Trojaner-Board - Alarmmeldung Avira 800000cb.@ TR/Atraps.gen gefunden

Schritt 1 im Anhang

Schritt2 :
10:39:21.0975 3456 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:39:22.0287 3456 ============================================================
10:39:22.0287 3456 Current date / time: 2012/12/09 10:39:22.0287
10:39:22.0287 3456 SystemInfo:
10:39:22.0287 3456
10:39:22.0287 3456 OS Version: 6.0.6001 ServicePack: 1.0
10:39:22.0287 3456 Product type: Workstation
10:39:22.0287 3456 ComputerName: HOME
10:39:22.0287 3456 UserName: stefan
10:39:22.0287 3456 Windows directory: C:\Windows
10:39:22.0287 3456 System windows directory: C:\Windows
10:39:22.0287 3456 Processor architecture: Intel x86
10:39:22.0287 3456 Number of processors: 4
10:39:22.0287 3456 Page size: 0x1000
10:39:22.0287 3456 Boot type: Normal boot
10:39:22.0287 3456 ============================================================
10:39:23.0348 3456 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:39:23.0348 3456 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:39:23.0348 3456 Drive \Device\Harddisk2\DR2 - Size: 0xED400000 (3.71 Gb), SectorSize: 0x200, Cylinders: 0x1E3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:39:23.0364 3456 ============================================================
10:39:23.0364 3456 \Device\Harddisk1\DR1:
10:39:23.0364 3456 MBR partitions:
10:39:23.0364 3456 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x9470000
10:39:23.0364 3456 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x975E800, BlocksNum 0x92BA800
10:39:23.0364 3456 \Device\Harddisk0\DR0:
10:39:23.0364 3456 MBR partitions:
10:39:23.0364 3456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3D08FC7E
10:39:23.0364 3456 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3D08FCBD, BlocksNum 0x37675D04
10:39:23.0364 3456 \Device\Harddisk2\DR2:
10:39:23.0364 3456 MBR partitions:
10:39:23.0364 3456 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x768080
10:39:23.0364 3456 ============================================================
10:39:23.0379 3456 C: <-> \Device\Harddisk1\DR1\Partition1
10:39:23.0426 3456 E: <-> \Device\Harddisk1\DR1\Partition2
10:39:23.0442 3456 G: <-> \Device\Harddisk0\DR0\Partition1
10:39:23.0457 3456 H: <-> \Device\Harddisk0\DR0\Partition2
10:39:23.0457 3456 ============================================================
10:39:23.0457 3456 Initialize success
10:39:23.0457 3456 ============================================================
10:39:46.0779 3968 ============================================================
10:39:46.0779 3968 Scan started
10:39:46.0779 3968 Mode: Manual; TDLFS;
10:39:46.0779 3968 ============================================================
10:39:47.0107 3968 ================ Scan system memory ========================
10:39:47.0107 3968 System memory - ok
10:39:47.0107 3968 ================ Scan services =============================
10:39:47.0247 3968 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
10:39:47.0247 3968 ACPI - ok
10:39:47.0278 3968 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:39:47.0278 3968 adp94xx - ok
10:39:47.0294 3968 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:39:47.0294 3968 adpahci - ok
10:39:47.0310 3968 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:39:47.0310 3968 adpu160m - ok
10:39:47.0325 3968 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:39:47.0325 3968 adpu320 - ok
10:39:47.0356 3968 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:39:47.0356 3968 AeLookupSvc - ok
10:39:47.0388 3968 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
10:39:47.0403 3968 AFD - ok
10:39:47.0434 3968 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:39:47.0434 3968 agp440 - ok
10:39:47.0466 3968 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:39:47.0466 3968 aic78xx - ok
10:39:47.0481 3968 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
10:39:47.0481 3968 ALG - ok
10:39:47.0497 3968 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
10:39:47.0497 3968 aliide - ok
10:39:47.0512 3968 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:39:47.0512 3968 amdagp - ok
10:39:47.0528 3968 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
10:39:47.0528 3968 amdide - ok
10:39:47.0544 3968 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:39:47.0544 3968 AmdK7 - ok
10:39:47.0559 3968 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:39:47.0559 3968 AmdK8 - ok
10:39:47.0637 3968 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:39:47.0637 3968 AntiVirSchedulerService - ok
10:39:47.0653 3968 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:39:47.0668 3968 AntiVirService - ok
10:39:47.0700 3968 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
10:39:47.0700 3968 Appinfo - ok
10:39:47.0715 3968 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
10:39:47.0715 3968 arc - ok
10:39:47.0746 3968 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:39:47.0746 3968 arcsas - ok
10:39:47.0824 3968 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:39:47.0840 3968 aspnet_state - ok
10:39:47.0871 3968 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:39:47.0871 3968 AsyncMac - ok
10:39:47.0887 3968 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
10:39:47.0887 3968 atapi - ok
10:39:47.0934 3968 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:39:47.0934 3968 AudioEndpointBuilder - ok
10:39:47.0949 3968 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:39:47.0949 3968 Audiosrv - ok
10:39:47.0965 3968 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:39:47.0965 3968 avgntflt - ok
10:39:47.0980 3968 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:39:47.0980 3968 avipbb - ok
10:39:48.0012 3968 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
10:39:48.0012 3968 b57nd60x - ok
10:39:48.0058 3968 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
10:39:48.0058 3968 Beep - ok
10:39:48.0136 3968 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\System32\qmgr.dll
10:39:48.0136 3968 BITS - ok
10:39:48.0183 3968 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:39:48.0183 3968 blbdrive - ok
10:39:48.0199 3968 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:39:48.0199 3968 bowser - ok
10:39:48.0230 3968 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:39:48.0230 3968 BrFiltLo - ok
10:39:48.0246 3968 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:39:48.0246 3968 BrFiltUp - ok
10:39:48.0261 3968 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
10:39:48.0261 3968 Browser - ok
10:39:48.0292 3968 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:39:48.0292 3968 Brserid - ok
10:39:48.0308 3968 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:39:48.0308 3968 BrSerWdm - ok
10:39:48.0324 3968 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:39:48.0324 3968 BrUsbMdm - ok
10:39:48.0339 3968 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:39:48.0339 3968 BrUsbSer - ok
10:39:48.0339 3968 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:39:48.0339 3968 BTHMODEM - ok
10:39:48.0370 3968 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:39:48.0370 3968 cdfs - ok
10:39:48.0386 3968 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:39:48.0386 3968 cdrom - ok
10:39:48.0417 3968 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
10:39:48.0417 3968 CertPropSvc - ok
10:39:48.0433 3968 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
10:39:48.0433 3968 circlass - ok
10:39:48.0448 3968 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
10:39:48.0448 3968 CLFS - ok
10:39:48.0495 3968 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:39:48.0526 3968 clr_optimization_v2.0.50727_32 - ok
10:39:48.0558 3968 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:39:48.0558 3968 clr_optimization_v4.0.30319_32 - ok
10:39:48.0604 3968 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:39:48.0604 3968 CmBatt - ok
10:39:48.0620 3968 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:39:48.0620 3968 cmdide - ok
10:39:48.0636 3968 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:39:48.0636 3968 Compbatt - ok
10:39:48.0636 3968 COMSysApp - ok
10:39:48.0636 3968 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:39:48.0636 3968 crcdisk - ok
10:39:48.0651 3968 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:39:48.0667 3968 Crusoe - ok
10:39:48.0682 3968 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:39:48.0682 3968 CryptSvc - ok
10:39:48.0745 3968 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:39:48.0745 3968 DcomLaunch - ok
10:39:48.0776 3968 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:39:48.0776 3968 DfsC - ok
10:39:48.0870 3968 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
10:39:48.0885 3968 DFSR - ok
10:39:48.0916 3968 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:39:48.0932 3968 Dhcp - ok
10:39:48.0963 3968 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
10:39:48.0963 3968 disk - ok
10:39:48.0979 3968 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:39:48.0979 3968 Dnscache - ok
10:39:49.0010 3968 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
10:39:49.0041 3968 dot3svc - ok
10:39:49.0072 3968 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
10:39:49.0072 3968 DPS - ok
10:39:49.0104 3968 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:39:49.0104 3968 drmkaud - ok
10:39:49.0150 3968 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:39:49.0182 3968 DXGKrnl - ok
10:39:49.0213 3968 [ D00EEAE1CACD77A1A8396BBC19140BBA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
10:39:49.0228 3968 E100B - ok
10:39:49.0260 3968 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:39:49.0260 3968 E1G60 - ok
10:39:49.0291 3968 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
10:39:49.0291 3968 EapHost - ok
10:39:49.0338 3968 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
10:39:49.0338 3968 Ecache - ok
10:39:49.0384 3968 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:39:49.0400 3968 ehRecvr - ok
10:39:49.0416 3968 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
10:39:49.0416 3968 ehSched - ok
10:39:49.0431 3968 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
10:39:49.0431 3968 ehstart - ok
10:39:49.0462 3968 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:39:49.0462 3968 elxstor - ok
10:39:49.0509 3968 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:39:49.0509 3968 EMDMgmt - ok
10:39:49.0540 3968 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:39:49.0540 3968 ErrDev - ok
10:39:49.0587 3968 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
10:39:49.0587 3968 EventSystem - ok
10:39:49.0603 3968 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
10:39:49.0603 3968 exfat - ok
