| |
| |||||||
Log-Analyse und Auswertung: Anscheinend mit Trojaner von Facebook infiziertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.10.2011, 17:46
| #16 |
 |  Anscheinend mit Trojaner von Facebook infiziert OK, habe das Objekt entfernen lassen, anschließend neuen Scan gemacht, hier das Log: Code:
ATTFilter 18:38:38.0908 5024 TDSS rootkit removing tool 2.6.9.0 Oct 14 2011 11:33:24
18:38:39.0174 5024 ============================================================
18:38:39.0174 5024 Current date / time: 2011/10/16 18:38:39.0174
18:38:39.0174 5024 SystemInfo:
18:38:39.0174 5024
18:38:39.0174 5024 OS Version: 6.0.6002 ServicePack: 2.0
18:38:39.0174 5024 Product type: Workstation
18:38:39.0174 5024 ComputerName: MICHAEL-PC
18:38:39.0174 5024 UserName: Michael
18:38:39.0174 5024 Windows directory: C:\Windows
18:38:39.0174 5024 System windows directory: C:\Windows
18:38:39.0174 5024 Processor architecture: Intel x86
18:38:39.0174 5024 Number of processors: 2
18:38:39.0174 5024 Page size: 0x1000
18:38:39.0174 5024 Boot type: Normal boot
18:38:39.0174 5024 ============================================================
18:38:39.0954 5024 Initialize success
18:38:50.0842 5032 ============================================================
18:38:50.0842 5032 Scan started
18:38:50.0842 5032 Mode: Manual; SigCheck; TDLFS;
18:38:50.0842 5032 ============================================================
18:38:51.0669 5032 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:38:51.0763 5032 ACPI - ok
18:38:51.0856 5032 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
18:38:51.0872 5032 adp94xx - ok
18:38:51.0950 5032 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
18:38:51.0966 5032 adpahci - ok
18:38:52.0106 5032 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
18:38:52.0122 5032 adpu160m - ok
18:38:52.0246 5032 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
18:38:52.0246 5032 adpu320 - ok
18:38:52.0449 5032 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:38:52.0480 5032 AFD - ok
18:38:52.0574 5032 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
18:38:52.0590 5032 agp440 - ok
18:38:52.0652 5032 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:38:52.0668 5032 aic78xx - ok
18:38:52.0777 5032 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
18:38:52.0777 5032 aliide - ok
18:38:52.0839 5032 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
18:38:52.0855 5032 amdagp - ok
18:38:52.0995 5032 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
18:38:52.0995 5032 amdide - ok
18:38:53.0136 5032 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
18:38:53.0182 5032 AmdK7 - ok
18:38:53.0229 5032 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
18:38:53.0276 5032 AmdK8 - ok
18:38:53.0385 5032 ApfiltrService (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:38:53.0401 5032 ApfiltrService - ok
18:38:53.0494 5032 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
18:38:53.0510 5032 arc - ok
18:38:53.0650 5032 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
18:38:53.0650 5032 arcsas - ok
18:38:53.0760 5032 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:38:53.0775 5032 AsyncMac - ok
18:38:53.0838 5032 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:38:53.0838 5032 atapi - ok
18:38:53.0994 5032 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
18:38:53.0994 5032 avgio - ok
18:38:54.0181 5032 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
18:38:54.0399 5032 avgntflt - ok
18:38:54.0493 5032 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
18:38:54.0508 5032 avipbb - ok
18:38:54.0633 5032 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:38:54.0664 5032 Beep - ok
18:38:54.0727 5032 blbdrive - ok
18:38:54.0820 5032 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:38:54.0820 5032 bowser - ok
18:38:54.0914 5032 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:38:54.0930 5032 BrFiltLo - ok
18:38:54.0992 5032 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:38:55.0008 5032 BrFiltUp - ok
18:38:55.0101 5032 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:38:55.0148 5032 Brserid - ok
18:38:55.0273 5032 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:38:55.0304 5032 BrSerWdm - ok
18:38:55.0413 5032 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:38:55.0460 5032 BrUsbMdm - ok
18:38:55.0522 5032 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:38:55.0569 5032 BrUsbSer - ok
18:38:55.0788 5032 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
18:38:55.0803 5032 BthEnum - ok
18:38:55.0928 5032 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:38:55.0959 5032 BTHMODEM - ok
18:38:56.0053 5032 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
18:38:56.0084 5032 BthPan - ok
18:38:56.0178 5032 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
18:38:56.0209 5032 BTHPORT - ok
18:38:56.0318 5032 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
18:38:56.0334 5032 BTHUSB - ok
18:38:56.0458 5032 btwaudio (6ca69fa57cf251e890105923ad215b99) C:\Windows\system32\drivers\btwaudio.sys
18:38:56.0458 5032 btwaudio - ok
18:38:56.0568 5032 btwavdt (12b4a9afa82bfe5a7d8819bf7ae20601) C:\Windows\system32\drivers\btwavdt.sys
18:38:56.0568 5032 btwavdt - ok
18:38:56.0677 5032 btwl2cap (d02f4d18aa4a38f781beefeb1892e144) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:38:56.0692 5032 btwl2cap - ok
18:38:56.0755 5032 btwrchid (d5e554f6c1a3baeb79daf9e1684f8102) C:\Windows\system32\DRIVERS\btwrchid.sys
18:38:56.0770 5032 btwrchid - ok
18:38:56.0864 5032 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:38:56.0880 5032 cdfs - ok
18:38:56.0989 5032 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:38:57.0004 5032 cdrom - ok
18:38:57.0160 5032 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
18:38:57.0207 5032 circlass - ok
18:38:57.0363 5032 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:38:57.0379 5032 CLFS - ok
