|
GVU Trojaner Hallo, ich habe mir gerade den GVU Trojaner eingefangen. Ich habe natürlich nicht bezahlt und habe es irgendwie hinbekommen (keine Ahnung wie), dass ich die Sperrung umgehen konnte und eine Systemwiederherstellung durchführen konnte. Nun geht auch alles wieder. Aber woher weiß ich, ob der Trojaner auch wirklich weg ist? Ich lasse gerade Antivir drüber laufen, aber das hat mich schließlich auch nicht davor geschützt, den Trojaner zu bekommen, ob wohl die Updates sich immer automatisch downloaden. Meine externe Festplatte war zum Zeitpunkt des Befalls auch angeschlossen (oder zumindest zu dem Zeitpunkt, als der Laptop gesperrt wurde). Muss ich nun wirklich alles Passwörter usw. ändern? Vielen Dank für Eure Hilfe. Grüße Steffi117 |
:hallo: Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. 2. Schritt Systemscan mit OTL (bebilderte Anleitung) |
Hallo, vielen Dank für Deine schnelle Hilfe. Hier die Logfile von Malwarebytes Anti-Malware: Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.28.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Steffi :: STEFFI-TOSH [Administrator] Schutz: Aktiviert 28.08.2012 19:01:30 mbam-log-2012-08-28 (20-55-34).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 462287 Laufzeit: 1 Stunde(n), 53 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKCU\Software\--((Mutex))-- (Trojan.Agent) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\XTREMERAT (Malware.Trace) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|HKCU (Backdoor.HMCPol.Gen) -> Daten: %win% -> Keine Aktion durchgeführt. HKCU\Software\XtremeRAT|Mutex (Malware.Trace) -> Daten: --((Mutex))-- -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Program Files\SlySoft Software Collection\CloneCD 5.3.1.4\keygen.exe (RiskWare.Tool.CK) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Cryptload_1.1.8\Cryptload 1.1.8\Cryptload1.1.8\router\FRITZ!Box\nc.exe (PUP.Netcat) -> Keine Aktion durchgeführt. C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\--((Mutex))--.dat (Malware.Trace) -> Keine Aktion durchgeführt. (Ende) Und hier die Logfiles von OTL: OTL Logfile: Code: OTL logfile created on: 28.08.2012 21:04:49 - Run 1OTL Logfile: Code: OTL Extras logfile created on: 28.08.2012 21:04:49 - Run 1Vielen Dank. |
Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code: :OTL
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |
Code: All processes killed |
Sehr gut! :daumenhoc Wie laeuft der Rechner? 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: 2. Schritt Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
Danke Dir :-) Rechner läuft ganz normal. Malwarebytes Anti-Malware (Test) 1.62.0.1300 Malwarebytes : Free anti-malware download Datenbank Version: v2012.08.29.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Steffi :: STEFFI-TOSH [Administrator] Schutz: Aktiviert 29.08.2012 19:24:24 mbam-log-2012-08-29 (21-12-16).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 462262 Laufzeit: 1 Stunde(n), 44 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Program Files (x86)\Cryptload_1.1.8\Cryptload 1.1.8\Cryptload1.1.8\router\FRITZ!Box\nc.exe (PUP.Netcat) -> Keine Aktion durchgeführt. (Ende) # AdwCleaner v1.801 - Logfile created 08/29/2012 at 21:13:28 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Steffi - STEFFI-TOSH # Boot Mode : Normal # Running from : C:\Users\Steffi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20UI6UU8\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\Steffi\AppData\Local\Conduit Folder Found : C:\Users\Steffi\AppData\Local\Ilivid Player Folder Found : C:\Users\Steffi\AppData\Local\OpenCandy Folder Found : C:\Users\Steffi\AppData\LocalLow\Conduit Folder Found : C:\Users\Steffi\AppData\LocalLow\pdfforge Folder Found : C:\Users\Steffi\AppData\LocalLow\PriceGong Folder Found : C:\Users\Steffi\AppData\LocalLow\Search Settings Folder Found : C:\Users\Steffi\AppData\LocalLow\searchquband Folder Found : C:\Users\Steffi\AppData\LocalLow\Searchqutoolbar Folder Found : C:\Users\Steffi\AppData\LocalLow\Toolbar4 Folder Found : C:\Users\Steffi\AppData\LocalLow\WiseConvert Folder Found : C:\Users\Steffi\AppData\Roaming\Babylon Folder Found : C:\Users\Steffi\AppData\Roaming\kikin Folder Found : C:\Users\Steffi\AppData\Roaming\OpenCandy Folder Found : C:\Users\Steffi\AppData\Roaming\pdfforge Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\boost_interprocess Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid Folder Found : C:\Program Files (x86)\Application Updater Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\Program Files (x86)\kikin Folder Found : C:\Program Files (x86)\Searchqu Toolbar Folder Found : C:\Program Files (x86)\Common Files\spigot File Found : C:\Program Files (x86)\Mozilla Firefox\.autoreg ***** [Registry] ***** [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3196716 Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\AVG Secure Search Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\DataMngr_Toolbar Key Found : HKCU\Software\IGearSettings Key Found : HKCU\Software\pdfforge Key Found : HKCU\Software\Search Settings Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\SweetIm Key Found : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1 Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1 Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1 Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1 Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Key Found : HKLM\SOFTWARE\Conduit Key Found : HKLM\SOFTWARE\DataMngr Key Found : HKLM\SOFTWARE\Iminent Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar Key Found : HKLM\SOFTWARE\pdfforge Key Found : HKLM\SOFTWARE\Search Settings Key Found : HKLM\SOFTWARE\SearchquMediabarTb Key Found : HKLM\SOFTWARE\WiseConvert Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com] [x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit [x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes [x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong [x64] Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar [x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar [x64] Key Found : HKCU\Software\AppDataLow\Toolbar [x64] Key Found : HKCU\Software\AVG Secure Search [x64] Key Found : HKCU\Software\Conduit [x64] Key Found : HKCU\Software\DataMngr [x64] Key Found : HKCU\Software\DataMngr_Toolbar [x64] Key Found : HKCU\Software\IGearSettings [x64] Key Found : HKCU\Software\pdfforge [x64] Key Found : HKCU\Software\Search Settings [x64] Key Found : HKCU\Software\Softonic [x64] Key Found : HKCU\Software\SweetIm [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1 [x64] Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler [x64] Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject [x64] Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1 [x64] Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender [x64] Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1 [x64] Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler [x64] Key Found : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1 [x64] Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard [x64] Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 [x64] Key Found : HKLM\SOFTWARE\DataMngr [x64] Key Found : HKLM\SOFTWARE\Software ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Found : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Key Found : HKLM\SOFTWARE\Classes\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F} Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Found : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5} Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07DAB8C8-B015-40E3-9530-A78CD8C2254B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6478668-966F-4CD5-A85D-71B55DAECF68} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} [x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} [x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} [x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. ************************* AdwCleaner[R1].txt - [18952 octets] - [29/08/2012 21:13:28] ########## EOF - C:\AdwCleaner[R1].txt - [19081 octets] ########## |
Sehr gut! :daumenhoc
danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
