Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden." (https://www.trojaner-board.de/113339-kein-zugriff-desktop-webseite-angezeigt.html)

justus94 09.04.2012 18:03
Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden."
 
Hallo miteinander :)

Immer wenn ich mein Laptop starte wird nach einiger Zeit (ca 30sek.) der Bildschirm weiß und es steht dort:

"Die Webseite kann nicht angezeigt werden.
Mögliche Vorgehensweise:
Diagnose von Verbindungsproblemen
Weitere Informationen"

Als ich gemerkt habe das da irgendetwas nicht stimmt habe ich sofort W-Lan am Laptop ausgemacht und ihn neugestartet.
Nun tritt der weiße Bildschirm immer wieder auf!

Ich hoffe ich finde hier Hilfe :)

mit lieben Grüßen
justus94

cosinus 09.04.2012 19:31
Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?



Abgesicherter Modus zur Bereinigung
  • Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
  • Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

    Windows im abgesicherten Modusstarten

justus94 10.04.2012 15:21
Ja es funktioniert sowohl der abgesicherte Modus mit Netzwerktreibern und der Internetverbindung!

cosinus 10.04.2012 15:41
Gut, wenn der Modus geht wirst du erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

justus94 11.04.2012 17:42
Hier die Logs von Malwarebytes:

alter Log:
Code:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
griesu :: LAP17 [Administrator]

13.01.2012 18:25:16
mbam-log-2012-01-13 (18-25-16).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 305154
Laufzeit: 5 Stunde(n), 24 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
neuer Log:
Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.10.05

Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
griesu :: LAP17 [Administrator]

10.04.2012 17:04:18
mbam-log-2012-04-10 (17-04-18).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 309198
Laufzeit: 45 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\griesu\AppData\Local\Temp\arg64578.exe (Trojan.Agent.DTGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
nun noch von ESET Online Scanner:

Code:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

cosinus 11.04.2012 18:43
ESET hast du wahrscheinlich falsch falsch gemacht, da gab es extra einen dicken Hinweis zu

Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen

justus94 12.04.2012 19:48
Richtig! Tut mir leid :/


Code:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=86a4219f660957448228db1d2fd08c22
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-12 04:22:12
# local_time=2012-04-12 06:22:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 5879276 5879276 0 0
# compatibility_mode=5892 16776573 100 100 86967 171775629 0 0
# compatibility_mode=8192 67108863 100 0 87329 87329 0 0
# scanned=135544
# found=1
# cleaned=0
# scan_time=4830
C:\Users\griesu\Desktop\MovedFiles.zip        a variant of Win32/Kryptik.YNE trojan (unable to clean)        00000000000000000000000000000000        I

cosinus 12.04.2012 21:22
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

justus94 12.04.2012 21:41
zu 1: Ja ich stelle keine Probleme fest
zu 2: Nee eig. alles da

cosinus 12.04.2012 22:55
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

justus94 14.04.2012 20:15
OTL.txt
Code:
OTL logfile created on: 14.04.2012 20:10:21 - Run 1
OTL by OldTimer - Version 3.2.39.2    Folder = c:\Users\griesu\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 41,80% Memory free
4,21 Gb Paging File | 2,83 Gb Available in Paging File | 67,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,37 Gb Total Space | 49,11 Gb Free Space | 42,20% Space Free | Partition Type: NTFS
Drive E: | 115,05 Gb Total Space | 110,96 Gb Free Space | 96,44% Space Free | Partition Type: NTFS
 
Computer Name: LAP17 | User Name: griesu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.14 20:08:25 | 000,593,920 | ---- | M] (OldTimer Tools) -- c:\Users\griesu\Downloads\OTL.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.15 16:00:00 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.12.15 15:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.15 15:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.12.15 15:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.03 10:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.04.11 08:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.09.28 18:39:22 | 000,185,872 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.01.29 19:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.01.22 14:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2008.01.22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2008.01.09 15:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2007.12.25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2007.12.25 14:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe
PRC - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.10.25 17:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.11.04 02:14:04 | 000,054,272 | ---- | M] () -- C:\Programme\Notepad++\NppShell_01.dll
MOD - [2008.01.22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe
MOD - [2007.12.25 12:03:40 | 000,015,184 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2007.12.14 21:40:00 | 000,090,112 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2007.12.14 21:28:38 | 004,726,784 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2007.09.13 15:11:18 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2006.12.01 18:55:42 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2006.10.10 12:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 12:57:04 | 000,053,248 | ---- | M] () -- c:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.15 15:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.15 15:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.11.16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.12.25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.02.17 00:07:20 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.12.15 16:00:00 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.12.15 16:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.01.21 16:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007.12.28 20:21:54 | 000,104,448 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.12.26 11:20:32 | 000,290,304 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007.12.17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.06.14 14:41:00 | 000,466,048 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
DRV - [2007.06.13 19:30:20 | 000,013,440 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ltn_stkrc.sys -- (Ltn_stkrc)
DRV - [2007.04.23 10:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2007.02.02 18:30:34 | 000,013,696 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PctvVirtualNdis.sys -- (PctvVirtualNdis)
DRV - [2006.11.20 15:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.10.18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {2EA5A1AF-0FBC-4C11-9FB0-C476A04CF36C}
IE - HKLM\..\SearchScopes\{2EA5A1AF-0FBC-4C11-9FB0-C476A04CF36C}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes,DefaultScope = {2EA5A1AF-0FBC-4C11-9FB0-C476A04CF36C}
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes\{2EA5A1AF-0FBC-4C11-9FB0-C476A04CF36C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA_de
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7TSEA_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=1VcF8dWg9I5nQiljIS450880a30?q={searchTerms}
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\griesu\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\griesu\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.09.28 18:39:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.18 16:57:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 09:29:44 | 000,000,000 | ---D | M]
 