10:39:49.0618 3968 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:39:49.0618 3968 fastfat - ok
10:39:49.0634 3968 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:39:49.0634 3968 fdc - ok
10:39:49.0650 3968 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
10:39:49.0650 3968 fdPHost - ok
10:39:49.0665 3968 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
10:39:49.0665 3968 FDResPub - ok
10:39:49.0696 3968 [ B2B2C38E916184FF8523C7439DDD417F ] FETNDIS C:\Windows\system32\DRIVERS\fetnd5.sys
10:39:49.0696 3968 FETNDIS - ok
10:39:49.0712 3968 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:39:49.0712 3968 FileInfo - ok
10:39:49.0712 3968 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:39:49.0728 3968 Filetrace - ok
10:39:49.0806 3968 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
10:39:49.0915 3968 FirebirdServerMAGIXInstance - ok
10:39:49.0930 3968 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:39:49.0930 3968 flpydisk - ok
10:39:49.0946 3968 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:39:49.0946 3968 FltMgr - ok
10:39:50.0008 3968 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:39:50.0024 3968 FontCache3.0.0.0 - ok
10:39:50.0024 3968 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:39:50.0024 3968 Fs_Rec - ok
10:39:50.0040 3968 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:39:50.0040 3968 gagp30kx - ok
10:39:50.0086 3968 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
10:39:50.0118 3968 gpsvc - ok
10:39:50.0164 3968 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:39:50.0164 3968 HdAudAddService - ok
10:39:50.0164 3968 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:39:50.0164 3968 HDAudBus - ok
10:39:50.0180 3968 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:39:50.0180 3968 HidBth - ok
10:39:50.0196 3968 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
10:39:50.0196 3968 HidIr - ok
10:39:50.0227 3968 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
10:39:50.0227 3968 hidserv - ok
10:39:50.0258 3968 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:39:50.0258 3968 HidUsb - ok
10:39:50.0274 3968 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:39:50.0274 3968 hkmsvc - ok
10:39:50.0305 3968 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:39:50.0305 3968 HpCISSs - ok
10:39:50.0352 3968 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:39:50.0367 3968 HTTP - ok
10:39:50.0383 3968 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:39:50.0383 3968 i2omp - ok
10:39:50.0414 3968 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:39:50.0414 3968 i8042prt - ok
10:39:50.0430 3968 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:39:50.0430 3968 iaStorV - ok
10:39:50.0523 3968 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:39:50.0554 3968 IDriverT - ok
10:39:50.0632 3968 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:39:50.0742 3968 idsvc - ok
10:39:50.0757 3968 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:39:50.0773 3968 iirsp - ok
10:39:50.0804 3968 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
10:39:50.0820 3968 IKEEXT - ok
10:39:50.0835 3968 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
10:39:50.0835 3968 intelide - ok
10:39:50.0851 3968 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:39:50.0851 3968 intelppm - ok
10:39:50.0882 3968 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:39:50.0913 3968 IPBusEnum - ok
10:39:50.0929 3968 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:39:50.0929 3968 IpFilterDriver - ok
10:39:50.0929 3968 IpInIp - ok
10:39:50.0944 3968 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:39:50.0944 3968 IPMIDRV - ok
10:39:50.0960 3968 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:39:50.0960 3968 IPNAT - ok
10:39:50.0976 3968 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:39:50.0976 3968 IRENUM - ok
10:39:50.0991 3968 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:39:50.0991 3968 isapnp - ok
10:39:51.0022 3968 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:39:51.0022 3968 iScsiPrt - ok
10:39:51.0038 3968 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:39:51.0038 3968 iteatapi - ok
10:39:51.0054 3968 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:39:51.0054 3968 iteraid - ok
10:39:51.0054 3968 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:39:51.0054 3968 kbdclass - ok
10:39:51.0069 3968 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:39:51.0069 3968 kbdhid - ok
10:39:51.0100 3968 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
10:39:51.0100 3968 KeyIso - ok
10:39:51.0147 3968 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:39:51.0147 3968 KSecDD - ok
10:39:51.0178 3968 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:39:51.0178 3968 KtmRm - ok
10:39:51.0210 3968 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:39:51.0210 3968 LanmanServer - ok
10:39:51.0241 3968 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:39:51.0256 3968 LanmanWorkstation - ok
10:39:51.0272 3968 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:39:51.0272 3968 lltdio - ok
10:39:51.0303 3968 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:39:51.0334 3968 lltdsvc - ok
10:39:51.0350 3968 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:39:51.0350 3968 lmhosts - ok
10:39:51.0381 3968 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:39:51.0381 3968 LSI_FC - ok
10:39:51.0397 3968 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:39:51.0397 3968 LSI_SAS - ok
10:39:51.0428 3968 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:39:51.0428 3968 LSI_SCSI - ok
10:39:51.0444 3968 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
10:39:51.0444 3968 luafv - ok
10:39:51.0475 3968 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:39:51.0475 3968 MBAMProtector - ok
10:39:51.0537 3968 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:39:51.0537 3968 MBAMScheduler - ok
10:39:51.0600 3968 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:39:51.0600 3968 MBAMService - ok
10:39:51.0631 3968 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:39:51.0646 3968 Mcx2Svc - ok
10:39:51.0678 3968 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:39:51.0678 3968 mdmxsdk - ok
10:39:51.0709 3968 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
10:39:51.0709 3968 megasas - ok
10:39:51.0740 3968 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
10:39:51.0740 3968 MegaSR - ok
10:39:51.0756 3968 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
10:39:51.0756 3968 MMCSS - ok
10:39:51.0771 3968 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
10:39:51.0771 3968 Modem - ok
10:39:51.0802 3968 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:39:51.0802 3968 monitor - ok
10:39:51.0818 3968 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:39:51.0818 3968 mouclass - ok
10:39:51.0834 3968 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:39:51.0834 3968 mouhid - ok
10:39:51.0834 3968 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:39:51.0834 3968 MountMgr - ok
10:39:51.0865 3968 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
10:39:51.0865 3968 mpio - ok
10:39:51.0865 3968 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:39:51.0880 3968 mpsdrv - ok
10:39:51.0896 3968 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:39:51.0896 3968 Mraid35x - ok
10:39:51.0912 3968 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:39:51.0912 3968 MRxDAV - ok
10:39:51.0927 3968 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:39:51.0927 3968 mrxsmb - ok
10:39:51.0943 3968 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:39:51.0958 3968 mrxsmb10 - ok
10:39:51.0958 3968 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:39:51.0974 3968 mrxsmb20 - ok
10:39:51.0990 3968 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
10:39:51.0990 3968 msahci - ok
10:39:52.0005 3968 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:39:52.0005 3968 msdsm - ok
10:39:52.0021 3968 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
10:39:52.0052 3968 MSDTC - ok
10:39:52.0052 3968 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:39:52.0052 3968 Msfs - ok
10:39:52.0068 3968 [ 1E00B9B8601F24A96AD71A7D0FC5F136 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:39:52.0068 3968 msisadrv - ok
10:39:52.0099 3968 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:39:52.0114 3968 MSiSCSI - ok
10:39:52.0114 3968 msiserver - ok
10:39:52.0146 3968 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:39:52.0146 3968 MSKSSRV - ok
10:39:52.0177 3968 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:39:52.0177 3968 MSPCLOCK - ok
10:39:52.0192 3968 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:39:52.0192 3968 MSPQM - ok
10:39:52.0208 3968 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:39:52.0208 3968 MsRPC - ok
10:39:52.0224 3968 [ 215634CF935B696E3EBCA813D02E9165 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:39:52.0224 3968 mssmbios - ok
10:39:52.0270 3968 MSSQL$JTLWAWI - ok
10:39:52.0286 3968 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
10:39:52.0286 3968 MSSQLServerADHelper - ok
10:39:52.0302 3968 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:39:52.0302 3968 MSTEE - ok
10:39:52.0333 3968 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
10:39:52.0348 3968 Mup - ok
10:39:52.0411 3968 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
10:39:52.0426 3968 napagent - ok
10:39:52.0458 3968 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:39:52.0458 3968 NativeWifiP - ok
10:39:52.0489 3968 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:39:52.0504 3968 NDIS - ok
10:39:52.0520 3968 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:39:52.0520 3968 NdisTapi - ok
10:39:52.0536 3968 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:39:52.0536 3968 Ndisuio - ok
10:39:52.0567 3968 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:39:52.0567 3968 NdisWan - ok
10:39:52.0567 3968 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:39:52.0582 3968 NDProxy - ok
10:39:52.0582 3968 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:39:52.0582 3968 NetBIOS - ok
10:39:52.0598 3968 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:39:52.0598 3968 netbt - ok
10:39:52.0614 3968 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
10:39:52.0614 3968 Netlogon - ok
10:39:52.0629 3968 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
10:39:52.0629 3968 Netman - ok
10:39:52.0660 3968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:39:52.0692 3968 NetMsmqActivator - ok
10:39:52.0692 3968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:39:52.0692 3968 NetPipeActivator - ok
10:39:52.0707 3968 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