# AdwCleaner v2.000 - Datei am 08/30/2012 um 20:07:36 erstellt # Aktualisiert am 30/08/2012 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : Steffi - STEFFI-TOSH # Normaler Modus : Normal # Ausgeführt unter : C:\Users\Steffi\Desktop\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\.autoreg Ordner Gelöscht : C:\Program Files (x86)\Application Updater Ordner Gelöscht : C:\Program Files (x86)\Common Files\spigot Ordner Gelöscht : C:\Program Files (x86)\Conduit Ordner Gelöscht : C:\Program Files (x86)\kikin Ordner Gelöscht : C:\Program Files (x86)\Searchqu Toolbar Ordner Gelöscht : C:\ProgramData\Babylon Ordner Gelöscht : C:\ProgramData\boost_interprocess Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid Ordner Gelöscht : C:\Users\Steffi\AppData\Local\Conduit Ordner Gelöscht : C:\Users\Steffi\AppData\Local\Ilivid Player Ordner Gelöscht : C:\Users\Steffi\AppData\Local\OpenCandy Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\Conduit Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\pdfforge Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\PriceGong Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\Search Settings Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\searchquband Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\Searchqutoolbar Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\Toolbar4 Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\WiseConvert Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\Babylon Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\kikin Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\OpenCandy Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\pdfforge ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\WiseConvert Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar Schlüssel Gelöscht : HKCU\Software\AVG Secure Search Schlüssel Gelöscht : HKCU\Software\Conduit Schlüssel Gelöscht : HKCU\Software\DataMngr Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar Schlüssel Gelöscht : HKCU\Software\IGearSettings Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Schlüssel Gelöscht : HKCU\Software\pdfforge Schlüssel Gelöscht : HKCU\Software\Search Settings Schlüssel Gelöscht : HKCU\Software\Softonic Schlüssel Gelöscht : HKCU\Software\SweetIm Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3196716 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Schlüssel Gelöscht : HKLM\Software\Conduit Schlüssel Gelöscht : HKLM\Software\DataMngr Schlüssel Gelöscht : HKLM\Software\Iminent Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F} Schlüssel Gelöscht : HKLM\Software\pdfforge Schlüssel Gelöscht : HKLM\Software\Search Settings Schlüssel Gelöscht : HKLM\Software\SearchquMediabarTb Schlüssel Gelöscht : HKLM\Software\WiseConvert Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07DAB8C8-B015-40E3-9530-A78CD8C2254B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6478668-966F-4CD5-A85D-71B55DAECF68} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr Schlüssel Gelöscht : HKLM\SOFTWARE\Software Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com] ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16421 Wiederhergestellt : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] ************************* AdwCleaner[R1].txt - [18905 octets] - [29/08/2012 21:13:28] AdwCleaner[S1].txt - [19704 octets] - [30/08/2012 20:07:36] ########## EOF - C:\AdwCleaner[S1].txt - [19765 octets] ########## Emsisoft Anti-Malware - Version 6.6 Letztes Update: 30.08.2012 20:39:27 Scan Einstellungen: Scan Methode: Detail Scan Objekte: Rootkits, Speicher, Traces, C:\, D:\, F:\ Archiv Scan: An ADS Scan: An Scan Beginn: 30.08.2012 20:40:27 C:\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwc.class gefunden: Exploit.Java.Blacole!E2 C:\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwf.class gefunden: Exploit.Java.Blacole!E2 C:\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwd.class gefunden: Exploit.Java.Blacole!E2 C:\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwa.class gefunden: Exploit.Java.CVE-2012!E2 C:\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwe.class gefunden: Exploit.Java.Blacole!E2 C:\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwb.class gefunden: Exploit.Java.Blacole!E2 C:\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll gefunden: Riskware.Win32.Toolbar.SearchSuite.AMN!E1 C:\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll gefunden: Riskware.Win32.Toolbar.SearchSuite.AMN!E1 C:\Windows\Installer\1664bdfa.msi -> [unnamed] -> _13134A93DCE0921459FE89F496CFBC44 gefunden: VirTool.Win32.VBInject!E2 C:\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe gefunden: Riskware.WebToolbar.Win32.Agent.AMN!E1 C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll gefunden: Riskware.AdWare.Win32.BHO!E2 C:\Program Files (x86)\Cryptload_1.1.8\Cryptload 1.1.8\Cryptload1.1.8\router\FRITZ!Box\nc.exe gefunden: Riskware.RemoteAdmin.Win32.NetCat!E2 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwf.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwe.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwa.class gefunden: Exploit.Java.CVE-2012!E2 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwb.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwc.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwd.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll gefunden: Riskware.Win32.Toolbar.SearchSuite.AMN!E1 F:\Nero Autobackup\20120830_201854_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll gefunden: Riskware.Win32.Toolbar.SearchSuite.AMN!E1 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwc.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwf.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwb.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwa.class gefunden: Exploit.Java.CVE-2012!E2 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwe.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a -> bkwa\bkwd.class gefunden: Exploit.Java.Blacole!E2 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll gefunden: Riskware.Win32.Toolbar.SearchSuite.AMN!E1 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll gefunden: Riskware.Win32.Toolbar.SearchSuite.AMN!E1 F:\Nero Autobackup\20120829_195050_Local Autobackup\C\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 F:\Nero Autobackup\20120828_195050_Local Autobackup\C\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 F:\Nero Autobackup\20120827_215050_Local Autobackup\C\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 F:\Nero Autobackup\20120728_175044_Local Autobackup\C\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 F:\Nero Autobackup\20120716_215040_Local Autobackup\C\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 F:\Nero Autobackup\20120607_155042_Local Autobackup\C\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 F:\Nero Autobackup\20120603_215039_Local Autobackup\C\VOB2MPG PRO\Code-Lock.ocx gefunden: Riskware.Win32.VBInject!E2 Gescannt 725624 Gefunden 37 Scan Ende: 30.08.2012 22:33:32 Scan Zeit: 1:53:05 |
Sehr gut! :daumenhoc Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=948fbad0f75a074aaeb2bb11f335aafc # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-08-31 05:21:05 # local_time=2012-08-31 07:21:05 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 27814302 27814302 0 0 # compatibility_mode=5893 16776574 100 94 37652294 98056344 0 0 # compatibility_mode=8192 67108863 100 0 118 118 0 0 # scanned=311501 # found=41 # cleaned=41 # scan_time=7171 C:\Program Files (x86)\Funmoods\1.5.23.22\escortApp.dll Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Funmoods\1.5.23.22\escortEng.dll Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Funmoods\1.5.23.22\escortShld.dll Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Funmoods\1.5.23.22\funmoodssrv.exe Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll Win32/Toolbar.Funmoods application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite.A application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Searchqu Toolbar\Datamngr\DnsBHO.dll a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\ProgramData\IBUpdaterService\ibsvc.exe a variant of Win32/InstallBrain.E application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20UI6UU8\DownloadAcceleratorSetup.exe a variant of Win32/InstallCore.AN application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20UI6UU8\eTypeSetup.exe a variant of Win32/InstallBrain.E application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJ3O8EMH\BestCodecPack_Setup.exe a variant of Win32/InstallBrain.E application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDHOKPOI\iLividSetupV1.exe Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Temp\ICReinstall_DownloadAcceleratorSetup.exe a variant of Win32/InstallCore.AN application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Temp\jar_cache4911677842268853418.tmp Java/Exploit.CVE-2012-4681.H trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Temp\NOD7214.tmp a variant of Win32/Toolbar.SearchSuite.A application (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Temp\SetupDataMngr_Searchqu.exe multiple threats (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Steffi\AppData\Local\Temp\is357113909\ezLookerSilent_DDD_FTT_BG_BD_BVD.exe