[2008.10.28 17:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\griesu\AppData\Roaming\mozilla\Extensions
[2012.03.08 08:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions
[2010.11.07 17:36:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.18 16:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.21 09:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.21 07:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 07:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.21 07:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 07:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 07:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 07:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\griesu\AppData\Local\Google\Chrome\Application\18.0.1025.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\griesu\AppData\Local\Google\Chrome\Application\18.0.1025.152\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\griesu\AppData\Local\Google\Chrome\Application\18.0.1025.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\griesu\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\griesu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\griesu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\griesu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.01.10 22:41:05 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH)
O4 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000..\Run: [Sidebar] C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O15 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DB307EA-C01D-4FEB-B3FE-5DB7CA1CEA6D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDA5B88B-4CEE-4279-8DBC-E34E936F4AFC}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.11 16:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.03.17 21:24:23 | 000,000,000 | ---D | C] -- C:\Users\griesu\Desktop\facharbeit
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.14 20:15:17 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549466931-2409346534-579944023-1000UA.job
[2012.04.14 20:09:52 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.14 20:09:52 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.14 20:09:52 | 000,129,844 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.14 20:09:52 | 000,107,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.14 20:04:24 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.04.14 20:02:54 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.14 20:02:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.14 20:02:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.14 20:02:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.14 20:02:24 | 2136,952,832 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.12 22:46:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.12 22:23:33 | 000,001,356 | ---- | M] () -- C:\Users\griesu\AppData\Local\d3d9caps.dat
[2012.04.11 17:17:52 | 000,002,086 | ---- | M] () -- C:\Users\griesu\Desktop\Google Chrome.lnk
[2012.04.10 16:54:27 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.03 15:11:48 | 000,016,824 | ---- | M] () -- C:\Users\griesu\Desktop\36701.jpg
[2012.03.31 19:04:14 | 000,271,957 | ---- | M] () -- C:\Users\griesu\Desktop\Logo_Friedland_Bremke.JPG
[2012.03.31 04:15:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3549466931-2409346534-579944023-1000Core.job
[2012.03.23 23:52:37 | 000,035,840 | ---- | M] () -- C:\Users\griesu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2012.04.12 22:30:03 | 2136,952,832 | -HS- | C] () -- C:\hiberfil.sys
[2012.04.10 16:54:27 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.03 15:11:56 | 000,016,824 | ---- | C] () -- C:\Users\griesu\Desktop\36701.jpg
[2012.03.31 19:04:23 | 000,271,957 | ---- | C] () -- C:\Users\griesu\Desktop\Logo_Friedland_Bremke.JPG
[2012.01.18 15:22:33 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2010.08.04 21:05:01 | 000,001,356 | ---- | C] () -- C:\Users\griesu\AppData\Local\d3d9caps.dat
 
========== LOP Check ==========
 
[2010.12.30 12:51:45 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\.minecraft
[2012.03.25 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\ICQ
[2008.07.08 18:38:50 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\myphotobook
[2012.01.17 22:42:51 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Nokia
[2010.03.14 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Nokia Ovi Suite
[2010.02.25 17:06:43 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Notepad++
[2009.12.28 01:16:07 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\PC Suite
[2012.04.12 22:50:14 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.12.30 12:51:45 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\.minecraft
[2012.01.22 00:09:58 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Adobe
[2012.02.04 16:59:32 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Avira
[2009.12.29 12:45:02 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\CameraWindowDC
[2009.12.29 12:43:20 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\CANON INC
[2010.12.29 18:33:45 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\dvdcss
[2008.07.07 17:24:47 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Google
[2012.03.25 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\ICQ
[2008.07.06 21:17:29 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Identities
[2008.07.06 21:12:23 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\InstallShield
[2008.07.07 20:45:16 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Macromedia
[2012.01.13 19:23:03 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Media Center Programs
[2012.01.22 00:09:58 | 000,000,000 | --SD | M] -- C:\Users\griesu\AppData\Roaming\Microsoft
[2008.10.28 17:15:41 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Mozilla
[2008.07.08 18:38:50 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\myphotobook
[2012.01.17 22:42:51 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Nokia
[2010.03.14 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Nokia Ovi Suite
[2010.02.25 17:06:43 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Notepad++
[2012.03.19 21:59:02 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\OpenOffice.org2
[2009.12.28 01:16:07 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\PC Suite
[2009.12.05 00:34:21 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\Real
[2011.04.14 18:14:32 | 000,000,000 | RH-D | M] -- C:\Users\griesu\AppData\Roaming\SecuROM
[2011.12.24 01:00:24 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\skypePM
[2009.04.12 21:41:16 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\teamspeak2
[2009.05.08 15:04:02 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\vlc
[2012.02.05 13:58:56 | 000,000,000 | ---D | M] -- C:\Users\griesu\AppData\Roaming\ZoomBrowser EX
 
< %APPDATA%\*.exe /s >
[2007.01.01 18:01:25 | 000,009,728 | ---- | M] () -- C:\Users\griesu\AppData\Roaming\myphotobook\xtras\localVista.exe
[2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\griesu\AppData\Roaming\myphotobook\xtras\localXP.exe
[2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\griesu\AppData\Roaming\myphotobook\xtras\shellExecute.exe
[2006.12.21 13:16:15 | 000,009,216 | ---- | M] () -- C:\Users\griesu\AppData\Roaming\myphotobook\xtras\sleep.exe
[2010.11.19 18:53:16 | 000,094,257 | ---- | M] () -- C:\Users\griesu\AppData\Roaming\Real\RealPlayer\Temp\~Upg0\RNMOREINFO\rnmoreinfo.exe
[2010.02.23 17:41:44 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.03.21 13:39:05 | 000,443,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2011.01.23 19:11:50 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.11.18 11:54:05 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe
[2011.10.23 13:04:58 | 026,533,840 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_data\RealPlayer_de.exe
[2011.10.23 13:02:48 | 000,676,624 | ---- | M] (RealNetworks, Inc.) -- C:\Users\griesu\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\stub_exe\RealPlayer_de.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2007.09.29 23:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\ERDNT\cache\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.06.20 16:17:52 | 000,580,608 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msfeeds.dll
 