10:39:52.0707 3968 netprofm - ok
10:39:52.0707 3968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:39:52.0707 3968 NetTcpActivator - ok
10:39:52.0723 3968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:39:52.0723 3968 NetTcpPortSharing - ok
10:39:52.0738 3968 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:39:52.0738 3968 nfrd960 - ok
10:39:52.0754 3968 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:39:52.0754 3968 NlaSvc - ok
10:39:52.0770 3968 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:39:52.0770 3968 Npfs - ok
10:39:52.0785 3968 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
10:39:52.0785 3968 nsi - ok
10:39:52.0801 3968 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:39:52.0801 3968 nsiproxy - ok
10:39:52.0832 3968 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:39:52.0863 3968 Ntfs - ok
10:39:52.0879 3968 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:39:52.0879 3968 ntrigdigi - ok
10:39:52.0894 3968 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
10:39:52.0894 3968 Null - ok
10:39:52.0926 3968 [ CA566883BD16A1B3A86F49B8F8F57D8C ] NVNET C:\Windows\system32\DRIVERS\nvmfdx32.sys
10:39:52.0926 3968 NVNET - ok
10:39:52.0941 3968 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:39:52.0941 3968 nvraid - ok
10:39:52.0972 3968 [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
10:39:52.0972 3968 nvsmu - ok
10:39:52.0988 3968 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:39:52.0988 3968 nvstor - ok
10:39:53.0004 3968 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:39:53.0004 3968 nv_agp - ok
10:39:53.0004 3968 NwlnkFlt - ok
10:39:53.0019 3968 NwlnkFwd - ok
10:39:53.0035 3968 O2MDRDR - ok
10:39:53.0050 3968 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:39:53.0050 3968 ohci1394 - ok
10:39:53.0097 3968 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:39:53.0160 3968 p2pimsvc - ok
10:39:53.0160 3968 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
10:39:53.0175 3968 p2psvc - ok
10:39:53.0191 3968 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
10:39:53.0191 3968 Parport - ok
10:39:53.0206 3968 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:39:53.0206 3968 partmgr - ok
10:39:53.0222 3968 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:39:53.0222 3968 Parvdm - ok
10:39:53.0253 3968 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
10:39:53.0253 3968 PcaSvc - ok
10:39:53.0253 3968 [ ECA39351296D905BAA4FA3244C152B00 ] pci C:\Windows\system32\drivers\pci.sys
10:39:53.0253 3968 pci - ok
10:39:53.0253 3968 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
10:39:53.0253 3968 pciide - ok
10:39:53.0284 3968 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:39:53.0284 3968 pcmcia - ok
10:39:53.0316 3968 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:39:53.0362 3968 PEAUTH - ok
10:39:53.0425 3968 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
10:39:53.0472 3968 pla - ok
10:39:53.0503 3968 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:39:53.0503 3968 PlugPlay - ok
10:39:53.0534 3968 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:39:53.0534 3968 PNRPAutoReg - ok
10:39:53.0550 3968 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:39:53.0565 3968 PNRPsvc - ok
10:39:53.0596 3968 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:39:53.0628 3968 PolicyAgent - ok
10:39:53.0659 3968 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:39:53.0659 3968 PptpMiniport - ok
10:39:53.0674 3968 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:39:53.0674 3968 Processor - ok
10:39:53.0690 3968 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
10:39:53.0706 3968 ProfSvc - ok
10:39:53.0706 3968 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:39:53.0721 3968 ProtectedStorage - ok
10:39:53.0737 3968 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:39:53.0737 3968 PSched - ok
10:39:53.0768 3968 [ 674EBA70A52C02696E503B0A57AE6372 ] QIOMem C:\Windows\system32\DRIVERS\QIOMem.sys
10:39:53.0768 3968 QIOMem - ok
10:39:53.0815 3968 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:39:53.0846 3968 ql2300 - ok
10:39:53.0862 3968 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:39:53.0862 3968 ql40xx - ok
10:39:53.0893 3968 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
10:39:53.0893 3968 QWAVE - ok
10:39:53.0908 3968 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:39:53.0908 3968 QWAVEdrv - ok
10:39:53.0924 3968 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:39:53.0924 3968 RasAcd - ok
10:39:53.0940 3968 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
10:39:53.0940 3968 RasAuto - ok
10:39:53.0955 3968 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:39:53.0955 3968 Rasl2tp - ok
10:39:53.0971 3968 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
10:39:53.0971 3968 RasMan - ok
10:39:53.0986 3968 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:39:53.0986 3968 RasPppoe - ok
10:39:54.0002 3968 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:39:54.0002 3968 RasSstp - ok
10:39:54.0018 3968 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:39:54.0018 3968 rdbss - ok
10:39:54.0033 3968 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:39:54.0033 3968 RDPCDD - ok
10:39:54.0049 3968 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
10:39:54.0049 3968 rdpdr - ok
10:39:54.0049 3968 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:39:54.0049 3968 RDPENCDD - ok
10:39:54.0064 3968 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:39:54.0080 3968 RDPWD - ok
10:39:54.0096 3968 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:39:54.0096 3968 RemoteAccess - ok
10:39:54.0127 3968 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:39:54.0158 3968 RemoteRegistry - ok
10:39:54.0189 3968 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
10:39:54.0189 3968 RpcLocator - ok
10:39:54.0220 3968 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll
10:39:54.0236 3968 RpcSs - ok
10:39:54.0252 3968 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:39:54.0252 3968 rspndr - ok
10:39:54.0283 3968 [ 8CCA591019216E9523E3CB385CE643E6 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
10:39:54.0283 3968 RTL8169 - ok
10:39:54.0283 3968 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
10:39:54.0283 3968 SamSs - ok
10:39:54.0298 3968 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:39:54.0298 3968 sbp2port - ok
10:39:54.0330 3968 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:39:54.0330 3968 SCardSvr - ok
10:39:54.0376 3968 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
10:39:54.0376 3968 Schedule - ok
10:39:54.0408 3968 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
10:39:54.0408 3968 SCPolicySvc - ok
10:39:54.0439 3968 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:39:54.0439 3968 sdbus - ok
10:39:54.0454 3968 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:39:54.0454 3968 SDRSVC - ok
10:39:54.0470 3968 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:39:54.0470 3968 secdrv - ok
10:39:54.0470 3968 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
10:39:54.0470 3968 seclogon - ok
10:39:54.0486 3968 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
10:39:54.0486 3968 SENS - ok
10:39:54.0501 3968 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:39:54.0501 3968 Serenum - ok
10:39:54.0532 3968 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:39:54.0532 3968 Serial - ok
10:39:54.0548 3968 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:39:54.0548 3968 sermouse - ok
10:39:54.0579 3968 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
10:39:54.0595 3968 SessionEnv - ok
10:39:54.0595 3968 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:39:54.0595 3968 sffdisk - ok
10:39:54.0610 3968 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:39:54.0610 3968 sffp_mmc - ok
10:39:54.0626 3968 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:39:54.0626 3968 sffp_sd - ok
10:39:54.0642 3968 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:39:54.0642 3968 sfloppy - ok
10:39:54.0673 3968 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:39:54.0673 3968 ShellHWDetection - ok
10:39:54.0688 3968 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:39:54.0688 3968 sisagp - ok
10:39:54.0704 3968 [ 025250FF00CF701AE0E60532B2211899 ] SISNIC C:\Windows\system32\DRIVERS\sisnic.sys
10:39:54.0704 3968 SISNIC - ok
10:39:54.0720 3968 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:39:54.0720 3968 SiSRaid2 - ok
10:39:54.0735 3968 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:39:54.0735 3968 SiSRaid4 - ok
10:39:54.0829 3968 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
10:39:54.0891 3968 slsvc - ok
10:39:54.0954 3968 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:39:54.0954 3968 SLUINotify - ok
10:39:54.0954 3968 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:39:54.0954 3968 Smb - ok
10:39:54.0969 3968 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:39:54.0985 3968 SNMPTRAP - ok
10:39:55.0000 3968 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
10:39:55.0000 3968 spldr - ok
10:39:55.0032 3968 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
10:39:55.0032 3968 Spooler - ok
10:39:55.0078 3968 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:39:55.0078 3968 SQLBrowser - ok
10:39:55.0125 3968 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:39:55.0125 3968 SQLWriter - ok
10:39:55.0156 3968 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:39:55.0156 3968 srv - ok
10:39:55.0188 3968 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:39:55.0188 3968 srv2 - ok
10:39:55.0219 3968 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:39:55.0219 3968 srvnet - ok
10:39:55.0234 3968 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:39:55.0250 3968 SSDPSRV - ok
10:39:55.0266 3968 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
10:39:55.0266 3968 ssmdrv - ok
10:39:55.0297 3968 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:39:55.0297 3968 SstpSvc - ok
10:39:55.0344 3968 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
10:39:55.0344 3968 stisvc - ok
10:39:55.0375 3968 [ 97E089971A6ABA49AD5592BD6298E416 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:39:55.0375 3968 swenum - ok
10:39:55.0390 3968 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
10:39:55.0406 3968 swprv - ok
10:39:55.0406 3968 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:39:55.0406 3968 Symc8xx - ok
10:39:55.0437 3968 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:39:55.0437 3968 Sym_hi - ok
10:39:55.0453 3968 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:39:55.0453 3968 Sym_u3 - ok
10:39:55.0484 3968 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