probably a variant of Win32/Adware.HLQFYSH application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Windows\Installer\4149802.msi a variant of Win32/Toolbar.Widgi application (deleted - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a multiple threats (deleted - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120829_195050_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a multiple threats (deleted - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120830_215047_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120830_215047_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120830_215047_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120830_215047_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a multiple threats (deleted - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120831_180244_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120831_180244_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120831_180244_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120831_180244_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a multiple threats (deleted - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120831_181234_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120831_181234_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120831_181234_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C F:\Nero Autobackup\20120831_181234_Local Autobackup\C\_OTL\MovedFiles\08292012_181847\C_Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\1638078b-6af86c3a multiple threats (deleted - quarantined) 00000000000000000000000000000000 C |
Malware mit Combofix beseitigen Lade Combofix von einem der folgenden Download-Spiegel herunter: BleepingComputer.com - ForoSpyware.com und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig! Beachte die ausführliche Original-Anleitung. Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:
Vorbereitung und wichtige Hinweise
Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen! |
Liste der Anhänge anzeigen (Anzahl: 2) Hi, irgendwie funktioniert da nicht so richtig. Zuerst kam immer folgende Meldung1 siehe Anlage. Dann hab ich noch AntiMaleware ausgeschalten und dann ging es ohne Fehlermeldung. Aber jetzt hängt er bestimmt schon eine halbe Stunde an derselben Stelle, siehe Anhang 2. Woran liegt das? Was soll ich jetzt machen? Danke. Grüße Steffi117 |
Gibts ein Log ? C:\ComboFix.txt Wenn nicht: Neustarten, Nochmal versuchen. |
nein, gibt leider kein Log File. Hab´s schon mehrmals neu versucht. Klappt leider nicht. Was nun? Danke |
TDSSKiller von Kaspersky - Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.Hier findest Du eine ausführlichere TDSSKiller Anleitung. |
Hallo, bei mir kam keine Meldung, dass der PC neu gestartet werden muss. Vielleicht weil keine infizierten Dateien gefunden wurden? Hier der Report: 18:36:28.0282 3248 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48 18:36:28.0423 3248 ============================================================ 18:36:28.0423 3248 Current date / time: 2012/09/05 18:36:28.0423 18:36:28.0423 3248 SystemInfo: 18:36:28.0423 3248 18:36:28.0423 3248 OS Version: 6.1.7601 ServicePack: 1.0 18:36:28.0423 3248 Product type: Workstation 18:36:28.0423 3248 ComputerName: STEFFI-TOSH 18:36:28.0423 3248 UserName: Steffi 18:36:28.0423 3248 Windows directory: C:\Windows 18:36:28.0423 3248 System windows directory: C:\Windows 18:36:28.0423 3248 Running under WOW64 18:36:28.0423 3248 Processor architecture: Intel x64 18:36:28.0423 3248 Number of processors: 4 18:36:28.0423 3248 Page size: 0x1000 18:36:28.0423 3248 Boot type: Normal boot 18:36:28.0423 3248 ============================================================ 18:36:28.0984 3248 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:36:29.0000 3248 ============================================================ 18:36:29.0000 3248 \Device\Harddisk0\DR0: 18:36:29.0000 3248 MBR partitions: 18:36:29.0000 3248 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x1D173800 18:36:29.0000 3248 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D23C000, BlocksNum 0x1D149830 18:36:29.0000 3248 ============================================================ 18:36:29.0015 3248 C: <-> \Device\Harddisk0\DR0\Partition1 18:36:29.0062 3248 D: <-> \Device\Harddisk0\DR0\Partition2 18:36:29.0062 3248 ============================================================ 18:36:29.0062 3248 Initialize success 18:36:29.0062 3248 ============================================================ 18:36:42.0447 1036 ============================================================ 18:36:42.0447 1036 Scan started 18:36:42.0447 1036 Mode: Manual; 18:36:42.0447 1036 ============================================================ 18:36:42.0821 1036 ================ Scan system memory ======================== 18:36:42.0821 1036 System memory - ok 18:36:42.0837 1036 ================ Scan services ============================= 18:36:43.0024 1036 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:36:43.0024 1036 1394ohci - ok 18:36:43.0071 1036 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:36:43.0071 1036 ACPI - ok 18:36:43.0087 1036 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:36:43.0087 1036 AcpiPmi - ok 18:36:43.0196 1036 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:36:43.0196 1036 AdobeARMservice - ok 18:36:43.0367 1036 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:36:43.0367 1036 AdobeFlashPlayerUpdateSvc - ok 18:36:43.0430 1036 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 18:36:43.0430 1036 adp94xx - ok 18:36:43.0445 1036 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 18:36:43.0445 1036 adpahci - ok 18:36:43.0477 1036 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 18:36:43.0477 1036 adpu320 - ok 18:36:43.0492 1036 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:36:43.0492 1036 AeLookupSvc - ok 18:36:43.0555 1036 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 18:36:43.0555 1036 AFD - ok 18:36:43.0586 1036 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 18:36:43.0586 1036 agp440 - ok 18:36:43.0601 1036 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 18:36:43.0601 1036 ALG - ok 18:36:43.0633 1036 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 18:36:43.0633 1036 aliide - ok 18:36:43.0664 1036 [ 61A18BCAF557CD6614309E4978B81056 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 18:36:43.0664 1036 AMD External Events Utility - ok 18:36:43.0679 1036 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 18:36:43.0679 1036 amdide - ok 18:36:43.0726 1036 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 18:36:43.0726 1036 AmdK8 - ok 18:36:43.0898 1036 [ F05B22CE901FC26AE55A1A27AA674D96 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 18:36:43.0929 1036 amdkmdag - ok 18:36:43.0960 1036 [ ED25D58581B5A28593C277F482FCCD62 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 18:36:43.0960 1036 amdkmdap - ok 18:36:43.0976 1036 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 18:36:43.0976 1036 AmdPPM - ok 18:36:44.0023 1036 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 18:36:44.0023 1036 amdsata - ok 18:36:44.0069 1036 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 18:36:44.0069 1036 amdsbs - ok 18:36:44.0085 1036 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:36:44.0085 1036 amdxata - ok 18:36:44.0147 1036 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 18:36:44.0147 1036 AntiVirSchedulerService - ok 18:36:44.0179 1036 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 18:36:44.0179 1036 AntiVirService - ok 18:36:44.0225 1036 [ 2C4A05FCEF72EF614DCD11D0872498C9 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys 18:36:44.0225 1036 AnyDVD - ok 18:36:44.0272 1036 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 18:36:44.0272 1036 AppID - ok 18:36:44.0303 1036 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:36:44.0303 1036 AppIDSvc - ok 18:36:44.0335 1036 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 18:36:44.0335 1036 Appinfo - ok 18:36:44.0397 1036 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 18:36:44.0397 1036 arc - ok 18:36:44.0413 1036 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 18:36:44.0413 1036 arcsas - ok 18:36:44.0444 1036 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:36:44.0444 1036 AsyncMac - ok 18:36:44.0475 1036 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 18:36:44.0475 1036 atapi - ok 18:36:44.0522 1036 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys 18:36:44.0537 1036 athr - ok 18:36:44.0631 1036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:36:44.0631 1036 AudioEndpointBuilder - ok 18:36:44.0662 