a60 Detect skipped due to KSN trusted
14:47:53.0386 0x0a60 MP4 Player - ok
14:47:53.0441 0x0a60 Skype - ok
14:47:53.0512 0x0a60 [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
14:47:53.0536 0x0a60 WMPNSCFG - ok
14:47:53.0537 0x0a60 Waiting for KSN requests completion. In queue: 7
14:47:54.0537 0x0a60 Waiting for KSN requests completion. In queue: 7
14:47:55.0596 0x0a60 Waiting for KSN requests completion. In queue: 7
14:47:56.0714 0x0a60 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x41000 ( enabled : updated )
14:47:56.0755 0x0a60 Win FW state via NFP2: enabled
14:47:59.0488 0x0a60 ============================================================
14:47:59.0488 0x0a60 Scan finished
14:47:59.0488 0x0a60 ============================================================
14:47:59.0500 0x0cd4 Detected object count: 0
14:47:59.0500 0x0cd4 Actual detected object count: 0
|
|
29.03.2015, 16:45
| #10 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team - generic Trojaner/Virus Nee das waren jetz nur spezielle Tools. Wieviele Rechner gibt es in diesem Netzwerk? Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.03.2015, 17:59
| #11 |
| | Telekom Abuse Team - generic Trojaner/Virus Ah okay, schade ;-) Bin jetzt leider schon wieder abgereist...vielleicht versuche ich es mal per Telefon. Oder gibt es einfache Möglichkeiten, einen Laptop fernzusteuern? Dann könnte ich halt von meinem PC aus auf ihren Laptop zugreifen und die Programme durchlaufen lassen. Im WLAN befindet sich an der besagte Laptop, ihr Android Sony Smartphone und falls ich zu Besuch bin mein Android Smartphone. Dazu gibt es noch einen normalen PC, der war aber seit diese Meldungen auftreten nicht angeschaltet und kann deshalb nicht der Auslöser sein. Vielleicht könnte ich in der Zwischenzeit noch mein Smartphone scannen? Oder ist das mit Android nicht so einfach möglich? |
|
31.03.2015, 05:10
| #12 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team - generic Trojaner/Virus Smartphone scannen geht nicht. Teamviewer ist gut zum Fernsteuern, bringt aber nix da es von unsren Tools abgeschossen wird
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.03.2015, 14:46
| #13 |
| | Telekom Abuse Team - generic Trojaner/Virus Gut, vielleicht bekommen wir das die Tage per Telefon hin. Ich werde dann die Log-Datei posten. Bei Handys bleibt dann also nur ein kompletter Reset? |
|
01.04.2015, 05:18
| #14 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team - generic Trojaner/Virus Ja, da kann man nix scannen, ausser mit nem AV extra fürs Handy, aber ob das genügend kann steht auf einem andern Blatt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.04.2015, 17:28
| #15 |
| | Telekom Abuse Team - generic Trojaner/Virus Soooo ein zwei Stunden Gespräch wäre dann beendet... xD Hier die log-Datei von grade eben: Code:
ATTFilter ComboFix 15-04-16.01 - Johanna 17.04.2015 18:02:07.1.2 - x86
ausgeführt von:: c:\users\Johanna\Downloads\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Johanna\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-03-17 bis 2015-04-17 ))))))))))))))))))))))))))))))
.
.