10:39:55.0484 3968 SysMain - ok
10:39:55.0484 3968 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:39:55.0500 3968 TabletInputService - ok
10:39:55.0500 3968 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:39:55.0500 3968 TapiSrv - ok
10:39:55.0515 3968 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
10:39:55.0515 3968 TBS - ok
10:39:55.0562 3968 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:39:55.0578 3968 Tcpip - ok
10:39:55.0609 3968 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:39:55.0609 3968 Tcpip6 - ok
10:39:55.0640 3968 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:39:55.0640 3968 tcpipreg - ok
10:39:55.0656 3968 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:39:55.0656 3968 tdcmdpst - ok
10:39:55.0671 3968 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:39:55.0687 3968 TDPIPE - ok
10:39:55.0687 3968 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:39:55.0687 3968 TDTCP - ok
10:39:55.0702 3968 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:39:55.0702 3968 tdx - ok
10:39:55.0718 3968 [ 718B2F4355CD8EB2844741ADDAC0E622 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:39:55.0718 3968 TermDD - ok
10:39:55.0749 3968 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
10:39:55.0765 3968 TermService - ok
10:39:55.0780 3968 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
10:39:55.0780 3968 Themes - ok
10:39:55.0796 3968 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
10:39:55.0796 3968 THREADORDER - ok
10:39:55.0812 3968 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe
10:39:55.0812 3968 TODDSrv - ok
10:39:55.0843 3968 TOSHIBA Bluetooth Service - ok
10:39:55.0874 3968 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
10:39:55.0874 3968 TOSHIBA SMART Log Service - ok
10:39:55.0890 3968 Tosrfcom - ok
10:39:55.0905 3968 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
10:39:55.0905 3968 TrkWks - ok
10:39:55.0983 3968 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:39:55.0983 3968 TrustedInstaller - ok
10:39:55.0999 3968 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:39:55.0999 3968 tssecsrv - ok
10:39:56.0014 3968 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:39:56.0014 3968 tunmp - ok
10:39:56.0046 3968 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:39:56.0046 3968 tunnel - ok
10:39:56.0061 3968 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:39:56.0061 3968 uagp35 - ok
10:39:56.0077 3968 [ C985B36E127EA9B8A92396120BFF52D8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:39:56.0077 3968 udfs - ok
10:39:56.0092 3968 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:39:56.0124 3968 UI0Detect - ok
10:39:56.0170 3968 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
10:39:56.0170 3968 UleadBurningHelper - ok
10:39:56.0217 3968 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:39:56.0217 3968 uliagpkx - ok
10:39:56.0233 3968 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:39:56.0233 3968 uliahci - ok
10:39:56.0248 3968 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:39:56.0248 3968 UlSata - ok
10:39:56.0264 3968 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:39:56.0264 3968 ulsata2 - ok
10:39:56.0280 3968 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:39:56.0280 3968 umbus - ok
10:39:56.0295 3968 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
10:39:56.0311 3968 upnphost - ok
10:39:56.0311 3968 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:39:56.0311 3968 usbccgp - ok
10:39:56.0326 3968 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:39:56.0326 3968 usbcir - ok
10:39:56.0358 3968 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:39:56.0358 3968 usbehci - ok
10:39:56.0358 3968 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:39:56.0358 3968 usbhub - ok
10:39:56.0373 3968 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:39:56.0373 3968 usbohci - ok
10:39:56.0389 3968 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:39:56.0389 3968 usbprint - ok
10:39:56.0404 3968 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:39:56.0404 3968 USBSTOR - ok
10:39:56.0404 3968 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:39:56.0404 3968 usbuhci - ok
10:39:56.0436 3968 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:39:56.0436 3968 usbvideo - ok
10:39:56.0467 3968 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
10:39:56.0467 3968 UxSms - ok
10:39:56.0514 3968 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
10:39:56.0514 3968 vds - ok
10:39:56.0529 3968 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:39:56.0545 3968 vga - ok
10:39:56.0545 3968 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
10:39:56.0545 3968 VgaSave - ok
10:39:56.0576 3968 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:39:56.0576 3968 viaagp - ok
10:39:56.0592 3968 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:39:56.0592 3968 ViaC7 - ok
10:39:56.0607 3968 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
10:39:56.0607 3968 viaide - ok
10:39:56.0623 3968 [ BDD98BBE7323FC0975A26373D8050471 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:39:56.0623 3968 volmgr - ok
10:39:56.0638 3968 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:39:56.0638 3968 volmgrx - ok
10:39:56.0654 3968 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:39:56.0654 3968 volsnap - ok
10:39:56.0685 3968 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:39:56.0685 3968 vsmraid - ok
10:39:56.0732 3968 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
10:39:56.0748 3968 VSS - ok
10:39:56.0763 3968 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
10:39:56.0763 3968 W32Time - ok
10:39:56.0779 3968 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:39:56.0779 3968 WacomPen - ok
10:39:56.0779 3968 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:39:56.0779 3968 Wanarp - ok
10:39:56.0779 3968 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:39:56.0779 3968 Wanarpv6 - ok
10:39:56.0810 3968 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:39:56.0826 3968 wcncsvc - ok
10:39:56.0826 3968 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:39:56.0826 3968 WcsPlugInService - ok
10:39:56.0841 3968 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
10:39:56.0841 3968 Wd - ok
10:39:56.0872 3968 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:39:56.0888 3968 Wdf01000 - ok
10:39:56.0904 3968 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:39:56.0904 3968 WdiServiceHost - ok
10:39:56.0919 3968 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:39:56.0919 3968 WdiSystemHost - ok
10:39:56.0935 3968 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
10:39:56.0935 3968 WebClient - ok
10:39:56.0966 3968 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:39:56.0966 3968 Wecsvc - ok
10:39:56.0982 3968 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:39:56.0982 3968 wercplsupport - ok
10:39:56.0997 3968 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
10:39:56.0997 3968 WerSvc - ok
10:39:57.0013 3968 WinHttpAutoProxySvc - ok
10:39:57.0060 3968 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:39:57.0060 3968 Winmgmt - ok
10:39:57.0122 3968 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
10:39:57.0122 3968 WinRM - ok
10:39:57.0169 3968 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:39:57.0184 3968 Wlansvc - ok
10:39:57.0216 3968 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:39:57.0216 3968 WmiAcpi - ok
10:39:57.0247 3968 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:39:57.0262 3968 wmiApSrv - ok
10:39:57.0309 3968 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:39:57.0372 3968 WMPNetworkSvc - ok
10:39:57.0403 3968 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:39:57.0403 3968 WPCSvc - ok
10:39:57.0418 3968 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:39:57.0418 3968 WPDBusEnum - ok
10:39:57.0481 3968 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:39:57.0543 3968 WPFFontCache_v0400 - ok
10:39:57.0559 3968 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:39:57.0559 3968 ws2ifsl - ok
10:39:57.0574 3968 WSearch - ok
10:39:57.0637 3968 [ D79538B67FA641E986855DEF651E78FE ] wuauserv C:\Windows\system32\wuaueng.dll
10:39:57.0652 3968 wuauserv - ok
10:39:57.0684 3968 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:39:57.0684 3968 WUDFRd - ok
10:39:57.0699 3968 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:39:57.0699 3968 wudfsvc - ok
10:39:57.0715 3968 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
10:39:57.0715 3968 XAudio - ok
10:39:57.0746 3968 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
10:39:57.0746 3968 XAudioService - ok
10:39:57.0777 3968 [ 7D4CCA3659FA0780603206E3D12A993F ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
10:39:57.0777 3968 yukonwlh - ok
10:39:57.0793 3968 ================ Scan global ===============================
10:39:57.0824 3968 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
10:39:57.0855 3968 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
10:39:57.0871 3968 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
10:39:57.0902 3968 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
10:39:57.0902 3968 [Global] - ok
10:39:57.0902 3968 ================ Scan MBR ==================================
10:39:57.0918 3968 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
10:39:58.0417 3968 \Device\Harddisk1\DR1 - ok
10:39:58.0417 3968 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:39:58.0448 3968 \Device\Harddisk0\DR0 - ok
10:39:58.0448 3968 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
10:40:00.0258 3968 \Device\Harddisk2\DR2 - ok
10:40:00.0258 3968 ================ Scan VBR ==================================
10:40:00.0289 3968 [ 701C47B0619D92249F53DF2A0C4E9A61 ] \Device\Harddisk1\DR1\Partition1
10:40:00.0289 3968 \Device\Harddisk1\DR1\Partition1 - ok
10:40:00.0304 3968 [ CFCABF0DE5AA490EAF22D0078660F4BA ] \Device\Harddisk1\DR1\Partition2
10:40:00.0304 3968 \Device\Harddisk1\DR1\Partition2 - ok
10:40:00.0304 3968 [ D48C9C32331C719341D620316A486C74 ] \Device\Harddisk0\DR0\Partition1
10:40:00.0320 3968 \Device\Harddisk0\DR0\Partition1 - ok
10:40:00.0336 3968 [ 1E462845041183355B13F0ACCEC2BB2E ] \Device\Harddisk0\DR0\Partition2
10:40:00.0336 3968 \Device\Harddisk0\DR0\Partition2 - ok
10:40:00.0336 3968 [ AC2E8999F55239E6F422B384D177C373 ] \Device\Harddisk2\DR2\Partition1
10:40:00.0336 3968 \Device\Harddisk2\DR2\Partition1 - ok
10:40:00.0351 3968 ============================================================
10:40:00.0351 3968 Scan finished
10:40:00.0351 3968 ============================================================
10:40:00.0351 2560 Detected object count: 0
10:40:00.0351 2560 Actual detected object count: 0