1036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:36:44.0662 1036 AudioSrv - ok 18:36:44.0709 1036 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 18:36:44.0709 1036 avgntflt - ok 18:36:44.0725 1036 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 18:36:44.0725 1036 avipbb - ok 18:36:44.0740 1036 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 18:36:44.0740 1036 avkmgr - ok 18:36:44.0818 1036 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:36:44.0818 1036 AxInstSV - ok 18:36:44.0865 1036 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 18:36:44.0865 1036 b06bdrv - ok 18:36:44.0896 1036 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:36:44.0896 1036 b57nd60a - ok 18:36:44.0927 1036 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 18:36:44.0927 1036 BDESVC - ok 18:36:44.0959 1036 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 18:36:44.0959 1036 Beep - ok 18:36:45.0021 1036 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 18:36:45.0021 1036 BFE - ok 18:36:45.0052 1036 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 18:36:45.0068 1036 BITS - ok 18:36:45.0099 1036 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:36:45.0099 1036 blbdrive - ok 18:36:45.0130 1036 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:36:45.0130 1036 bowser - ok 18:36:45.0146 1036 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:36:45.0161 1036 BrFiltLo - ok 18:36:45.0161 1036 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:36:45.0161 1036 BrFiltUp - ok 18:36:45.0193 1036 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 18:36:45.0193 1036 BridgeMP - ok 18:36:45.0239 1036 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 18:36:45.0239 1036 Browser - ok 18:36:45.0255 1036 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:36:45.0255 1036 Brserid - ok 18:36:45.0271 1036 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:36:45.0271 1036 BrSerWdm - ok 18:36:45.0286 1036 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:36:45.0286 1036 BrUsbMdm - ok 18:36:45.0286 1036 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:36:45.0286 1036 BrUsbSer - ok 18:36:45.0302 1036 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 18:36:45.0302 1036 BTHMODEM - ok 18:36:45.0364 1036 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 18:36:45.0364 1036 bthserv - ok 18:36:45.0411 1036 catchme - ok 18:36:45.0442 1036 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:36:45.0442 1036 cdfs - ok 18:36:45.0489 1036 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:36:45.0489 1036 cdrom - ok 18:36:45.0536 1036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 18:36:45.0536 1036 CertPropSvc - ok 18:36:45.0614 1036 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe 18:36:45.0629 1036 cfWiMAXService - ok 18:36:45.0785 1036 [ 213B6EC3DE19E35373A1906397588429 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe 18:36:45.0801 1036 CGVPNCliSrvc - ok 18:36:45.0848 1036 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 18:36:45.0848 1036 circlass - ok 18:36:45.0895 1036 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 18:36:45.0895 1036 CLFS - ok 18:36:45.0941 1036 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:36:45.0941 1036 clr_optimization_v2.0.50727_32 - ok 18:36:46.0004 1036 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:36:46.0004 1036 clr_optimization_v2.0.50727_64 - ok 18:36:46.0066 1036 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:36:46.0066 1036 clr_optimization_v4.0.30319_32 - ok 18:36:46.0113 1036 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:36:46.0113 1036 clr_optimization_v4.0.30319_64 - ok 18:36:46.0144 1036 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:36:46.0144 1036 CmBatt - ok 18:36:46.0175 1036 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:36:46.0175 1036 cmdide - ok 18:36:46.0207 1036 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 18:36:46.0207 1036 CNG - ok 18:36:46.0269 1036 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 18:36:46.0269 1036 CnxtHdAudService - ok 18:36:46.0316 1036 [ 89C99AB4AE9535F727791592D84D4821 ] CnxtHdmiAudService C:\Windows\system32\drivers\CHDMI64.sys 18:36:46.0331 1036 CnxtHdmiAudService - ok 18:36:46.0363 1036 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 18:36:46.0363 1036 Compbatt - ok 18:36:46.0394 1036 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 18:36:46.0409 1036 CompositeBus - ok 18:36:46.0409 1036 COMSysApp - ok 18:36:46.0441 1036 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe 18:36:46.0441 1036 ConfigFree Service - ok 18:36:46.0472 1036 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 18:36:46.0472 1036 crcdisk - ok 18:36:46.0519 1036 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:36:46.0519 1036 CryptSvc - ok 18:36:46.0565 1036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:36:46.0581 1036 DcomLaunch - ok 18:36:46.0597 1036 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 18:36:46.0597 1036 defragsvc - ok 18:36:46.0643 1036 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:36:46.0643 1036 DfsC - ok 18:36:46.0706 1036 [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 18:36:46.0706 1036 dg_ssudbus - ok 18:36:46.0737 1036 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 18:36:46.0753 1036 Dhcp - ok 18:36:46.0784 1036 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 18:36:46.0784 1036 discache - ok 18:36:46.0846 1036 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 18:36:46.0846 1036 Disk - ok 18:36:46.0877 1036 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:36:46.0877 1036 Dnscache - ok 18:36:46.0909 1036 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 18:36:46.0909 1036 dot3svc - ok 18:36:46.0940 1036 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 18:36:46.0955 1036 DPS - ok 18:36:47.0002 1036 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:36:47.0002 1036 drmkaud - ok 18:36:47.0049 1036 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:36:47.0049 1036 DXGKrnl - ok 18:36:47.0096 1036 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 18:36:47.0096 1036 EapHost - ok 18:36:47.0174 1036 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 18:36:47.0205 1036 ebdrv - ok 18:36:47.0236 1036 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 18:36:47.0236 1036 EFS - ok 18:36:47.0314 1036 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:36:47.0330 1036 ehRecvr - ok 18:36:47.0361 1036 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 18:36:47.0361 1036 ehSched - ok 18:36:47.0392 1036 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 18:36:47.0392 1036 ElbyCDIO - ok 18:36:47.0423 1036 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 18:36:47.0439 1036 elxstor - ok 18:36:47.0455 1036 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:36:47.0455 1036 ErrDev - ok 18:36:47.0501 1036 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 18:36:47.0501 1036 EventSystem - ok 18:36:47.0548 1036 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 18:36:47.0548 1036 exfat - ok 18:36:47.0579 1036 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:36:47.0579 1036 fastfat - ok 18:36:47.0626 1036 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 18:36:47.0626 1036 Fax - ok 18:36:47.0657 1036 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 18:36:47.0657 1036 fdc - ok 18:36:47.0689 1036 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 18:36:47.0689 1036 fdPHost - ok 18:36:47.0704 1036 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 18:36:47.0720 1036 FDResPub - ok 18:36:47.0829 1036 [ C51201B83740AAA847DB40770CB6B230 ] ffdshow manager C:\ProgramData\ffdshow manager\2.2.580.185\{16cdff19-861d-48e3-a751-d99a27784753}\ffdshowmngr.exe 18:36:47.0845 1036 ffdshow manager - ok 18:36:47.0907 1036 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:36:47.0907 1036 FileInfo - ok 18:36:47.0923 1036 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:36:47.0923 1036 Filetrace - ok 18:36:47.0954 1036 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 18:36:47.0954 1036 flpydisk - ok 18:36:47.0985 1036 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:36:47.0985 1036 FltMgr - ok 18:36:48.0032 1036 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 18:36:48.0047 1036 FontCache - ok 18:36:48.0079 1036 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:36:48.0079 1036 FontCache3.0.0.0 - ok 18:36:48.0110 1036 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:36:48.0110 1036 FsDepends - ok 18:36:48.0141 1036 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:36:48.0141 1036 Fs_Rec - ok 18:36:48.0203 1036 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:36:48.0203 