<          >

< End of report >

cosinus 15.04.2012 15:51
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
IE - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=1VcF8dWg9I5nQiljIS450880a30?q={searchTerms}
FF - user.js - File not found
[2010.11.07 17:36:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
O3 - HKU\S-1-5-21-3549466931-2409346534-579944023-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

justus94 16.04.2012 09:57
Code:
All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3549466931-2409346534-579944023-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Users\griesu\AppData\Roaming\mozilla\Firefox\Profiles\k2p5k66j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-3549466931-2409346534-579944023-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Picasa Media Detector deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Picasa Media Detector not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: griesu
->Temp folder emptied: 9870864 bytes
->Temporary Internet Files folder emptied: 1409704 bytes
->Java cache emptied: 22326 bytes
->FireFox cache emptied: 48695689 bytes
->Google Chrome cache emptied: 359277215 bytes
->Flash cache emptied: 470 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 28083999 bytes
RecycleBin emptied: 196938 bytes
 
Total Files Cleaned = 427,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: griesu
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.39.2 log created on 04162012_105018

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

cosinus 16.04.2012 11:43
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

justus94 16.04.2012 14:18
Code:
15:12:21.0293 6040        TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
15:12:21.0475 6040        ============================================================
15:12:21.0475 6040        Current date / time: 2012/04/16 15:12:21.0475
15:12:21.0475 6040        SystemInfo:
15:12:21.0475 6040       
15:12:21.0475 6040        OS Version: 6.0.6002 ServicePack: 2.0
15:12:21.0475 6040        Product type: Workstation
15:12:21.0475 6040        ComputerName: LAP17
15:12:21.0475 6040        UserName: griesu
15:12:21.0475 6040        Windows directory: C:\Windows
15:12:21.0475 6040        System windows directory: C:\Windows
15:12:21.0475 6040        Processor architecture: Intel x86
15:12:21.0475 6040        Number of processors: 2
15:12:21.0475 6040        Page size: 0x1000
15:12:21.0475 6040        Boot type: Normal boot
15:12:21.0475 6040        ============================================================
15:12:22.0567 6040        Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:12:22.0569 6040        \Device\Harddisk0\DR0:
15:12:22.0570 6040        MBR used
15:12:22.0570 6040        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xE8BD800
15:12:22.0570 6040        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xEBAC000, BlocksNum 0xE61B800
15:12:22.0638 6040        Initialize success
15:12:22.0638 6040        ============================================================
15:15:22.0818 4960        ============================================================
15:15:22.0818 4960        Scan started
15:15:22.0818 4960        Mode: Manual; SigCheck; TDLFS;
15:15:22.0818 4960        ============================================================
15:15:23.0406 4960        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:15:23.0600 4960        ACPI - ok
15:15:23.0693 4960        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:15:23.0707 4960        AdobeARMservice - ok
15:15:23.0858 4960        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:15:23.0890 4960        adp94xx - ok
15:15:24.0029 4960        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:15:24.0058 4960        adpahci - ok
15:15:24.0154 4960        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:15:24.0177 4960        adpu160m - ok
15:15:24.0197 4960        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:15:24.0222 4960        adpu320 - ok
15:15:24.0305 4960        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:15:24.0413 4960        AeLookupSvc - ok
15:15:24.0547 4960        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:15:24.0596 4960        AFD - ok
15:15:24.0718 4960        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:15:24.0739 4960        agp440 - ok
15:15:24.0844 4960        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:15:24.0866 4960        aic78xx - ok
15:15:24.0909 4960        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:15:25.0020 4960        ALG - ok
15:15:25.0122 4960        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:15:25.0147 4960        aliide - ok
15:15:25.0243 4960        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:15:25.0273 4960        amdagp - ok
15:15:25.0369 4960        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:15:25.0401 4960        amdide - ok
15:15:25.0447 4960        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:15:25.0530 4960        AmdK7 - ok
15:15:25.0609 4960        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
15:15:25.0657 4960        AmdK8 - ok
15:15:25.0844 4960        AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:15:25.0859 4960        AntiVirSchedulerService - ok
15:15:26.0026 4960        AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:15:26.0043 4960        AntiVirService - ok
15:15:26.0146 4960        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:15:26.0202 4960        Appinfo - ok
15:15:26.0313 4960        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:15:26.0340 4960        arc - ok
15:15:26.0426 4960        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:15:26.0454 4960        arcsas - ok
15:15:26.0504 4960        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:15:26.0577 4960        AsyncMac - ok
15:15:26.0655 4960        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:15:26.0681 4960        atapi - ok
15:15:26.0774 4960        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:15:26.0843 4960        AudioEndpointBuilder - ok
15:15:26.0858 4960        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:15:26.0914 4960        Audiosrv - ok
15:15:27.0011 4960        avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
15:15:27.0085 4960        avgntflt - ok
15:15:27.0198 4960        avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
15:15:27.0234 4960        avipbb - ok
15:15:27.0305 4960        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
15:15:27.0339 4960        avkmgr - ok
15:15:27.0437 4960        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:15:27.0533 4960        Beep - ok
15:15:27.0614 4960        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:15:27.0677 4960        BFE - ok
15:15:27.0782 4960        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
15:15:27.0885 4960        BITS - ok
15:15:27.0983 4960        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:15:28.0031 4960        blbdrive - ok
15:15:28.0085 4960        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:15:28.0129 4960        bowser - ok
15:15:28.0218 4960        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:15:28.0272 4960        BrFiltLo - ok
15:15:28.0312 4960        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:15:28.0373 4960        BrFiltUp - ok
15:15:28.0445 4960        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:15:28.0501 4960        Browser - ok
15:15:28.0571 4960        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:15:28.0776 4960        Brserid - ok
15:15:28.0867 4960        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:15:28.0945 4960        BrSerWdm - ok
15:15:28.0984 4960        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:15:29.0073 4960        BrUsbMdm - ok
15:15:29.0157 4960        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:15:29.0230 4960        BrUsbSer - ok
15:15:29.0273 4960        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:15:29.0361 4960        BTHMODEM - ok
15:15:29.0451 4960        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:15:29.0514 4960        cdfs - ok