Schritt 3:
dds
DDS Logfile:

Code:

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 7.0.6001.18639

Run by stefan at 10:41:38 on 2012-12-09

Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.2046.1333 [GMT 1:00]

.

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe

C:\Program Files\Toshiba\SmoothView\SmoothView.exe

C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://endurocup.de/

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;

BHO: Adobe PDF Reader: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll

uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Google EULA Launcher] c:\program files\google\google eula\GoogleEULALauncher.exe IE PA

mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE

mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe

mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe

mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"

StartupFolder: c:\users\stefan\appdata\roaming\micros~1\windows\startm~1\programs\startup\trdcre~1.lnk - c:\program files\toshiba\trdcreminder\TRDCReminder.exe

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll

IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4

IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

TCP: NameServer = 192.168.178.1

TCP: Interfaces\{7E75E5AB-4318-4CB0-A1C4-F0F28E1C2774} : DHCPNameServer = 192.168.178.1

LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg

.

============= SERVICES / DRIVERS ===============

.

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2012-12-8 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2012-12-8 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-12-8 66616]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-9 399432]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-9 676936]

R2 MSSQL$JTLWAWI;SQL Server (JTLWAWI);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2010-12-10 29293408]

R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-9 22856]

R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-4-9 8192]

S3 b57nd60x;Broadcom NetXtreme-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-21 179712]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2008-7-18 1527900]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-12-09 08:51:20        231936        ----a-w-        c:\windows\system32\msshsq.dll

2012-12-09 08:30:52        17920        ----a-w-        c:\windows\system32\netevent.dll

2012-12-09 08:30:52        125952        ----a-w-        c:\windows\system32\srvsvc.dll

2012-12-09 08:30:35        378368        ----a-w-        c:\windows\system32\winhttp.dll

2012-12-09 08:25:02        --------        d-----w-        c:\users\stefan\appdata\local\WindowsUpdate

2012-12-09 07:43:03        97800        ----a-w-        c:\windows\system32\infocardapi.dll

2012-12-09 07:43:02        37384        ----a-w-        c:\windows\system32\infocardcpl.cpl

2012-12-09 07:43:02        105016        ----a-w-        c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2012-12-09 07:43:01        622080        ----a-w-        c:\windows\system32\icardagt.exe

2012-12-09 07:43:01        11264        ----a-w-        c:\windows\system32\icardres.dll

2012-12-09 07:42:59        781344        ----a-w-        c:\windows\system32\PresentationNative_v0300.dll

2012-12-09 07:42:33        --------        d-----w-        c:\users\stefan\appdata\roaming\Malwarebytes

2012-12-09 07:42:20        --------        d-----w-        c:\programdata\Malwarebytes

2012-12-09 07:42:19        22856        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-12-09 07:42:19        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware

2012-12-09 07:37:46        158720        ----a-w-        c:\windows\system32\mscorier.dll

2012-12-09 07:37:40        83968        ----a-w-        c:\windows\system32\mscories.dll

2012-12-09 07:36:00        2048        ----a-w-        c:\windows\system32\winrsmgr.dll

2012-12-09 03:23:03        12240896        ----a-w-        c:\windows\system32\NlsLexicons0007.dll

2012-12-09 03:23:01        2644480        ----a-w-        c:\windows\system32\NlsLexicons0009.dll

2012-12-09 03:22:52        801280        ----a-w-        c:\windows\system32\NaturalLanguage6.dll

2012-12-09 02:14:42        80896        ----a-w-        c:\windows\system32\MSNP.ax

2012-12-09 02:14:42        57856        ----a-w-        c:\windows\system32\MSDvbNP.ax

2012-12-09 02:14:39        293376        ----a-w-        c:\windows\system32\psisdecd.dll

2012-12-09 02:14:39        217088        ----a-w-        c:\windows\system32\psisrndr.ax

2012-12-09 02:10:02        454656        ----a-w-        c:\program files\common files\system\msadc\msadce.dll

2012-12-09 02:09:03        293376        ----a-w-        c:\windows\system32\browserchoice.exe

2012-12-09 02:05:34        24064        ----a-w-        c:\windows\system32\nshhttp.dll

2012-12-09 02:05:31        411136        ----a-w-        c:\windows\system32\drivers\http.sys

2012-12-09 02:05:31        31232        ----a-w-        c:\windows\system32\httpapi.dll

2012-12-08 23:02:21        531968        ----a-w-        c:\windows\system32\comctl32.dll

2012-12-08 22:55:38        168960        ----a-w-        c:\program files\windows media player\wmplayer.exe

2012-12-08 22:55:37        8147456        ----a-w-        c:\windows\system32\wmploc.DLL

2012-12-08 22:54:15        501760        ----a-w-        c:\windows\system32\usp10.dll

2012-12-08 22:54:10        66048        ----a-w-        c:\program files\windows mail\wabmig.exe

2012-12-08 22:54:10        515584        ----a-w-        c:\program files\windows mail\wab.exe

2012-12-08 22:54:10        33280        ----a-w-        c:\program files\windows mail\wabfind.dll

2012-12-08 22:51:53        72704        ----a-w-        c:\windows\system32\fontsub.dll

2012-12-08 22:51:53        34304        ----a-w-        c:\windows\system32\atmlib.dll

2012-12-08 22:51:53        292864        ----a-w-        c:\windows\system32\atmfd.dll

2012-12-08 22:51:53        10240        ----a-w-        c:\windows\system32\dciman32.dll

2012-12-08 22:51:46        361984        ----a-w-        c:\windows\system32\IPSECSVC.DLL

2012-12-08 22:41:58        69632        ----a-w-        c:\windows\system32\drivers\bowser.sys

2012-12-08 22:41:56        302592        ----a-w-        c:\windows\system32\wlansec.dll

2012-12-08 22:41:56        293376        ----a-w-        c:\windows\system32\wlanmsm.dll

2012-12-08 22:41:56        127488        ----a-w-        c:\windows\system32\L2SecHC.dll

2012-12-08 22:41:55        513024        ----a-w-        c:\windows\system32\wlansvc.dll

2012-12-08 22:41:50        1399296        ----a-w-        c:\windows\system32\msxml6.dll

2012-12-08 22:41:39        75264        ----a-w-        c:\windows\system32\drivers\dfsc.sys

2012-12-08 22:38:40        213504        ----a-w-        c:\windows\system32\msv1_0.dll

2012-12-08 22:38:28        1136640        ----a-w-        c:\windows\system32\mfc42.dll

2012-12-08 22:38:27        1161728        ----a-w-        c:\windows\system32\mfc42u.dll

2012-12-08 22:38:21        1616384        ----a-w-        c:\program files\windows mail\msoe.dll

2012-12-08 22:38:16        81920        ----a-w-        c:\windows\system32\iccvid.dll

2012-12-08 22:38:12        72192        ----a-w-        c:\windows\system32\drivers\pacer.sys

2012-12-08 22:38:12        15360        ----a-w-        c:\windows\system32\pacerprf.dll

2012-12-08 22:38:03        2868224        ----a-w-        c:\windows\system32\mf.dll

2012-12-08 22:36:32        269312        ----a-w-        c:\windows\system32\es.dll

2012-12-08 22:36:26        1169408        ----a-w-        c:\windows\system32\sdclt.exe

2012-12-08 22:33:43        303616        ----a-w-        c:\windows\system32\wmpeffects.dll

2012-12-08 22:33:42        10926592        ----a-w-        c:\program files\movie maker\MOVIEMK.dll

2012-12-08 22:33:41        150016        ----a-w-        c:\program files\movie maker\MOVIEMK.exe

2012-12-08 22:33:37        146432        ----a-w-        c:\windows\system32\drivers\srv2.sys

2012-12-08 22:33:37        102400        ----a-w-        c:\windows\system32\drivers\srvnet.sys

2012-12-08 22:26:39        766464        ----a-w-        c:\program files\common files\microsoft shared\vgx\VGX.dll

2012-12-08 22:26:36        714240        ----a-w-        c:\windows\system32\timedate.cpl

2012-12-08 22:26:34        317952        ----a-w-        c:\windows\system32\MP4SDECD.DLL

2012-12-08 22:26:33        430080        ----a-w-        c:\windows\system32\vbscript.dll

2012-12-08 22:19:56        636928        ----a-w-        c:\windows\system32\localspl.dll

2012-12-08 22:19:41        563200        ----a-w-        c:\windows\system32\oleaut32.dll

2012-12-08 22:19:31        954752        ----a-w-        c:\windows\system32\mfc40.dll

2012-12-08 22:19:31        954288        ----a-w-        c:\windows\system32\mfc40u.dll

2012-12-08 22:18:35        36352        ----a-w-        c:\windows\system32\rtutils.dll

2012-12-08 22:13:34        2927104        ----a-w-        c:\windows\explorer.exe

2012-12-08 22:13:27        28672        ----a-w-        c:\windows\system32\Apphlpdm.dll

2012-12-08 22:13:27        1695744        ----a-w-        c:\windows\system32\gameux.dll

2012-12-08 22:13:26        4240384        ----a-w-        c:\windows\system32\GameUXLegacyGDFs.dll

2012-12-08 22:10:39        499712        ----a-w-        c:\windows\system32\kerberos.dll

2012-12-08 22:10:39        175104        ----a-w-        c:\windows\system32\wdigest.dll

2012-12-08 22:10:38        9728        ----a-w-        c:\windows\system32\lsass.exe

2012-12-08 22:10:38        72704        ----a-w-        c:\windows\system32\secur32.dll

2012-12-08 22:10:38        439896        ----a-w-        c:\windows\system32\drivers\ksecdd.sys

2012-12-08 22:10:38        1256448        ----a-w-        c:\windows\system32\lsasrv.dll

2012-12-08 22:03:27        429056        ----a-w-        c:\windows\system32\EncDec.dll

2012-12-08 22:03:26        323072        ----a-w-        c:\windows\system32\sbe.dll

2012-12-08 22:03:26        177664        ----a-w-        c:\windows\system32\mpg2splt.ax

2012-12-08 22:03:26        153088        ----a-w-        c:\windows\system32\sbeio.dll

2012-12-08 22:03:25        62464        ----a-w-        c:\windows\system32\l3codeca.acm

2012-12-08 22:03:22        25088        ----a-w-        c:\windows\system32\drivers\tunnel.sys

2012-12-08 22:03:22        190464        ----a-w-        c:\windows\system32\iphlpsvc.dll

2012-12-08 22:02:28        1314816        ----a-w-        c:\windows\system32\quartz.dll

2012-12-08 22:02:16        603648        ----a-w-        c:\windows\system32\schedsvc.dll

2012-12-08 22:02:16        357376        ----a-w-        c:\windows\system32\taskschd.dll

2012-12-08 22:02:16        345088        ----a-w-        c:\windows\system32\wmicmiplugin.dll

2012-12-08 22:02:16        270336        ----a-w-        c:\windows\system32\taskcomp.dll

2012-12-08 22:02:16        171520        ----a-w-        c:\windows\system32\taskeng.exe