1036 fvevol - ok 18:36:48.0250 1036 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys 18:36:48.0250 1036 FwLnk - ok 18:36:48.0281 1036 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 18:36:48.0281 1036 gagp30kx - ok 18:36:48.0375 1036 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 18:36:48.0375 1036 GamesAppService - ok 18:36:48.0422 1036 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 18:36:48.0437 1036 gpsvc - ok 18:36:48.0500 1036 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:36:48.0500 1036 gupdate - ok 18:36:48.0500 1036 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:36:48.0500 1036 gupdatem - ok 18:36:48.0547 1036 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:36:48.0547 1036 hcw85cir - ok 18:36:48.0609 1036 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:36:48.0609 1036 HdAudAddService - ok 18:36:48.0640 1036 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 18:36:48.0640 1036 HDAudBus - ok 18:36:48.0687 1036 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 18:36:48.0687 1036 HECIx64 - ok 18:36:48.0703 1036 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 18:36:48.0703 1036 HidBatt - ok 18:36:48.0718 1036 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 18:36:48.0718 1036 HidBth - ok 18:36:48.0749 1036 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 18:36:48.0749 1036 HidIr - ok 18:36:48.0781 1036 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 18:36:48.0781 1036 hidserv - ok 18:36:48.0843 1036 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:36:48.0843 1036 HidUsb - ok 18:36:48.0890 1036 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:36:48.0890 1036 hkmsvc - ok 18:36:48.0937 1036 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:36:48.0937 1036 HomeGroupListener - ok 18:36:48.0983 1036 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:36:48.0983 1036 HomeGroupProvider - ok 18:36:49.0030 1036 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:36:49.0030 1036 HpSAMD - ok 18:36:49.0093 1036 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:36:49.0093 1036 HTTP - ok 18:36:49.0139 1036 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:36:49.0139 1036 hwpolicy - ok 18:36:49.0155 1036 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 18:36:49.0155 1036 i8042prt - ok 18:36:49.0186 1036 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 18:36:49.0186 1036 iaStor - ok 18:36:49.0233 1036 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:36:49.0233 1036 iaStorV - ok 18:36:49.0295 1036 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:36:49.0311 1036 idsvc - ok 18:36:49.0342 1036 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 18:36:49.0342 1036 iirsp - ok 18:36:49.0389 1036 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 18:36:49.0405 1036 IKEEXT - ok 18:36:49.0451 1036 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 18:36:49.0451 1036 Impcd - ok 18:36:49.0498 1036 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 18:36:49.0498 1036 intelide - ok 18:36:49.0545 1036 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:36:49.0545 1036 intelppm - ok 18:36:49.0576 1036 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:36:49.0576 1036 IPBusEnum - ok 18:36:49.0607 1036 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:36:49.0607 1036 IpFilterDriver - ok 18:36:49.0670 1036 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:36:49.0685 1036 iphlpsvc - ok 18:36:49.0701 1036 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:36:49.0701 1036 IPMIDRV - ok 18:36:49.0732 1036 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:36:49.0732 1036 IPNAT - ok 18:36:49.0763 1036 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:36:49.0763 1036 IRENUM - ok 18:36:49.0795 1036 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:36:49.0795 1036 isapnp - ok 18:36:49.0810 1036 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:36:49.0810 1036 iScsiPrt - ok 18:36:49.0857 1036 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe 18:36:49.0857 1036 IviRegMgr - ok 18:36:49.0888 1036 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 18:36:49.0888 1036 kbdclass - ok 18:36:49.0919 1036 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 18:36:49.0919 1036 kbdhid - ok 18:36:49.0935 1036 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 18:36:49.0935 1036 KeyIso - ok 18:36:49.0951 1036 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:36:49.0951 1036 KSecDD - ok 18:36:49.0997 1036 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:36:49.0997 1036 KSecPkg - ok 18:36:50.0029 1036 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:36:50.0029 1036 ksthunk - ok 18:36:50.0060 1036 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 18:36:50.0075 1036 KtmRm - ok 18:36:50.0122 1036 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 18:36:50.0122 1036 L1C - ok 18:36:50.0169 1036 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 18:36:50.0185 1036 LanmanServer - ok 18:36:50.0231 1036 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:36:50.0231 1036 LanmanWorkstation - ok 18:36:50.0263 1036 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:36:50.0263 1036 lltdio - ok 18:36:50.0294 1036 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:36:50.0294 1036 lltdsvc - ok 18:36:50.0325 1036 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:36:50.0325 1036 lmhosts - ok 18:36:50.0387 1036 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 18:36:50.0387 1036 LMS - ok 18:36:50.0434 1036 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 18:36:50.0434 1036 LSI_FC - ok 18:36:50.0434 1036 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 18:36:50.0434 1036 LSI_SAS - ok 18:36:50.0465 1036 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:36:50.0465 1036 LSI_SAS2 - ok 18:36:50.0465 1036 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:36:50.0465 1036 LSI_SCSI - ok 18:36:50.0481 1036 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 18:36:50.0481 1036 luafv - ok 18:36:50.0543 1036 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 18:36:50.0543 1036 MBAMProtector - ok 18:36:50.0590 1036 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 18:36:50.0606 1036 MBAMService - ok 18:36:50.0621 1036 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:36:50.0621 1036 Mcx2Svc - ok 18:36:50.0668 1036 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 18:36:50.0668 1036 megasas - ok 18:36:50.0684 1036 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 18:36:50.0699 1036 MegaSR - ok 18:36:50.0762 1036 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 18:36:50.0762 1036 Microsoft Office Groove Audit Service - ok 18:36:50.0809 1036 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 18:36:50.0809 1036 MMCSS - ok 18:36:50.0824 1036 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 18:36:50.0824 1036 Modem - ok 18:36:50.0840 1036 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:36:50.0840 1036 monitor - ok 18:36:50.0871 1036 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:36:50.0871 1036 mouclass - ok 18:36:50.0887 1036 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:36:50.0887 1036 mouhid - ok 18:36:50.0933 1036 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:36:50.0933 1036 mountmgr - ok 18:36:50.0965 1036 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 18:36:50.0965 1036 mpio - ok 18:36:50.0996 1036 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:36:50.0996 1036 mpsdrv - ok 18:36:51.0043 1036 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:36:51.0043 1036 MpsSvc - ok 18:36:51.0089 1036 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:36:51.0089 1036 MRxDAV - ok 18:36:51.0121 1036 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:36:51.0121 1036 mrxsmb - ok 18:36:51.0152 1036 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:36:51.0152 1036 mrxsmb10 - ok 18:36:51.0183 1036 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:36:51.0183 1036 mrxsmb20 - ok 18:36:51.0199 1036 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 18:36:51.0199 1036 msahci - ok 18:36:51.0214 1036 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:36:51.0214 1036 msdsm - ok 18:36:51.0245 1036 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 18:36:51.0245 1036 MSDTC - ok 18:36:51.0292 1036 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:36:51.0292 1036 Msfs - ok 18:36:51.0308 1036 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:36:51.0308 1036 mshidkmdf - ok 18:36:51.0339 1036 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:36:51.0339 1036 msisadrv - ok 18:36:51.0370 1036 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:36:51.0386 1036 