15:15:29.0575 4960        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:15:29.0620 4960        cdrom - ok
15:15:29.0714 4960        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:15:29.0767 4960        CertPropSvc - ok
15:15:29.0859 4960        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
15:15:29.0907 4960        circlass - ok
15:15:29.0994 4960        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:15:30.0028 4960        CLFS - ok
15:15:30.0109 4960        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:15:30.0133 4960        clr_optimization_v2.0.50727_32 - ok
15:15:30.0263 4960        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:15:30.0288 4960        clr_optimization_v4.0.30319_32 - ok
15:15:30.0398 4960        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:15:30.0472 4960        CmBatt - ok
15:15:30.0519 4960        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:15:30.0550 4960        cmdide - ok
15:15:30.0623 4960        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:15:30.0654 4960        Compbatt - ok
15:15:30.0670 4960        COMSysApp - ok
15:15:30.0760 4960        ConfigFree Service (596e452b5152ec9afe8153d296459d2b) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:15:30.0787 4960        ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
15:15:30.0787 4960        ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
15:15:30.0875 4960        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:15:30.0909 4960        crcdisk - ok
15:15:30.0940 4960        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:15:31.0028 4960        Crusoe - ok
15:15:31.0123 4960        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:15:31.0190 4960        CryptSvc - ok
15:15:31.0261 4960        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:15:31.0354 4960        DcomLaunch - ok
15:15:31.0441 4960        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:15:31.0478 4960        DfsC - ok
15:15:31.0585 4960        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:15:31.0708 4960        DFSR - ok
15:15:31.0825 4960        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:15:31.0870 4960        Dhcp - ok
15:15:31.0914 4960        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:15:31.0936 4960        disk - ok
15:15:32.0016 4960        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:15:32.0062 4960        Dnscache - ok
15:15:32.0131 4960        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:15:32.0176 4960        dot3svc - ok
15:15:32.0246 4960        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:15:32.0296 4960        DPS - ok
15:15:32.0376 4960        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:15:32.0439 4960        drmkaud - ok
15:15:32.0538 4960        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:15:32.0603 4960        DXGKrnl - ok
15:15:32.0708 4960        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:15:32.0789 4960        E1G60 - ok
15:15:32.0837 4960        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:15:32.0917 4960        EapHost - ok
15:15:33.0035 4960        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:15:33.0063 4960        Ecache - ok
15:15:33.0124 4960        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:15:33.0144 4960        ehRecvr - ok
15:15:33.0169 4960        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:15:33.0204 4960        ehSched - ok
15:15:33.0222 4960        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:15:33.0249 4960        ehstart - ok
15:15:33.0334 4960        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:15:33.0362 4960        elxstor - ok
15:15:33.0466 4960        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:15:33.0547 4960        EMDMgmt - ok
15:15:33.0649 4960        ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
15:15:33.0695 4960        ErrDev - ok
15:15:33.0768 4960        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:15:33.0797 4960        EventSystem - ok
15:15:33.0887 4960        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:15:33.0926 4960        exfat - ok
15:15:34.0012 4960        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:15:34.0064 4960        fastfat - ok
15:15:34.0122 4960        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:15:34.0178 4960        fdc - ok
15:15:34.0242 4960        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:15:34.0288 4960        fdPHost - ok
15:15:34.0328 4960        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:15:34.0422 4960        FDResPub - ok
15:15:34.0463 4960        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:15:34.0489 4960        FileInfo - ok
15:15:34.0560 4960        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:15:34.0620 4960        Filetrace - ok
15:15:34.0775 4960        FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
15:15:34.0995 4960        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
15:15:34.0995 4960        FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
15:15:35.0092 4960        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:15:35.0174 4960        flpydisk - ok
15:15:35.0232 4960        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:15:35.0271 4960        FltMgr - ok
15:15:35.0383 4960        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:15:35.0449 4960        FontCache - ok
15:15:35.0572 4960        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:15:35.0586 4960        FontCache3.0.0.0 - ok
15:15:35.0644 4960        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:15:35.0686 4960        Fs_Rec - ok
15:15:35.0740 4960        FwLnk          (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
15:15:35.0761 4960        FwLnk - ok
15:15:35.0827 4960        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:15:35.0843 4960        gagp30kx - ok
15:15:35.0958 4960        GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
15:15:35.0973 4960        GoogleDesktopManager-051210-111108 - ok
15:15:36.0066 4960        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:15:36.0188 4960        gpsvc - ok
15:15:36.0295 4960        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:15:36.0317 4960        gupdate - ok
15:15:36.0330 4960        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:15:36.0350 4960        gupdatem - ok
15:15:36.0462 4960        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
15:15:36.0592 4960        HdAudAddService - ok
15:15:36.0698 4960        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:15:36.0766 4960        HDAudBus - ok
15:15:36.0849 4960        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:15:36.0962 4960        HidBth - ok
15:15:36.0985 4960        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:15:37.0050 4960        HidIr - ok
15:15:37.0125 4960        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
15:15:37.0158 4960        hidserv - ok
15:15:37.0211 4960        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:15:37.0236 4960        HidUsb - ok
15:15:37.0301 4960        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:15:37.0346 4960        hkmsvc - ok
15:15:37.0395 4960        HpCISSs        (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:15:37.0417 4960        HpCISSs - ok
15:15:37.0511 4960        HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:15:37.0563 4960        HSFHWAZL - ok
15:15:37.0624 4960        HSF_DPV        (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:15:37.0707 4960        HSF_DPV - ok
15:15:37.0822 4960        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:15:37.0913 4960        HTTP - ok
15:15:38.0009 4960        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:15:38.0033 4960        i2omp - ok
15:15:38.0076 4960        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:15:38.0138 4960        i8042prt - ok
15:15:38.0252 4960        iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
15:15:38.0297 4960        iaStor - ok
15:15:38.0349 4960        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:15:38.0390 4960        iaStorV - ok