2012-12-08 22:02:08        738816        ----a-w-        c:\windows\system32\inetcomm.dll

2012-12-08 22:02:05        24064        ----a-w-        c:\windows\system32\amxread.dll

2012-12-08 22:02:05        13824        ----a-w-        c:\windows\system32\apilogen.dll

2012-12-08 22:00:37        523776        ----a-w-        c:\windows\system32\RMActivate_isv.exe

2012-12-08 22:00:37        511488        ----a-w-        c:\windows\system32\RMActivate.exe

2012-12-08 22:00:37        472576        ----a-w-        c:\windows\system32\secproc_isv.dll

2012-12-08 22:00:37        472064        ----a-w-        c:\windows\system32\secproc.dll

2012-12-08 22:00:37        347136        ----a-w-        c:\windows\system32\RMActivate_ssp.exe

2012-12-08 22:00:37        346624        ----a-w-        c:\windows\system32\RMActivate_ssp_isv.exe

2012-12-08 22:00:36        329216        ----a-w-        c:\windows\system32\msdrm.dll

2012-12-08 22:00:36        151040        ----a-w-        c:\windows\system32\secproc_ssp_isv.dll

2012-12-08 22:00:36        151040        ----a-w-        c:\windows\system32\secproc_ssp.dll

2012-12-08 21:56:07        996352        ----a-w-        c:\windows\system32\WMNetMgr.dll

2012-12-08 21:56:07        94720        ----a-w-        c:\windows\system32\logagent.exe

2012-12-08 21:55:45        90112        ----a-w-        c:\windows\system32\wshext.dll

2012-12-08 21:55:45        180224        ----a-w-        c:\windows\system32\scrobj.dll

2012-12-08 21:55:45        172032        ----a-w-        c:\windows\system32\scrrun.dll

2012-12-08 21:55:45        155648        ----a-w-        c:\windows\system32\wscript.exe

2012-12-08 21:55:45        135168        ----a-w-        c:\windows\system32\wshom.ocx

2012-12-08 21:55:45        135168        ----a-w-        c:\windows\system32\cscript.exe

2012-12-08 21:55:17        49152        ----a-w-        c:\windows\system32\csrsrv.dll

2012-12-08 21:55:17        375808        ----a-w-        c:\windows\system32\winsrv.dll

2012-12-08 21:55:15        61440        ----a-w-        c:\windows\system32\msasn1.dll

2012-12-08 21:55:13        1645568        ----a-w-        c:\windows\system32\connect.dll

2012-12-08 21:55:09        784896        ----a-w-        c:\windows\system32\rpcrt4.dll

2012-12-08 21:54:38        677888        ----a-w-        c:\windows\system32\mstsc.exe

2012-12-08 21:54:38        2067456        ----a-w-        c:\windows\system32\mstscax.dll

2012-12-08 21:52:59        898952        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-12-08 21:42:41        281600        ----a-w-        c:\windows\system32\raschap.dll

2012-12-08 21:42:41        244224        ----a-w-        c:\windows\system32\rastls.dll

2012-12-08 21:42:35        351232        ----a-w-        c:\windows\system32\WSDApi.dll

2012-12-08 21:32:21        310784        ----a-w-        c:\windows\system32\unregmp2.exe

2012-12-08 21:32:21        1418752        ----a-w-        c:\program files\windows media player\setup_wm.exe

2012-12-08 21:32:20        7680        ----a-w-        c:\windows\system32\spwmp.dll

2012-12-08 21:32:20        4096        ----a-w-        c:\windows\system32\msdxm.ocx

2012-12-08 21:32:20        4096        ----a-w-        c:\windows\system32\dxmasf.dll

2012-12-08 21:32:20        107520        ----a-w-        c:\program files\windows media player\wmpshare.exe

2012-12-08 21:32:20        107520        ----a-w-        c:\program files\windows media player\wmpconfig.exe

2012-12-08 21:17:49        91136        ----a-w-        c:\windows\system32\avifil32.dll

2012-12-08 21:17:49        82944        ----a-w-        c:\windows\system32\mciavi32.dll

2012-12-08 21:17:49        65024        ----a-w-        c:\windows\system32\avicap32.dll

2012-12-08 21:17:49        50176        ----a-w-        c:\windows\system32\iyuv_32.dll

2012-12-08 21:17:49        31744        ----a-w-        c:\windows\system32\msvidc32.dll

2012-12-08 21:17:49        22528        ----a-w-        c:\windows\system32\msyuv.dll

2012-12-08 21:17:49        13312        ----a-w-        c:\windows\system32\msrle32.dll

2012-12-08 21:17:49        123904        ----a-w-        c:\windows\system32\msvfw32.dll

2012-12-08 21:17:49        11776        ----a-w-        c:\windows\system32\tsbyuv.dll

2012-12-08 21:17:45        604672        ----a-w-        c:\windows\system32\WMSPDMOD.DLL

2012-12-08 21:17:42        276992        ----a-w-        c:\windows\system32\schannel.dll

2012-12-08 19:52:56        --------        d-----w-        c:\users\stefan\appdata\local\Adobe

2012-12-08 19:46:31        89600        ----a-w-        c:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL

2012-12-08 18:55:30        171520        ----a-w-        c:\windows\system32\wintrust.dll

2012-12-08 18:55:14        98304        ----a-w-        c:\windows\system32\cabview.dll

2012-12-08 15:21:23        --------        d-----w-        c:\users\stefan\appdata\local\JTL-Software-GmbH

2012-12-08 15:17:07        --------        d-----w-        c:\program files\JTL-Software

2012-12-08 15:03:48        99176        ----a-w-        c:\windows\system32\PresentationHostProxy.dll

2012-12-08 15:03:48        49472        ----a-w-        c:\windows\system32\netfxperf.dll

2012-12-08 15:03:48        297808        ----a-w-        c:\windows\system32\mscoree.dll

2012-12-08 15:03:48        295264        ----a-w-        c:\windows\system32\PresentationHost.exe

2012-12-08 15:03:48        1130824        ----a-w-        c:\windows\system32\dfshim.dll

2012-12-08 14:47:43        --------        d-----w-        c:\users\stefan\appdata\roaming\jtl-software

2012-12-08 14:47:01        --------        d-----w-        c:\program files\ATI

2012-12-08 14:46:46        --------        d-----w-        c:\program files\ATI Technologies

2012-12-08 14:45:41        --------        d-----w-        C:\ATI

2012-12-08 14:09:17        --------        d-----w-        c:\windows\PCHEALTH

2012-12-08 14:09:08        --------        d-----w-        c:\program files\Microsoft SQL Server

2012-12-08 14:04:05        --------        d-----w-        c:\program files\WS_FTP

2012-12-08 14:00:42        --------        d-----w-        c:\users\stefan\appdata\roaming\Avira

2012-12-08 13:49:21        705536        ----a-w-        c:\windows\system32\cohelper.dll

2012-12-08 13:49:21        6136        ----a-w-        c:\windows\system32\drivers\nvphy.bin

2012-12-08 13:37:22        485920        ----a-w-        c:\windows\system32\nvuninst.exe

2012-12-08 13:31:31        66616        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2012-12-08 13:31:30        --------        d-----w-        c:\programdata\Avira

2012-12-08 13:31:30        --------        d-----w-        c:\program files\Avira

2012-12-07 22:52:21        --------        d-----w-        c:\users\stefan\appdata\local\Seven Zip

2012-12-07 22:42:52        --------        d-----w-        c:\users\stefan\appdata\local\Google

2012-12-07 22:42:49        --------        d-----w-        c:\users\stefan\appdata\local\Toshiba

2012-12-07 22:42:31        --------        d-sh--w-        C:\$RECYCLE.BIN

2012-12-07 22:42:10        --------        d-----w-        c:\users\stefan\appdata\local\VirtualStore

2012-12-07 22:37:48        --------        d-sh--we        C:\Programme

2012-12-07 22:37:48        --------        d-sh--we        c:\programdata\Vorlagen

2012-12-07 22:37:48        --------        d-sh--we        c:\programdata\Startmenü

2012-12-07 22:37:48        --------        d-sh--we        c:\programdata\Favoriten

2012-12-07 22:37:48        --------        d-sh--we        c:\programdata\Dokumente

2012-12-07 22:37:48        --------        d-sh--we        c:\programdata\Anwendungsdaten

2012-12-07 22:37:48        --------        d-sh--we        c:\program files\Gemeinsame Dateien

2012-12-07 22:37:48        --------        d-sh--we        C:\Dokumente und Einstellungen

.

==================== Find3M  ====================

.

.

============= FINISH: 10:42:03,71 ===============

--- --- ---

attach

Code:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium 

Boot Device: \Device\HarddiskVolume2

Install Date: 07.12.2012 22:22:26

System Uptime: 09.12.2012 10:16:03 (0 hours ago)

.

Motherboard: ECS |  | GF8100VM-M5

Processor: AMD Phenom(tm) II X4 955 Processor | CPU 1 | 2100/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 74 GiB total, 49,092 GiB free.

D: is Removable

E: is FIXED (NTFS) - 73 GiB total, 68,231 GiB free.

F: is CDROM ()

G: is FIXED (NTFS) - 488 GiB total, 481,83 GiB free.

H: is FIXED (NTFS) - 443 GiB total, 323,189 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318}

Description: Standard-VGA-Grafikkarte

Device ID: PCI\VEN_1002&DEV_68BE&SUBSYS_E138174B&REV_00\4&182F0470&0&0080

Manufacturer: (Standardgrafikkartentypen)

Name: Standard-VGA-Grafikkarte

PNP Device ID: PCI\VEN_1002&DEV_68BE&SUBSYS_E138174B&REV_00\4&182F0470&0&0080

Service: vga

.