MSiSCSI - ok 18:36:51.0386 1036 msiserver - ok 18:36:51.0433 1036 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:36:51.0433 1036 MSKSSRV - ok 18:36:51.0433 1036 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:36:51.0433 1036 MSPCLOCK - ok 18:36:51.0448 1036 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:36:51.0448 1036 MSPQM - ok 18:36:51.0495 1036 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:36:51.0495 1036 MsRPC - ok 18:36:51.0526 1036 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 18:36:51.0526 1036 mssmbios - ok 18:36:51.0573 1036 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:36:51.0573 1036 MSTEE - ok 18:36:51.0573 1036 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 18:36:51.0573 1036 MTConfig - ok 18:36:51.0589 1036 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 18:36:51.0589 1036 Mup - ok 18:36:51.0635 1036 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 18:36:51.0635 1036 napagent - ok 18:36:51.0682 1036 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:36:51.0682 1036 NativeWifiP - ok 18:36:51.0760 1036 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe 18:36:51.0760 1036 NAUpdate - ok 18:36:51.0823 1036 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys 18:36:51.0823 1036 NDIS - ok 18:36:51.0869 1036 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:36:51.0869 1036 NdisCap - ok 18:36:51.0901 1036 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:36:51.0901 1036 NdisTapi - ok 18:36:51.0947 1036 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:36:51.0947 1036 Ndisuio - ok 18:36:51.0994 1036 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:36:51.0994 1036 NdisWan - ok 18:36:52.0025 1036 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:36:52.0025 1036 NDProxy - ok 18:36:52.0057 1036 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:36:52.0057 1036 NetBIOS - ok 18:36:52.0103 1036 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:36:52.0103 1036 NetBT - ok 18:36:52.0119 1036 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 18:36:52.0119 1036 Netlogon - ok 18:36:52.0181 1036 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 18:36:52.0181 1036 Netman - ok 18:36:52.0197 1036 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 18:36:52.0197 1036 netprofm - ok 18:36:52.0228 1036 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:36:52.0228 1036 NetTcpPortSharing - ok 18:36:52.0259 1036 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 18:36:52.0259 1036 nfrd960 - ok 18:36:52.0306 1036 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:36:52.0306 1036 NlaSvc - ok 18:36:52.0322 1036 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:36:52.0322 1036 Npfs - ok 18:36:52.0353 1036 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 18:36:52.0353 1036 nsi - ok 18:36:52.0369 1036 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:36:52.0369 1036 nsiproxy - ok 18:36:52.0431 1036 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:36:52.0447 1036 Ntfs - ok 18:36:52.0478 1036 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 18:36:52.0478 1036 Null - ok 18:36:52.0525 1036 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:36:52.0525 1036 nvraid - ok 18:36:52.0540 1036 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:36:52.0540 1036 nvstor - ok 18:36:52.0587 1036 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:36:52.0587 1036 nv_agp - ok 18:36:52.0696 1036 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:36:52.0696 1036 odserv - ok 18:36:52.0727 1036 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:36:52.0727 1036 ohci1394 - ok 18:36:52.0774 1036 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:36:52.0774 1036 ose - ok 18:36:52.0805 1036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:36:52.0821 1036 p2pimsvc - ok 18:36:52.0852 1036 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 18:36:52.0868 1036 p2psvc - ok 18:36:52.0899 1036 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 18:36:52.0899 1036 Parport - ok 18:36:52.0930 1036 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:36:52.0930 1036 partmgr - ok 18:36:52.0961 1036 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 18:36:52.0961 1036 PcaSvc - ok 18:36:52.0993 1036 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 18:36:52.0993 1036 pci - ok 18:36:53.0008 1036 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 18:36:53.0008 1036 pciide - ok 18:36:53.0039 1036 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 18:36:53.0055 1036 pcmcia - ok 18:36:53.0071 1036 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 18:36:53.0071 1036 pcw - ok 18:36:53.0086 1036 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:36:53.0102 1036 PEAUTH - ok 18:36:53.0195 1036 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:36:53.0195 1036 PerfHost - ok 18:36:53.0242 1036 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys 18:36:53.0242 1036 PGEffect - ok 18:36:53.0305 1036 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 18:36:53.0320 1036 pla - ok 18:36:53.0367 1036 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:36:53.0367 1036 PlugPlay - ok 18:36:53.0461 1036 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 18:36:53.0461 1036 PMBDeviceInfoProvider - ok 18:36:53.0492 1036 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:36:53.0492 1036 PNRPAutoReg - ok 18:36:53.0507 1036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:36:53.0523 1036 PNRPsvc - ok 18:36:53.0554 1036 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:36:53.0554 1036 PolicyAgent - ok 18:36:53.0585 1036 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 18:36:53.0585 1036 Power - ok 18:36:53.0632 1036 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:36:53.0632 1036 PptpMiniport - ok 18:36:53.0663 1036 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 18:36:53.0663 1036 Processor - ok 18:36:53.0695 1036 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 18:36:53.0695 1036 ProfSvc - ok 18:36:53.0726 1036 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:36:53.0726 1036 ProtectedStorage - ok 18:36:53.0773 1036 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:36:53.0773 1036 Psched - ok 18:36:53.0835 1036 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys 18:36:53.0835 1036 PSI - ok 18:36:53.0866 1036 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 18:36:53.0866 1036 PSI_SVC_2 - ok 18:36:53.0913 1036 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 18:36:53.0929 1036 ql2300 - ok 18:36:53.0960 1036 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 18:36:53.0960 1036 ql40xx - ok 18:36:53.0991 1036 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 18:36:54.0007 1036 QWAVE - ok 18:36:54.0022 1036 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:36:54.0022 1036 QWAVEdrv - ok 18:36:54.0022 1036 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:36:54.0022 1036 RasAcd - ok 18:36:54.0069 1036 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:36:54.0069 1036 RasAgileVpn - ok 18:36:54.0085 1036 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 18:36:54.0100 1036 RasAuto - ok 18:36:54.0131 1036 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:36:54.0131 1036 Rasl2tp - ok 18:36:54.0163 1036 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 18:36:54.0178 1036 RasMan - ok 18:36:54.0209 1036 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:36:54.0209 1036 RasPppoe - ok 18:36:54.0225 1036 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:36:54.0225 1036 RasSstp - ok 18:36:54.0241 1036 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:36:54.0241 1036 rdbss - ok 18:36:54.0256 1036 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 18:36:54.0256 1036 rdpbus - ok 18:36:54.0287 1036 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:36:54.0287 1036 RDPCDD - ok 18:36:54.0303 1036 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:36:54.0303 1036 RDPENCDD - ok 18:36:54.0303 1036 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:36:54.0303 1036 RDPREFMP - ok 18:36:54.0350 1036 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:36:54.0350 1036 RDPWD - ok 18:36:54.0397 1036 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:36:54.0397 1036 rdyboost - ok 18:36:54.0412 1036 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys 18:36:54.0412 1036 regi - ok 18:36:54.0443 1036 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:36:54.0443 1036 RemoteAccess - ok 18:36:54.0490 1036 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:36:54.0490 1036 RemoteRegistry - ok 18:36:54.0506 1036 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:36:54.0506 1036 RpcEptMapper - ok 