15:15:38.0498 4960        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:15:38.0547 4960        idsvc - ok
15:15:38.0673 4960        igfx            (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:15:38.0825 4960        igfx - ok
15:15:38.0911 4960        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:15:38.0931 4960        iirsp - ok
15:15:39.0002 4960        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:15:39.0066 4960        IKEEXT - ok
15:15:39.0216 4960        IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
15:15:39.0333 4960        IntcAzAudAddService - ok
15:15:39.0436 4960        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:15:39.0459 4960        intelide - ok
15:15:39.0514 4960        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:15:39.0565 4960        intelppm - ok
15:15:39.0598 4960        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:15:39.0662 4960        IPBusEnum - ok
15:15:39.0743 4960        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:15:39.0808 4960        IpFilterDriver - ok
15:15:39.0862 4960        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:15:39.0925 4960        iphlpsvc - ok
15:15:40.0021 4960        IpInIp - ok
15:15:40.0101 4960        IPMIDRV        (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:15:40.0164 4960        IPMIDRV - ok
15:15:40.0203 4960        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:15:40.0280 4960        IPNAT - ok
15:15:40.0355 4960        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:15:40.0417 4960        IRENUM - ok
15:15:40.0461 4960        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:15:40.0494 4960        isapnp - ok
15:15:40.0549 4960        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:15:40.0588 4960        iScsiPrt - ok
15:15:40.0656 4960        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:15:40.0687 4960        iteatapi - ok
15:15:40.0725 4960        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:15:40.0755 4960        iteraid - ok
15:15:40.0787 4960        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:15:40.0818 4960        kbdclass - ok
15:15:40.0848 4960        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:15:40.0889 4960        kbdhid - ok
15:15:40.0954 4960        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:15:41.0000 4960        KeyIso - ok
15:15:41.0054 4960        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:15:41.0085 4960        KSecDD - ok
15:15:41.0181 4960        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:15:41.0287 4960        KtmRm - ok
15:15:41.0364 4960        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
15:15:41.0388 4960        LanmanServer - ok
15:15:41.0454 4960        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:15:41.0490 4960        LanmanWorkstation - ok
15:15:41.0574 4960        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:15:41.0636 4960        lltdio - ok
15:15:41.0703 4960        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:15:41.0766 4960        lltdsvc - ok
15:15:41.0820 4960        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:15:41.0924 4960        lmhosts - ok
15:15:41.0975 4960        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:15:42.0009 4960        LSI_FC - ok
15:15:42.0080 4960        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:15:42.0115 4960        LSI_SAS - ok
15:15:42.0179 4960        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:15:42.0213 4960        LSI_SCSI - ok
15:15:42.0314 4960        Ltn_stk7070P    (23b55d27a0afb7fe9cbcb20b617cc168) C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys
15:15:42.0400 4960        Ltn_stk7070P - ok
15:15:42.0529 4960        Ltn_stkrc      (1fa7503d019291c027fedae509bc5500) C:\Windows\system32\DRIVERS\Ltn_stkrc.sys
15:15:42.0568 4960        Ltn_stkrc - ok
15:15:42.0618 4960        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:15:42.0695 4960        luafv - ok
15:15:42.0778 4960        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:15:42.0822 4960        Mcx2Svc - ok
15:15:42.0853 4960        mdmxsdk - ok
15:15:42.0925 4960        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:15:42.0942 4960        megasas - ok
15:15:42.0997 4960        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:15:43.0026 4960        MegaSR - ok
15:15:43.0107 4960        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:15:43.0152 4960        MMCSS - ok
15:15:43.0190 4960        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:15:43.0239 4960        Modem - ok
15:15:43.0314 4960        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:15:43.0360 4960        monitor - ok
15:15:43.0398 4960        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:15:43.0414 4960        mouclass - ok
15:15:43.0437 4960        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:15:43.0484 4960        mouhid - ok
15:15:43.0560 4960        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:15:43.0586 4960        MountMgr - ok
15:15:43.0630 4960        mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:15:43.0648 4960        mpio - ok
15:15:43.0671 4960        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:15:43.0708 4960        mpsdrv - ok
15:15:43.0781 4960        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:15:43.0833 4960        MpsSvc - ok
15:15:43.0893 4960        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:15:43.0911 4960        Mraid35x - ok
15:15:43.0991 4960        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:15:44.0030 4960        MRxDAV - ok
15:15:44.0080 4960        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:15:44.0123 4960        mrxsmb - ok
15:15:44.0217 4960        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:15:44.0259 4960        mrxsmb10 - ok
15:15:44.0306 4960        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:15:44.0346 4960        mrxsmb20 - ok
15:15:44.0420 4960        msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
15:15:44.0445 4960        msahci - ok
15:15:44.0481 4960        msdsm          (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:15:44.0509 4960        msdsm - ok
15:15:44.0552 4960        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:15:44.0616 4960        MSDTC - ok
15:15:44.0704 4960        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:15:44.0759 4960        Msfs - ok
15:15:44.0843 4960        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:15:44.0867 4960        msisadrv - ok
15:15:44.0976 4960        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:15:45.0061 4960        MSiSCSI - ok
15:15:45.0091 4960        msiserver - ok
15:15:45.0178 4960        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:15:45.0254 4960        MSKSSRV - ok
15:15:45.0298 4960        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:15:45.0359 4960        MSPCLOCK - ok
15:15:45.0418 4960        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:15:45.0496 4960        MSPQM - ok
15:15:45.0561 4960        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:15:45.0600 4960        MsRPC - ok
15:15:45.0666 4960        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:15:45.0697 4960        mssmbios - ok
15:15:45.0744 4960        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:15:45.0779 4960        MSTEE - ok
15:15:45.0815 4960        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:15:45.0833 4960        Mup - ok
15:15:45.0867 4960        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:15:45.0908 4960        napagent - ok
15:15:46.0006 4960        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:15:46.0025 4960        NativeWifiP - ok
15:15:46.0080 4960        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:15:46.0135 4960        NDIS - ok
15:15:46.0217 4960        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:15:46.0257 4960        NdisTapi - ok
15:15:46.0290 4960        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:15:46.0327 4960        Ndisuio - ok