==== System Restore Points ===================

.

RP72: 08.12.2012 22:12:36 - Removed Java(TM) 6 Update 6

RP73: 09.12.2012 03:00:18 - Windows Update

RP74: 09.12.2012 08:35:25 - Windows Update

RP75: 09.12.2012 08:59:02 - Windows Update

RP76: 09.12.2012 09:17:20 - Windows Update

RP77: 09.12.2012 09:50:40 - Windows Update

.

==== Installed Programs ======================

.

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)

Adobe Reader 8.1.2 - Deutsch

Adobe Reader 8.1.2 Security Update 1 (KB403742)

ATI Catalyst Install Manager

Avira AntiVir Personal - Free Antivirus

CD/DVD Drive Acoustic Silencer

DVD MovieFactory for TOSHIBA

Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Java(TM) 6 Update 7

JTL-Wawi

Malwarebytes Anti-Malware Version 1.65.1.1000

Marvell Miniport Driver

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (JTLWAWI)

Microsoft SQL Server Native Client

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft XML Parser

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NetWaiting

NVIDIA Drivers

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Windows Media Encoder (KB2447961)

Tools für Microsoft SQL Server 2005 Express Edition

TOSHIBA Disc Creator

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Hardware Setup

TOSHIBA Recovery Disc Creator

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TRDCReminder

TRORDCLauncher

Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Windows Media Encoder 9-Reihe

WinRAR 4.20 (32-Bit)

.

==== End Of File ===========================

hoffe hab alles richtig gemacht.

Code:

ComboFix 12-12-07.01 - stefan 09.12.2012  13:50:51.1.4 - x86

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2046.1419 [GMT 1:00]

ausgeführt von:: c:\users\stefan\Desktop\ComboFix.exe

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\$recycle.bin\S-1-5-18\$8cf857c71d418695f9964dcafa707a41\@

c:\$recycle.bin\S-1-5-18\$8cf857c71d418695f9964dcafa707a41\n

c:\windows\system32\pt

c:\windows\system32\pt\toscdspd.cpl.mui

G:\install.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-11-09 bis 2012-12-09  ))))))))))))))))))))))))))))))

.

.

2012-12-09 12:39 . 2012-12-09 12:39        --------        d-----w-        c:\program files\Microsoft Silverlight

2012-12-09 12:22 . 2012-12-09 12:22        979456        ----a-w-        c:\windows\system32\MFH264Dec.dll

2012-12-09 12:19 . 2012-12-09 12:19        519680        ----a-w-        c:\windows\system32\d3d11.dll

2012-12-09 12:19 . 2012-12-09 12:19        369664        ----a-w-        c:\windows\system32\WMPhoto.dll

2012-12-09 12:19 . 2012-12-09 12:19        252928        ----a-w-        c:\windows\system32\dxdiag.exe

2012-12-09 12:19 . 2012-12-09 12:19        195584        ----a-w-        c:\windows\system32\dxdiagn.dll

2012-12-09 12:19 . 2012-12-09 12:19        974848        ----a-w-        c:\windows\system32\WindowsCodecs.dll

2012-12-09 12:19 . 2012-12-09 12:19        321024        ----a-w-        c:\windows\system32\PhotoMetadataHandler.dll

2012-12-09 12:19 . 2012-12-09 12:19        189440        ----a-w-        c:\windows\system32\WindowsCodecsExt.dll

2012-12-09 12:04 . 2012-12-09 12:05        --------        d-----w-        c:\windows\system32\ca-ES

2012-12-09 12:04 . 2012-12-09 12:05        --------        d-----w-        c:\windows\system32\eu-ES

2012-12-09 12:04 . 2012-12-09 12:05        --------        d-----w-        c:\windows\system32\vi-VN

2012-12-09 10:44 . 2012-12-09 10:44        --------        d-----w-        c:\windows\system32\EventProviders

2012-12-09 10:42 . 2009-04-11 06:33        926184        ----a-w-        c:\windows\system32\winresume.exe

2012-12-09 10:41 . 2009-04-11 06:28        218624        ----a-w-        c:\windows\system32\wdscore.dll

2012-12-09 10:41 . 2009-04-11 06:27        130560        ----a-w-        c:\windows\system32\PkgMgr.exe

2012-12-09 10:41 . 2009-04-11 06:28        247808        ----a-w-        c:\windows\system32\drvstore.dll

2012-12-09 08:30 . 2010-09-06 16:20        125952        ----a-w-        c:\windows\system32\srvsvc.dll

2012-12-09 08:30 . 2010-09-06 16:19        17920        ----a-w-        c:\windows\system32\netevent.dll

2012-12-09 08:30 . 2009-08-24 11:36        377344        ----a-w-        c:\windows\system32\winhttp.dll

2012-12-09 07:42 . 2012-12-09 07:42        --------        d-----w-        c:\programdata\Malwarebytes

2012-12-09 07:42 . 2012-12-09 08:02        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware

2012-12-09 07:42 . 2012-09-29 18:54        22856        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-12-09 07:36 . 2009-10-09 21:56        2048        ----a-w-        c:\windows\system32\winrsmgr.dll

2012-12-09 02:16 . 2008-05-27 04:59        18904        ----a-w-        c:\windows\system32\StructuredQuerySchemaTrivial.bin

2012-12-09 02:09 . 2010-02-12 10:48        293376        ----a-w-        c:\windows\system32\browserchoice.exe

2012-12-09 02:05 . 2010-02-20 23:06        24064        ----a-w-        c:\windows\system32\nshhttp.dll

2012-12-09 02:05 . 2010-02-20 23:05        30720        ----a-w-        c:\windows\system32\httpapi.dll

2012-12-09 02:05 . 2010-02-20 20:53        411648        ----a-w-        c:\windows\system32\drivers\http.sys

2012-12-08 23:37 . 2010-10-15 14:08        3602320        ----a-w-        c:\windows\system32\ntkrnlpa.exe

2012-12-08 23:37 . 2010-10-15 14:08        3550096        ----a-w-        c:\windows\system32\ntoskrnl.exe

2012-12-08 23:37 . 2010-10-15 13:48        1205080        ----a-w-        c:\windows\system32\ntdll.dll

2012-12-08 23:02 . 2010-08-31 15:44        531968        ----a-w-        c:\windows\system32\comctl32.dll

2012-12-08 22:55 . 2010-09-13 13:56        168960        ----a-w-        c:\program files\Windows Media Player\wmplayer.exe

2012-12-08 22:55 . 2010-09-13 13:56        8147456        ----a-w-        c:\windows\system32\wmploc.DLL

2012-12-08 22:55 . 2009-07-15 12:39        107520        ----a-w-        c:\program files\Windows Media Player\wmpconfig.exe

2012-12-08 22:55 . 2009-07-15 12:39        4096        ----a-w-        c:\windows\system32\msdxm.ocx

2012-12-08 22:55 . 2009-07-15 12:39        4096        ----a-w-        c:\windows\system32\dxmasf.dll

2012-12-08 22:55 . 2009-07-15 12:39        7680        ----a-w-        c:\windows\system32\spwmp.dll

2012-12-08 22:55 . 2009-07-15 12:39        107520        ----a-w-        c:\program files\Windows Media Player\wmpshare.exe

2012-12-08 22:54 . 2010-04-16 16:46        502272        ----a-w-        c:\windows\system32\usp10.dll

2012-12-08 22:54 . 2010-10-12 15:53        33280        ----a-w-        c:\program files\Windows Mail\wabfind.dll

2012-12-08 22:54 . 2010-10-12 13:41        66048        ----a-w-        c:\program files\Windows Mail\wabmig.exe

2012-12-08 22:54 . 2010-10-12 13:41        515584        ----a-w-        c:\program files\Windows Mail\wab.exe

2012-12-08 22:51 . 2011-02-16 16:16        34304        ----a-w-        c:\windows\system32\atmlib.dll

2012-12-08 22:51 . 2011-02-16 14:02        292864        ----a-w-        c:\windows\system32\atmfd.dll

2012-12-08 22:51 . 2010-06-16 15:30        72704        ----a-w-        c:\windows\system32\fontsub.dll

2012-12-08 22:51 . 2009-06-15 14:52        23552        ----a-w-        c:\windows\system32\lpk.dll

2012-12-08 22:51 . 2009-06-15 14:51        10240        ----a-w-        c:\windows\system32\dciman32.dll

2012-12-08 22:41 . 2011-02-22 13:23        69632        ----a-w-        c:\windows\system32\drivers\bowser.sys

2012-12-08 22:41 . 2009-07-11 19:01        513536        ----a-w-        c:\windows\system32\wlansvc.dll

2012-12-08 22:41 . 2009-07-11 19:01        302592        ----a-w-        c:\windows\system32\wlansec.dll

2012-12-08 22:41 . 2009-07-11 19:01        293376        ----a-w-        c:\windows\system32\wlanmsm.dll

2012-12-08 22:41 . 2009-07-11 19:01        65024        ----a-w-        c:\windows\system32\wlanapi.dll

2012-12-08 22:41 . 2009-07-11 17:03        127488        ----a-w-        c:\windows\system32\L2SecHC.dll

2012-12-08 22:41 . 2009-04-11 06:28        68096        ----a-w-        c:\windows\system32\wlanhlp.dll

2012-12-08 22:41 . 2009-08-11 16:44        1401856        ----a-w-        c:\windows\system32\msxml6.dll

2012-12-08 22:41 . 2011-04-14 14:59        75264        ----a-w-        c:\windows\system32\drivers\dfsc.sys

2012-12-08 22:38 . 2009-09-10 16:48        218624        ----a-w-        c:\windows\system32\msv1_0.dll

2012-12-08 22:38 . 2011-03-10 17:03        1162240        ----a-w-        c:\windows\system32\mfc42u.dll