2015-04-17 16:09 . 2015-04-17 16:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-17 15:36 . 2015-04-17 15:36 -------- d-----w- c:\program files\iPod
2015-04-17 15:36 . 2015-04-17 15:37 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-04-17 15:36 . 2015-04-17 15:37 -------- d-----w- c:\program files\iTunes
2015-03-29 13:15 . 2015-01-29 01:35 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2015-03-29 13:14 . 2015-01-29 01:35 975360 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-03-29 13:14 . 2015-02-26 00:18 2064384 ----a-w- c:\windows\system32\win32k.sys
2015-03-29 13:08 . 2015-02-20 02:03 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-03-29 13:08 . 2015-02-20 00:28 296960 ----a-w- c:\windows\system32\atmfd.dll
2015-03-29 13:07 . 2015-01-09 02:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
2015-03-29 13:07 . 2015-01-09 00:18 64000 ----a-w- c:\windows\system32\smss.exe
2015-03-29 13:07 . 2015-02-26 02:01 3604408 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-03-29 13:07 . 2015-02-26 02:01 3552184 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-03-29 13:07 . 2015-01-21 02:02 807936 ----a-w- c:\windows\system32\msctf.dll
2015-03-29 13:06 . 2015-03-06 04:01 279040 ----a-w- c:\windows\system32\schannel.dll
2015-03-29 13:05 . 2014-10-13 01:12 2264064 ----a-w- c:\windows\system32\msi.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-17 15:18 . 2014-03-03 20:16 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-17 15:18 . 2014-03-03 20:16 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-27 17:50 . 2015-03-13 10:05 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-27 17:48 . 2015-03-13 10:04 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-10 11:26 . 2013-09-29 15:54 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-03-10 11:26 . 2013-09-29 15:54 105864 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-02-17 14:04 . 2015-02-17 14:04 1202848 ----a-w- c:\windows\system32\FM20.DLL
2015-02-13 22:12 . 2014-12-19 23:35 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2011-04-14 12:01 . 2015-03-27 18:09 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-07-03 135680]
"MyDriveConnect.exe"="c:\program files\MyDrive Connect\MyDriveConnect.exe" [2014-10-03 1792376]
"MP4 Player"="c:\program files\MP4 Player\mp4Player.exe" [2008-11-06 772096]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-03-25 31682144]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2007-04-16 421888]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2008-11-21 438272]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" [2009-04-23 1011712]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-30 7289376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-21 61440]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-03-06 468320]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-03-31 503808]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-03-23 729088]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-03-29 184320]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-03-24 163840]
"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2009-04-24 1323008]
"TPCHWMsg"="c:\program files\TOSHIBA\TPHM\TPCHWMsg.exe" [2009-04-15 570736]
"NDSTray.exe"="c:\program files\TOSHIBA\ConfigFree\NDSTray.exe" [2009-05-12 299008]
"cfFncEnabler.exe"="c:\program files\TOSHIBA\ConfigFree\cfFncEnabler.exe" [2009-03-24 16384]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-04-16 2513472]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2010-10-26 1050072]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-03-04 96144]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-03-30 1833504]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2015-04-08 726320]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-01-17 421888]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2015-03-16 129272]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-06 157480]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Johanna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-12-19 07:48 1022152 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-27 02:10 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2015-04-06 22:29 157480 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2014-01-17 15:24 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-448599090-1542697344-2977108501-1000]
"EnableNotificationsRef"=dword:00000001
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-03 15:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/webhp?rls=ig
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\eqjf5o0j.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2009-09-18 13:18; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-04-17 18:16
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\atiesrxx.exe
c:\windows\system32\atieclxx.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\TeamViewer\Version4\TeamViewer_Service.exe
c:\program files\Toshiba TEMPRO\TemproSvc.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\TOSHIBA\TECO\TecoService.exe
c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe
c:\program files\TOSHIBA\TPHM\TPCHSrv.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Apoint2K\HidFind.exe
c:\windows\ehome\ehmsas.exe
c:\windows\ehome\ehsched.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\ehome\ehRec.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-04-17 18:21:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-04-17 16:21
.
Vor Suchlauf: 7 Verzeichnis(se), 66.268.442.624 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 69.478.326.272 Bytes frei
.
- - End Of File - - F189334F5C7947655FF591F99D418CBF
5C616939100B85E558DA92B899A0FC36
|
|
| Themen zu Telekom Abuse Team - generic Trojaner/Virus |
| antivir, avast, center, computer, ebanking, einstellungen, folge, frage, generic, infiziert, kopieren, laptop, links, löschen, neue, passwort, problem, programme, prüfen, rechtlich, seite, telekom, tipps, trojaner/virus, viren, virus, wichtig, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