15:15:46.0412 4960        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:15:46.0446 4960        NdisWan - ok
15:15:46.0508 4960        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:15:46.0549 4960        NDProxy - ok
15:15:46.0586 4960        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:15:46.0647 4960        NetBIOS - ok
15:15:46.0725 4960        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:15:46.0778 4960        netbt - ok
15:15:46.0821 4960        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:15:46.0847 4960        Netlogon - ok
15:15:46.0905 4960        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:15:46.0973 4960        Netman - ok
15:15:47.0015 4960        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:15:47.0063 4960        netprofm - ok
15:15:47.0196 4960        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:15:47.0213 4960        NetTcpPortSharing - ok
15:15:47.0363 4960        NETw3v32        (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
15:15:47.0640 4960        NETw3v32 - ok
15:15:47.0722 4960        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:15:47.0745 4960        nfrd960 - ok
15:15:47.0791 4960        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:15:47.0843 4960        NlaSvc - ok
15:15:47.0930 4960        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:15:47.0974 4960        Npfs - ok
15:15:48.0003 4960        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:15:48.0060 4960        nsi - ok
15:15:48.0135 4960        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:15:48.0213 4960        nsiproxy - ok
15:15:48.0299 4960        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:15:48.0429 4960        Ntfs - ok
15:15:48.0520 4960        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:15:48.0629 4960        ntrigdigi - ok
15:15:48.0671 4960        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:15:48.0712 4960        Null - ok
15:15:48.0745 4960        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:15:48.0764 4960        nvraid - ok
15:15:48.0836 4960        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:15:48.0853 4960        nvstor - ok
15:15:48.0888 4960        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:15:48.0906 4960        nv_agp - ok
15:15:48.0918 4960        NwlnkFlt - ok
15:15:48.0934 4960        NwlnkFwd - ok
15:15:48.0972 4960        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:15:49.0026 4960        ohci1394 - ok
15:15:49.0130 4960        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:15:49.0182 4960        p2pimsvc - ok
15:15:49.0230 4960        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:15:49.0336 4960        p2psvc - ok
15:15:49.0443 4960        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:15:49.0498 4960        Parport - ok
15:15:49.0553 4960        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:15:49.0571 4960        partmgr - ok
15:15:49.0595 4960        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:15:49.0660 4960        Parvdm - ok
15:15:49.0733 4960        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:15:49.0763 4960        PcaSvc - ok
15:15:49.0820 4960        pccsmcfd - ok
15:15:49.0870 4960        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:15:49.0895 4960        pci - ok
15:15:49.0992 4960        pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
15:15:50.0011 4960        pciide - ok
15:15:50.0063 4960        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:15:50.0090 4960        pcmcia - ok
15:15:50.0170 4960        PctvVirtualNdis (eedb845b7648d6fd632ddb8744892743) C:\Windows\system32\DRIVERS\PctvVirtualNdis.sys
15:15:50.0227 4960        PctvVirtualNdis - ok
15:15:50.0343 4960        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:15:50.0633 4960        PEAUTH - ok
15:15:50.0782 4960        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:15:50.0916 4960        pla - ok
15:15:51.0003 4960        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:15:51.0034 4960        PlugPlay - ok
15:15:51.0098 4960        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:15:51.0136 4960        PNRPAutoReg - ok
15:15:51.0160 4960        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:15:51.0266 4960        PNRPsvc - ok
15:15:51.0372 4960        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:15:51.0468 4960        PolicyAgent - ok
15:15:51.0560 4960        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:15:51.0621 4960        PptpMiniport - ok
15:15:51.0659 4960        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
15:15:51.0717 4960        Processor - ok
15:15:51.0794 4960        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:15:51.0836 4960        ProfSvc - ok
15:15:51.0876 4960        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:15:51.0902 4960        ProtectedStorage - ok
15:15:51.0980 4960        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:15:52.0029 4960        PSched - ok
15:15:52.0098 4960        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:15:52.0226 4960        ql2300 - ok
15:15:52.0324 4960        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:15:52.0357 4960        ql40xx - ok
15:15:52.0410 4960        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:15:52.0471 4960        QWAVE - ok
15:15:52.0552 4960        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:15:52.0587 4960        QWAVEdrv - ok
15:15:52.0617 4960        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:15:52.0690 4960        RasAcd - ok
15:15:52.0740 4960        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:15:52.0821 4960        RasAuto - ok
15:15:52.0891 4960        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:15:52.0961 4960        Rasl2tp - ok
15:15:53.0029 4960        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:15:53.0103 4960        RasMan - ok
15:15:53.0183 4960        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:15:53.0248 4960        RasPppoe - ok
15:15:53.0293 4960        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:15:53.0326 4960        RasSstp - ok
15:15:53.0412 4960        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:15:53.0479 4960        rdbss - ok
15:15:53.0522 4960        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:15:53.0597 4960        RDPCDD - ok
15:15:53.0691 4960        rdpdr          (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:15:53.0761 4960        rdpdr - ok
15:15:53.0843 4960        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:15:53.0917 4960        RDPENCDD - ok
15:15:53.0980 4960        RDPWD          (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:15:54.0022 4960        RDPWD - ok
15:15:54.0101 4960        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:15:54.0133 4960        RemoteAccess - ok
15:15:54.0185 4960        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:15:54.0212 4960        RemoteRegistry - ok
15:15:54.0277 4960        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:15:54.0305 4960        RpcLocator - ok
15:15:54.0369 4960        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:15:54.0413 4960        RpcSs - ok
15:15:54.0486 4960        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:15:54.0533 4960        rspndr - ok
15:15:54.0582 4960        RTL8169        (8cca591019216e9523e3cb385ce643e6) C:\Windows\system32\DRIVERS\Rtlh86.sys
15:15:54.0628 4960        RTL8169 - ok
15:15:54.0746 4960        RTL8187B        (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
15:15:54.0791 4960        RTL8187B - ok
15:15:54.0865 4960        RtlProt        (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
15:15:54.0884 4960        RtlProt - ok
15:15:54.0953 4960        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:15:54.0976 4960        SamSs - ok
15:15:55.0075 4960        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:15:55.0095 4960        sbp2port - ok
15:15:55.0191 4960        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:15:55.0233 4960        SCardSvr - ok