2012-12-08 22:38 . 2011-03-10 17:03        1136640        ----a-w-        c:\windows\system32\mfc42.dll

2012-12-08 22:38 . 2010-01-29 15:40        1616384        ----a-w-        c:\program files\Windows Mail\msoe.dll

2012-12-08 22:38 . 2010-05-27 20:08        81920        ----a-w-        c:\windows\system32\iccvid.dll

2012-12-08 22:38 . 2009-04-11 06:27        53248        ----a-w-        c:\windows\system32\rrinstaller.exe

2012-12-08 22:38 . 2009-04-11 06:27        24576        ----a-w-        c:\windows\system32\mfpmp.exe

2012-12-08 22:38 . 2009-04-11 04:54        2048        ----a-w-        c:\windows\system32\mferror.dll

2012-12-08 22:36 . 2010-12-14 14:49        1169408        ----a-w-        c:\windows\system32\sdclt.exe

2012-12-08 22:33 . 2010-06-17 18:08        10926592        ----a-w-        c:\program files\Movie Maker\MOVIEMK.dll

2012-12-08 22:33 . 2010-06-17 16:16        150016        ----a-w-        c:\program files\Movie Maker\MOVIEMK.exe

2012-12-08 22:33 . 2009-04-11 06:28        23040        ----a-w-        c:\program files\Movie Maker\WMM2EXT.dll

2012-12-08 22:33 . 2009-04-11 06:28        195072        ----a-w-        c:\program files\Movie Maker\WMM2AE.dll

2012-12-08 22:33 . 2011-04-29 13:25        146432        ----a-w-        c:\windows\system32\drivers\srv2.sys

2012-12-08 22:33 . 2011-04-29 13:25        102400        ----a-w-        c:\windows\system32\drivers\srvnet.sys

2012-12-08 22:26 . 2009-10-23 17:10        714240        ----a-w-        c:\windows\system32\timedate.cpl

2012-12-08 22:26 . 2010-04-05 17:02        317952        ----a-w-        c:\windows\system32\MP4SDECD.DLL

2012-12-08 22:19 . 2009-04-23 12:14        623616        ----a-w-        c:\windows\system32\localspl.dll

2012-12-08 22:19 . 2010-12-20 16:35        563712        ----a-w-        c:\windows\system32\oleaut32.dll

2012-12-08 22:19 . 2010-08-31 15:46        954752        ----a-w-        c:\windows\system32\mfc40.dll

2012-12-08 22:19 . 2010-08-31 15:46        954288        ----a-w-        c:\windows\system32\mfc40u.dll

2012-12-08 22:18 . 2010-06-18 17:31        36864        ----a-w-        c:\windows\system32\rtutils.dll

2012-12-08 22:13 . 2011-03-03 15:40        28672        ----a-w-        c:\windows\system32\Apphlpdm.dll

2012-12-08 22:13 . 2010-08-26 16:34        1696256        ----a-w-        c:\windows\system32\gameux.dll

2012-12-08 22:13 . 2011-03-03 13:35        4240384        ----a-w-        c:\windows\system32\GameUXLegacyGDFs.dll

2012-12-08 22:10 . 2009-06-15 14:52        1259008        ----a-w-        c:\windows\system32\lsasrv.dll

2012-12-08 22:10 . 2009-06-15 14:54        175104        ----a-w-        c:\windows\system32\wdigest.dll

2012-12-08 22:10 . 2009-06-15 14:52        499712        ----a-w-        c:\windows\system32\kerberos.dll

2012-12-08 22:10 . 2009-06-15 23:15        439864        ----a-w-        c:\windows\system32\drivers\ksecdd.sys

2012-12-08 22:10 . 2009-06-15 14:53        72704        ----a-w-        c:\windows\system32\secur32.dll

2012-12-08 22:10 . 2009-06-15 12:48        9728        ----a-w-        c:\windows\system32\lsass.exe

2012-12-08 22:04 . 2010-08-20 16:05        867328        ----a-w-        c:\windows\system32\wmpmde.dll

2012-12-08 22:03 . 2010-12-29 18:28        429056        ----a-w-        c:\windows\system32\EncDec.dll

2012-12-08 22:03 . 2010-12-29 18:28        322560        ----a-w-        c:\windows\system32\sbe.dll

2012-12-08 22:03 . 2010-12-29 18:28        153088        ----a-w-        c:\windows\system32\sbeio.dll

2012-12-08 22:03 . 2010-12-29 18:26        177664        ----a-w-        c:\windows\system32\mpg2splt.ax

2012-12-08 22:03 . 2010-01-21 15:05        62464        ----a-w-        c:\windows\system32\l3codeca.acm

2012-12-08 22:03 . 2009-04-11 06:27        220672        ----a-w-        c:\windows\system32\l3codecp.acm

2012-12-08 22:03 . 2010-02-18 13:30        200704        ----a-w-        c:\windows\system32\iphlpsvc.dll

2012-12-08 22:03 . 2010-02-18 11:28        25088        ----a-w-        c:\windows\system32\drivers\tunnel.sys

2012-12-08 22:02 . 2010-11-04 18:56        345600        ----a-w-        c:\windows\system32\wmicmiplugin.dll

2012-12-08 22:02 . 2010-11-04 18:55        352768        ----a-w-        c:\windows\system32\taskschd.dll

2012-12-08 22:02 . 2010-11-04 18:55        270336        ----a-w-        c:\windows\system32\taskcomp.dll

2012-12-08 22:02 . 2010-11-04 18:55        601600        ----a-w-        c:\windows\system32\schedsvc.dll

2012-12-08 22:02 . 2010-11-04 16:34        171520        ----a-w-        c:\windows\system32\taskeng.exe

2012-12-08 22:02 . 2011-05-02 17:16        739328        ----a-w-        c:\windows\system32\inetcomm.dll

2012-12-08 22:01 . 2010-10-18 13:37        81920        ----a-w-        c:\windows\system32\consent.exe

2012-12-08 22:01 . 2010-06-11 16:15        1248768        ----a-w-        c:\windows\system32\msxml3.dll

2012-12-08 22:01 . 2010-10-28 13:20        2048        ----a-w-        c:\windows\system32\tzres.dll

2012-12-08 22:01 . 2009-07-15 12:39        313344        ----a-w-        c:\windows\system32\wmpdxm.dll

2012-12-08 22:01 . 2009-07-15 10:21        43520        ----a-w-        c:\windows\system32\msdxm.tlb

2012-12-08 22:01 . 2009-07-15 10:21        18432        ----a-w-        c:\windows\system32\amcompat.tlb

2012-12-08 22:00 . 2010-01-25 08:21        526336        ----a-w-        c:\windows\system32\RMActivate_isv.exe

2012-12-08 22:00 . 2010-01-25 08:21        518144        ----a-w-        c:\windows\system32\RMActivate.exe

2012-12-08 22:00 . 2010-01-25 12:00        471552        ----a-w-        c:\windows\system32\secproc_isv.dll

2012-12-08 22:00 . 2010-01-25 12:00        471552        ----a-w-        c:\windows\system32\secproc.dll

2012-12-08 22:00 . 2010-01-25 11:58        332288        ----a-w-        c:\windows\system32\msdrm.dll

2012-12-08 22:00 . 2010-01-25 08:21        346624        ----a-w-        c:\windows\system32\RMActivate_ssp_isv.exe

2012-12-08 22:00 . 2010-01-25 08:21        347136        ----a-w-        c:\windows\system32\RMActivate_ssp.exe

2012-12-08 22:00 . 2010-01-25 12:00        152576        ----a-w-        c:\windows\system32\secproc_ssp_isv.dll

2012-12-08 22:00 . 2010-01-25 12:00        152064        ----a-w-        c:\windows\system32\secproc_ssp.dll

2012-12-08 21:55 . 2011-04-20 15:55        375808        ----a-w-        c:\windows\system32\winsrv.dll

2012-12-08 21:55 . 2011-04-20 15:50        49152        ----a-w-        c:\windows\system32\csrsrv.dll

2012-12-08 21:55 . 2009-09-04 11:41        60928        ----a-w-        c:\windows\system32\msasn1.dll

2012-12-08 21:55 . 2009-04-23 12:15        784896        ----a-w-        c:\windows\system32\rpcrt4.dll

2012-12-08 21:54 . 2010-12-17 15:45        2067968        ----a-w-        c:\windows\system32\mstscax.dll

2012-12-08 21:54 . 2010-12-17 13:54        677888        ----a-w-        c:\windows\system32\mstsc.exe

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-09 12:19 . 2012-12-09 12:19        4096        ----a-w-        c:\windows\system32\drivers\de-DE\dxgkrnl.sys.mui

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]

"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]

"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]

"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]

"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

.

c:\users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://endurocup.de/

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA

TCP: DhcpNameServer = 192.168.178.1

.

.

**************************************************************************

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

  TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i???????}l????X?b???b???b???b?   

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BFE]

"ImagePath"="."

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MpsSvc]

"ImagePath"="."

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe

c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe

c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe

c:\windows\system32\TODDSrv.exe

c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

c:\windows\system32\DRIVERS\xaudio.exe

c:\windows\system32\conime.exe

c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

c:\\?\c:\windows\system32\wbem\WMIADAP.EXE

.

**************************************************************************

.

Zeit der Fertigstellung: 2012-12-09  14:00:14 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2012-12-09 12:59

.

Vor Suchlauf: 7 Verzeichnis(se), 48.365.006.848 Bytes frei

Nach Suchlauf: 10 Verzeichnis(se), 48.351.186.944 Bytes frei

.

- - End Of File - - F5DE99DE7B168D1BF78983C6E30DE01A