18:36:54.0537 1036 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 18:36:54.0537 1036 RpcLocator - ok 18:36:54.0568 1036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 18:36:54.0584 1036 RpcSs - ok 18:36:54.0615 1036 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:36:54.0615 1036 rspndr - ok 18:36:54.0677 1036 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 18:36:54.0677 1036 RSUSBSTOR - ok 18:36:54.0740 1036 [ 789C177A1529F0453C625C68A4EF2F00 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys 18:36:54.0740 1036 rtl8192se - ok 18:36:54.0771 1036 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 18:36:54.0771 1036 SamSs - ok 18:36:54.0802 1036 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:36:54.0802 1036 sbp2port - ok 18:36:54.0833 1036 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:36:54.0849 1036 SCardSvr - ok 18:36:54.0880 1036 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:36:54.0880 1036 scfilter - ok 18:36:54.0943 1036 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 18:36:54.0943 1036 Schedule - ok 18:36:54.0974 1036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 18:36:54.0974 1036 SCPolicySvc - ok 18:36:55.0005 1036 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:36:55.0005 1036 SDRSVC - ok 18:36:55.0036 1036 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:36:55.0036 1036 secdrv - ok 18:36:55.0067 1036 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 18:36:55.0083 1036 seclogon - ok 18:36:55.0130 1036 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe 18:36:55.0130 1036 Secunia PSI Agent - ok 18:36:55.0177 1036 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe 18:36:55.0177 1036 Secunia Update Agent - ok 18:36:55.0208 1036 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 18:36:55.0208 1036 SENS - ok 18:36:55.0223 1036 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:36:55.0223 1036 SensrSvc - ok 18:36:55.0239 1036 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 18:36:55.0255 1036 Serenum - ok 18:36:55.0255 1036 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 18:36:55.0255 1036 Serial - ok 18:36:55.0286 1036 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 18:36:55.0286 1036 sermouse - ok 18:36:55.0317 1036 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 18:36:55.0333 1036 SessionEnv - ok 18:36:55.0364 1036 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:36:55.0364 1036 sffdisk - ok 18:36:55.0364 1036 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:36:55.0364 1036 sffp_mmc - ok 18:36:55.0379 1036 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:36:55.0379 1036 sffp_sd - ok 18:36:55.0379 1036 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 18:36:55.0379 1036 sfloppy - ok 18:36:55.0426 1036 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:36:55.0426 1036 SharedAccess - ok 18:36:55.0473 1036 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:36:55.0473 1036 ShellHWDetection - ok 18:36:55.0504 1036 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:36:55.0504 1036 SiSRaid2 - ok 18:36:55.0520 1036 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 18:36:55.0520 1036 SiSRaid4 - ok 18:36:55.0551 1036 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:36:55.0551 1036 Smb - ok 18:36:55.0598 1036 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:36:55.0598 1036 SNMPTRAP - ok 18:36:55.0598 1036 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 18:36:55.0613 1036 spldr - ok 18:36:55.0645 1036 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 18:36:55.0660 1036 Spooler - ok 18:36:55.0769 1036 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 18:36:55.0801 1036 sppsvc - ok 18:36:55.0832 1036 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:36:55.0832 1036 sppuinotify - ok 18:36:55.0863 1036 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 18:36:55.0863 1036 srv - ok 18:36:55.0910 1036 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:36:55.0910 1036 srv2 - ok 18:36:55.0925 1036 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:36:55.0925 1036 srvnet - ok 18:36:55.0957 1036 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:36:55.0957 1036 SSDPSRV - ok 18:36:55.0988 1036 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:36:55.0988 1036 SstpSvc - ok 18:36:56.0035 1036 [ 855335BF5792E56164F98C012E3D92DD ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 18:36:56.0035 1036 ssudmdm - ok 18:36:56.0066 1036 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 18:36:56.0066 1036 stexstor - ok 18:36:56.0128 1036 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 18:36:56.0128 1036 stisvc - ok 18:36:56.0159 1036 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 18:36:56.0159 1036 swenum - ok 18:36:56.0191 1036 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 18:36:56.0206 1036 swprv - ok 18:36:56.0253 1036 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 18:36:56.0269 1036 SynTP - ok 18:36:56.0331 1036 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 18:36:56.0347 1036 SysMain - ok 18:36:56.0393 1036 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:36:56.0393 1036 TabletInputService - ok 18:36:56.0440 1036 [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 18:36:56.0440 1036 tap0901 - ok 18:36:56.0471 1036 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 18:36:56.0471 1036 TapiSrv - ok 18:36:56.0487 1036 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 18:36:56.0487 1036 TBS - ok 18:36:56.0565 1036 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:36:56.0581 1036 Tcpip - ok 18:36:56.0659 1036 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:36:56.0674 1036 TCPIP6 - ok 18:36:56.0737 1036 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:36:56.0737 1036 tcpipreg - ok 18:36:56.0768 1036 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys 18:36:56.0768 1036 tdcmdpst - ok 18:36:56.0799 1036 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:36:56.0799 1036 TDPIPE - ok 18:36:56.0830 1036 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:36:56.0830 1036 TDTCP - ok 18:36:56.0861 1036 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:36:56.0877 1036 tdx - ok 18:36:56.0924 1036 [ 40E154B3125E17CE6F2AFAD57AFCFEB2 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe 18:36:56.0924 1036 TemproMonitoringService - ok 18:36:56.0955 1036 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 18:36:56.0955 1036 TermDD - ok 18:36:56.0986 1036 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 18:36:57.0002 1036 TermService - ok 18:36:57.0033 1036 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 18:36:57.0033 1036 Themes - ok 18:36:57.0064 1036 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 18:36:57.0064 1036 THREADORDER - ok 18:36:57.0127 1036 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 18:36:57.0127 1036 TMachInfo - ok 18:36:57.0158 1036 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe 18:36:57.0158 1036 TODDSrv - ok 18:36:57.0236 1036 [ DB9719688C08F42705FEB3F6A0C98B91 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 18:36:57.0251 1036 TosCoSrv - ok 18:36:57.0283 1036 [ 2AB7A4697462EDB0C9DFAFC529746BA9 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe 18:36:57.0283 1036 TOSHIBA eco Utility Service - ok 18:36:57.0345 1036 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 18:36:57.0345 1036 TOSHIBA HDD SSD Alert Service - ok 18:36:57.0407 1036 [ 97687D094AA597DA366E1194B218CC6C ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 18:36:57.0407 1036 TPCHSrv - ok 18:36:57.0439 1036 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 18:36:57.0454 1036 TrkWks - ok 18:36:57.0501 1036 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:36:57.0517 1036 TrustedInstaller - ok 18:36:57.0548 1036 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:36:57.0548 1036 tssecsrv - ok 18:36:57.0595 1036 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:36:57.0595 1036 TsUsbFlt - ok 18:36:57.0657 1036 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:36:57.0657 1036 tunnel - ok 18:36:57.0704 1036 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS 18:36:57.0704 1036 TVALZ - ok 18:36:57.0719 1036 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\Windows\system32\DRIVERS\TVALZFL.sys 18:36:57.0719 1036 TVALZFL - ok 18:36:57.0735 1036 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 18:36:57.0735 1036 uagp35 - ok 18:36:57.0782 1036 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:36:57.0782 1036 udfs - ok 18:36:57.0829 1036 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:36:57.0829 1036 UI0Detect - ok 18:36:57.0860 1036 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:36:57.0860 