15:15:55.0331 4960        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:15:55.0394 4960        Schedule - ok
15:15:55.0501 4960        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:15:55.0558 4960        SCPolicySvc - ok
15:15:55.0620 4960        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:15:55.0664 4960        SDRSVC - ok
15:15:55.0745 4960        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:15:55.0806 4960        secdrv - ok
15:15:55.0849 4960        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:15:55.0881 4960        seclogon - ok
15:15:55.0946 4960        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
15:15:55.0995 4960        SENS - ok
15:15:56.0045 4960        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:15:56.0097 4960        Serenum - ok
15:15:56.0162 4960        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:15:56.0224 4960        Serial - ok
15:15:56.0264 4960        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:15:56.0296 4960        sermouse - ok
15:15:56.0342 4960        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:15:56.0375 4960        SessionEnv - ok
15:15:56.0447 4960        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
15:15:56.0478 4960        sffdisk - ok
15:15:56.0509 4960        sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:15:56.0548 4960        sffp_mmc - ok
15:15:56.0561 4960        sffp_sd        (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
15:15:56.0606 4960        sffp_sd - ok
15:15:56.0679 4960        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:15:56.0743 4960        sfloppy - ok
15:15:56.0791 4960        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:15:56.0835 4960        SharedAccess - ok
15:15:56.0910 4960        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
15:15:56.0931 4960        ShellHWDetection - ok
15:15:56.0983 4960        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:15:57.0004 4960        sisagp - ok
15:15:57.0022 4960        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:15:57.0045 4960        SiSRaid2 - ok
15:15:57.0063 4960        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:15:57.0085 4960        SiSRaid4 - ok
15:15:57.0258 4960        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:15:57.0516 4960        slsvc - ok
15:15:57.0624 4960        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:15:57.0678 4960        SLUINotify - ok
15:15:57.0739 4960        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:15:57.0794 4960        Smb - ok
15:15:57.0867 4960        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:15:57.0893 4960        SNMPTRAP - ok
15:15:57.0950 4960        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:15:57.0975 4960        spldr - ok
15:15:58.0024 4960        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:15:58.0065 4960        Spooler - ok
15:15:58.0151 4960        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:15:58.0199 4960        srv - ok
15:15:58.0251 4960        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:15:58.0310 4960        srv2 - ok
15:15:58.0400 4960        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:15:58.0434 4960        srvnet - ok
15:15:58.0476 4960        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:15:58.0523 4960        SSDPSRV - ok
15:15:58.0610 4960        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
15:15:58.0622 4960        ssmdrv - ok
15:15:58.0681 4960        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:15:58.0716 4960        SstpSvc - ok
15:15:58.0797 4960        StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
15:15:58.0839 4960        StillCam - ok
15:15:58.0920 4960        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:15:58.0960 4960        stisvc - ok
15:15:59.0045 4960        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:15:59.0069 4960        swenum - ok
15:15:59.0140 4960        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:15:59.0198 4960        swprv - ok
15:15:59.0268 4960        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:15:59.0302 4960        Symc8xx - ok
15:15:59.0337 4960        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:15:59.0361 4960        Sym_hi - ok
15:15:59.0391 4960        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:15:59.0406 4960        Sym_u3 - ok
15:15:59.0439 4960        SynTP          (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
15:15:59.0458 4960        SynTP - ok
15:15:59.0541 4960        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:15:59.0604 4960        SysMain - ok
15:15:59.0673 4960        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:15:59.0706 4960        TabletInputService - ok
15:15:59.0769 4960        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:15:59.0815 4960        TapiSrv - ok
15:15:59.0895 4960        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:15:59.0966 4960        TBS - ok
15:16:00.0104 4960        Tcpip          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
15:16:00.0190 4960        Tcpip - ok
15:16:00.0372 4960        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
15:16:00.0517 4960        Tcpip6 - ok
15:16:00.0618 4960        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
15:16:00.0654 4960        tcpipreg - ok
15:16:00.0696 4960        tdcmdpst        (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
15:16:00.0741 4960        tdcmdpst - ok
15:16:00.0781 4960        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:16:00.0813 4960        TDPIPE - ok
15:16:00.0888 4960        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:16:00.0926 4960        TDTCP - ok
15:16:00.0973 4960        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:16:00.0999 4960        tdx - ok
15:16:01.0071 4960        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:16:01.0088 4960        TermDD - ok
15:16:01.0148 4960        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:16:01.0220 4960        TermService - ok
15:16:01.0299 4960        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
15:16:01.0328 4960        Themes - ok
15:16:01.0373 4960        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:16:01.0414 4960        THREADORDER - ok
15:16:01.0469 4960        TODDSrv        (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
15:16:01.0494 4960        TODDSrv - ok
15:16:01.0618 4960        TosCoSrv        (da6903958cbdc091ffcbbca70ccff34c) c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:16:01.0680 4960        TosCoSrv - ok
15:16:01.0727 4960        TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
15:16:01.0767 4960        TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
15:16:01.0767 4960        TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
15:16:01.0870 4960        tos_sps32      (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
15:16:01.0900 4960        tos_sps32 - ok
15:16:01.0969 4960        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:16:02.0002 4960        TrkWks - ok
15:16:02.0076 4960        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:16:02.0113 4960        TrustedInstaller - ok
15:16:02.0161 4960        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:16:02.0216 4960        tssecsrv - ok
15:16:02.0287 4960        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:16:02.0322 4960        tunmp - ok
15:16:02.0374 4960        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:16:02.0396 4960        tunnel - ok
15:16:02.0473 4960        TVALZ          (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:16:02.0495 4960        TVALZ - ok
15:16:02.0543 4960        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:16:02.0569 4960        uagp35 - ok
15:16:02.0617 4960        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:16:02.0660 4960        udfs - ok
15:16:02.0724 4960        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:16:02.0788 4960        UI0Detect - ok
15:16:02.0854 4960        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:16:02.0887 4960        uliagpkx - ok
15:16:02.0970 4960        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:16:03.0012 4960        uliahci - ok
15:16:03.0104 4960        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:16:03.0137 4960        UlSata - ok
15:16:03.0170 4960        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:16:03.0204 4960        ulsata2 - ok
15:16:03.0228 4960        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:16:03.0297 4960        umbus - ok
15:16:03.0371 4960        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:16:03.0408 4960        upnphost - ok
15:16:03.0452 4960        upperdev - ok
15:16:03.0491 4960        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:16:03.0519 4960        usbccgp - ok
15:16:03.0591 4960        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:16:03.0661 4960        usbcir - ok
15:16:03.0722 4960        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:16:03.0752 4960        usbehci - ok
15:16:03.0839 4960        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:16:03.0879 4960        usbhub - ok
15:16:03.0921 4960        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:16:03.0973 4960        usbohci - ok
15:16:04.0067 4960        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:16:04.0098 4960        usbprint - ok
15:16:04.0141 4960        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:16:04.0177 4960        USBSTOR - ok
15:16:04.0248 4960        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:16:04.0281 4960        usbuhci - ok
15:16:04.0319 4960        usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:16:04.0359 4960        usbvideo - ok
15:16:04.0437 4960        UVCFTR          (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
15:16:04.0457 4960        UVCFTR - ok
15:16:04.0506 4960        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:16:04.0533 4960        UxSms - ok
15:16:04.0617 4960        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:16:04.0655 4960        vds - ok
15:16:04.0715 4960        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:16:04.0761 4960        vga - ok
15:16:04.0841 4960        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:16:04.0894 4960        VgaSave - ok
15:16:04.0995 4960        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:16:05.0015 4960        viaagp - ok
15:16:05.0100 4960        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:16:05.0148 4960        ViaC7 - ok
15:16:05.0179 4960        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:16:05.0202 4960        viaide - ok
15:16:05.0235 4960        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:16:05.0260 4960        volmgr - ok
15:16:05.0335 4960        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:16:05.0371 4960        volmgrx - ok
15:16:05.0457 4960        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:16:05.0491 4960        volsnap - ok
15:16:05.0586 4960        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:16:05.0622 4960        vsmraid - ok
15:16:05.0729 4960        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:16:05.0898 4960        VSS - ok
15:16:05.0985 4960        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:16:06.0046 4960        W32Time - ok
15:16:06.0108 4960        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:16:06.0223 4960        WacomPen - ok
15:16:06.0312 4960        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:16:06.0339 4960        Wanarp - ok
15:16:06.0346 4960        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:16:06.0374 4960        Wanarpv6 - ok
15:16:06.0430 4960        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:16:06.0470 4960        wcncsvc - ok
15:16:06.0544 4960        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:16:06.0572 4960        WcsPlugInService - ok
15:16:06.0624 4960        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:16:06.0640 4960        Wd - ok
15:16:06.0681 4960        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:16:06.0714 4960        Wdf01000 - ok
15:16:06.0768 4960        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:16:06.0820 4960        WdiServiceHost - ok
15:16:06.0829 4960        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:16:06.0863 4960        WdiSystemHost - ok
15:16:06.0927 4960        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:16:06.0984 4960        WebClient - ok
15:16:07.0055 4960        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:16:07.0081 4960        Wecsvc - ok
15:16:07.0136 4960        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:16:07.0180 4960        wercplsupport - ok
15:16:07.0256 4960        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:16:07.0291 4960        WerSvc - ok
15:16:07.0382 4960        winachsf        (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:16:07.0452 4960        winachsf - ok
15:16:07.0529 4960        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:16:07.0559 4960        WinDefend - ok
15:16:07.0574 4960        WinHttpAutoProxySvc - ok
15:16:07.0670 4960        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:16:07.0723 4960        Winmgmt - ok
15:16:07.0833 4960        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:16:07.0941 4960        WinRM - ok
15:16:08.0063 4960        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:16:08.0114 4960        Wlansvc - ok
15:16:08.0169 4960        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
15:16:08.0204 4960        WmiAcpi - ok
15:16:08.0302 4960        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:16:08.0344 4960        wmiApSrv - ok
15:16:08.0441 4960        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:16:08.0485 4960        WMPNetworkSvc - ok
15:16:08.0576 4960        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:16:08.0603 4960        WPCSvc - ok
15:16:08.0661 4960        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:16:08.0694 4960        WPDBusEnum - ok
15:16:08.0786 4960        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:16:08.0804 4960        WpdUsb - ok
15:16:08.0938 4960        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:16:08.0976 4960        WPFFontCache_v0400 - ok
15:16:09.0061 4960        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:16:09.0116 4960        ws2ifsl - ok
15:16:09.0147 4960        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
15:16:09.0181 4960        wscsvc - ok
15:16:09.0235 4960        WSearch - ok
15:16:09.0396 4960        wuauserv        (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:16:09.0516 4960        wuauserv - ok
15:16:09.0606 4960        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:16:09.0666 4960        WUDFRd - ok
15:16:09.0717 4960        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:16:09.0787 4960        wudfsvc - ok
15:16:09.0830 4960        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:16:10.0034 4960        \Device\Harddisk0\DR0 - ok
15:16:10.0038 4960        Boot (0x1200)  (02586d450b783f03b25ee3d1b0148d07) \Device\Harddisk0\DR0\Partition0
15:16:10.0040 4960        \Device\Harddisk0\DR0\Partition0 - ok
15:16:10.0065 4960        Boot (0x1200)  (42276976273fce3778fb37a415ca0f6e) \Device\Harddisk0\DR0\Partition1
15:16:10.0066 4960        \Device\Harddisk0\DR0\Partition1 - ok
15:16:10.0067 4960        ============================================================
15:16:10.0068 4960        Scan finished
15:16:10.0068 4960        ============================================================
15:16:10.0084 6072        Detected object count: 3
15:16:10.0084 6072        Actual detected object count: 3
15:16:50.0157 6072        ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:50.0157 6072        ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:16:50.0158 6072        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:50.0158 6072        FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:16:50.0164 6072        TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:16:50.0164 6072        TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:59 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129