1036 uliagpkx - ok 18:36:57.0891 1036 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 18:36:57.0891 1036 umbus - ok 18:36:57.0907 1036 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 18:36:57.0907 1036 UmPass - ok 18:36:58.0016 1036 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 18:36:58.0047 1036 UNS - ok 18:36:58.0078 1036 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 18:36:58.0078 1036 upnphost - ok 18:36:58.0109 1036 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:36:58.0109 1036 usbccgp - ok 18:36:58.0125 1036 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:36:58.0125 1036 usbcir - ok 18:36:58.0156 1036 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 18:36:58.0156 1036 usbehci - ok 18:36:58.0187 1036 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:36:58.0203 1036 usbhub - ok 18:36:58.0219 1036 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:36:58.0219 1036 usbohci - ok 18:36:58.0250 1036 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:36:58.0250 1036 usbprint - ok 18:36:58.0281 1036 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 18:36:58.0281 1036 usbscan - ok 18:36:58.0312 1036 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:36:58.0312 1036 USBSTOR - ok 18:36:58.0343 1036 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:36:58.0343 1036 usbuhci - ok 18:36:58.0390 1036 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 18:36:58.0390 1036 usbvideo - ok 18:36:58.0406 1036 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 18:36:58.0406 1036 UxSms - ok 18:36:58.0437 1036 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 18:36:58.0437 1036 VaultSvc - ok 18:36:58.0453 1036 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:36:58.0453 1036 vdrvroot - ok 18:36:58.0499 1036 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 18:36:58.0515 1036 vds - ok 18:36:58.0546 1036 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:36:58.0546 1036 vga - ok 18:36:58.0562 1036 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 18:36:58.0562 1036 VgaSave - ok 18:36:58.0593 1036 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:36:58.0593 1036 vhdmp - ok 18:36:58.0609 1036 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 18:36:58.0609 1036 viaide - ok 18:36:58.0624 1036 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:36:58.0624 1036 volmgr - ok 18:36:58.0671 1036 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:36:58.0671 1036 volmgrx - ok 18:36:58.0687 1036 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:36:58.0687 1036 volsnap - ok 18:36:58.0718 1036 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 18:36:58.0733 1036 vsmraid - ok 18:36:58.0796 1036 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 18:36:58.0811 1036 VSS - ok 18:36:58.0827 1036 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 18:36:58.0827 1036 vwifibus - ok 18:36:58.0858 1036 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 18:36:58.0858 1036 vwififlt - ok 18:36:58.0905 1036 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 18:36:58.0905 1036 vwifimp - ok 18:36:58.0952 1036 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 18:36:58.0952 1036 W32Time - ok 18:36:58.0967 1036 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 18:36:58.0983 1036 WacomPen - ok 18:36:59.0030 1036 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:36:59.0030 1036 WANARP - ok 18:36:59.0045 1036 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:36:59.0045 1036 Wanarpv6 - ok 18:36:59.0092 1036 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 18:36:59.0108 1036 WatAdminSvc - ok 18:36:59.0170 1036 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 18:36:59.0186 1036 wbengine - ok 18:36:59.0217 1036 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:36:59.0217 1036 WbioSrvc - ok 18:36:59.0264 1036 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:36:59.0264 1036 wcncsvc - ok 18:36:59.0279 1036 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:36:59.0295 1036 WcsPlugInService - ok 18:36:59.0311 1036 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 18:36:59.0311 1036 Wd - ok 18:36:59.0342 1036 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:36:59.0342 1036 Wdf01000 - ok 18:36:59.0373 1036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:36:59.0373 1036 WdiServiceHost - ok 18:36:59.0373 1036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:36:59.0373 1036 WdiSystemHost - ok 18:36:59.0420 1036 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 18:36:59.0420 1036 WebClient - ok 18:36:59.0482 1036 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:36:59.0482 1036 Wecsvc - ok 18:36:59.0498 1036 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:36:59.0498 1036 wercplsupport - ok 18:36:59.0545 1036 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 18:36:59.0560 1036 WerSvc - ok 18:36:59.0576 1036 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:36:59.0576 1036 WfpLwf - ok 18:36:59.0607 1036 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:36:59.0607 1036 WIMMount - ok 18:36:59.0607 1036 WinDefend - ok 18:36:59.0623 1036 WinHttpAutoProxySvc - ok 18:36:59.0669 1036 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:36:59.0669 1036 Winmgmt - ok 18:36:59.0747 1036 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 18:36:59.0779 1036 WinRM - ok 18:36:59.0841 1036 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 18:36:59.0857 1036 WinUsb - ok 18:36:59.0888 1036 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 18:36:59.0903 1036 Wlansvc - ok 18:36:59.0950 1036 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 18:36:59.0950 1036 wlcrasvc - ok 18:37:00.0091 1036 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:37:00.0106 1036 wlidsvc - ok 18:37:00.0137 1036 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:37:00.0137 1036 WmiAcpi - ok 18:37:00.0184 1036 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:37:00.0184 1036 wmiApSrv - ok 18:37:00.0215 1036 WMPNetworkSvc - ok 18:37:00.0247 1036 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:37:00.0247 1036 WPCSvc - ok 18:37:00.0293 1036 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:37:00.0293 1036 WPDBusEnum - ok 18:37:00.0309 1036 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:37:00.0309 1036 ws2ifsl - ok 18:37:00.0356 1036 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 18:37:00.0356 1036 wscsvc - ok 18:37:00.0356 1036 WSearch - ok 18:37:00.0449 1036 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 18:37:00.0481 1036 wuauserv - ok 18:37:00.0496 1036 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:37:00.0496 1036 WudfPf - ok 18:37:00.0527 1036 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:37:00.0543 1036 WUDFRd - ok 18:37:00.0574 1036 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:37:00.0574 1036 wudfsvc - ok 18:37:00.0605 1036 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 18:37:00.0605 1036 WwanSvc - ok 18:37:00.0652 1036 ================ Scan global =============================== 18:37:00.0668 1036 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 18:37:00.0699 1036 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 18:37:00.0715 1036 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll 18:37:00.0730 1036 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 18:37:00.0761 1036 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 18:37:00.0761 1036 [Global] - ok 18:37:00.0761 1036 ================ Scan MBR ================================== 18:37:00.0777 1036 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:37:01.0120 1036 \Device\Harddisk0\DR0 - ok 18:37:01.0120 1036 ================ Scan VBR ================================== 18:37:01.0136 1036 [ 40A5A910BC56917A255E7A1CFA5F32F3 ] \Device\Harddisk0\DR0\Partition1 18:37:01.0136 1036 \Device\Harddisk0\DR0\Partition1 - ok 18:37:01.0151 1036 [ 83E5E0E9A43C1DE4EE77BED41A405271 ] \Device\Harddisk0\DR0\Partition2 18:37:01.0167 1036 \Device\Harddisk0\DR0\Partition2 - ok 18:37:01.0167 1036 ============================================================ 18:37:01.0167 1036 Scan finished 18:37:01.0167 1036 ============================================================ 18:37:01.0167 4840 Detected object count: 0 18:37:01.0167 4840 Actual detected object count: 0 |
Combofix loeschen, neu runterladen, alle Virenscanner deinstallieren und nochmal versuchen. |
funktioniert leider trotzdem nicht. Es kommt die Meldung, dass das Dienstprogramm "Find String (QGREP)" nicht mehr funktioniert. Den Autoscan macht das System, aber danach passiert nichts mehr. Und nun? Danke. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 16:47 Uhr. |
Copyright ©2000-2025, Trojaner-Board