18:38:57.0628 5032 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:38:57.0644 5032 CmBatt - ok
18:38:57.0738 5032 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
18:38:57.0738 5032 cmdide - ok
18:38:57.0831 5032 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:38:57.0847 5032 Compbatt - ok
18:38:57.0878 5032 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
18:38:57.0894 5032 crcdisk - ok
18:38:58.0003 5032 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
18:38:58.0050 5032 Crusoe - ok
18:38:58.0159 5032 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:38:58.0159 5032 DfsC - ok
18:38:58.0330 5032 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:38:58.0346 5032 disk - ok
18:38:58.0518 5032 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
18:38:58.0533 5032 DMICall - ok
18:38:58.0720 5032 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:38:58.0736 5032 drmkaud - ok
18:38:58.0908 5032 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:38:58.0939 5032 DXGKrnl - ok
18:38:59.0048 5032 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:38:59.0095 5032 E1G60 - ok
18:38:59.0220 5032 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:38:59.0235 5032 Ecache - ok
18:38:59.0313 5032 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
18:38:59.0329 5032 elxstor - ok
18:38:59.0469 5032 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:38:59.0500 5032 exfat - ok
18:38:59.0610 5032 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:38:59.0625 5032 fastfat - ok
18:38:59.0734 5032 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
18:38:59.0766 5032 fdc - ok
18:38:59.0890 5032 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:38:59.0906 5032 FileInfo - ok
18:39:00.0062 5032 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:39:00.0093 5032 Filetrace - ok
18:39:00.0202 5032 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
18:39:00.0234 5032 flpydisk - ok
18:39:00.0327 5032 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:39:00.0343 5032 FltMgr - ok
18:39:00.0452 5032 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:39:00.0468 5032 Fs_Rec - ok
18:39:00.0561 5032 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
18:39:00.0561 5032 gagp30kx - ok
18:39:00.0670 5032 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:39:00.0686 5032 GEARAspiWDM - ok
18:39:00.0811 5032 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
18:39:00.0811 5032 ggflt - ok
18:39:01.0014 5032 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
18:39:01.0014 5032 ggsemc - ok
18:39:01.0310 5032 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:39:01.0341 5032 HdAudAddService - ok
18:39:01.0482 5032 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:39:01.0497 5032 HDAudBus - ok
18:39:01.0591 5032 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:39:01.0622 5032 HidBth - ok
18:39:01.0700 5032 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:39:01.0731 5032 HidIr - ok
18:39:01.0825 5032 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:39:01.0856 5032 HidUsb - ok
18:39:01.0965 5032 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
18:39:01.0981 5032 HpCISSs - ok
18:39:02.0137 5032 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:39:02.0168 5032 HSFHWAZL - ok
18:39:02.0262 5032 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
18:39:02.0293 5032 HSF_DPV - ok
18:39:02.0371 5032 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
18:39:02.0371 5032 HSXHWAZL - ok
18:39:02.0480 5032 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:39:02.0496 5032 HTTP - ok
18:39:02.0589 5032 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
18:39:02.0589 5032 i2omp - ok
18:39:02.0683 5032 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:39:02.0698 5032 i8042prt - ok
18:39:02.0808 5032 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys
18:39:02.0823 5032 iaStor - ok
18:39:02.0886 5032 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
18:39:02.0901 5032 iaStorV - ok
18:39:03.0026 5032 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:39:03.0042 5032 iirsp - ok
18:39:03.0198 5032 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:39:03.0213 5032 intelide - ok
18:39:03.0338 5032 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:39:03.0369 5032 intelppm - ok
18:39:03.0525 5032 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:39:03.0541 5032 IpFilterDriver - ok
18:39:03.0588 5032 IpInIp - ok
18:39:03.0650 5032 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
18:39:03.0697 5032 IPMIDRV - ok
18:39:03.0806 5032 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:39:03.0837 5032 IPNAT - ok
18:39:03.0978 5032 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:39:03.0993 5032 IRENUM - ok
18:39:04.0102 5032 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
18:39:04.0118 5032 isapnp - ok
18:39:04.0227 5032 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:39:04.0243 5032 iScsiPrt - ok
18:39:04.0336 5032 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:39:04.0352 5032 iteatapi - ok
18:39:04.0446 5032 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:39:04.0446 5032 iteraid - ok
18:39:04.0570 5032 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:39:04.0586 5032 kbdclass - ok
18:39:04.0664 5032 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:39:04.0680 5032 kbdhid - ok
18:39:04.0789 5032 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
18:39:04.0804 5032 KSecDD - ok
18:39:04.0898 5032 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:39:04.0929 5032 lltdio - ok
18:39:05.0038 5032 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
18:39:05.0054 5032 LSI_FC - ok
18:39:05.0179 5032 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
18:39:05.0194 5032 LSI_SAS - ok
18:39:05.0335 5032 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
18:39:05.0382 5032 LSI_SCSI - ok
18:39:05.0631 5032 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:39:05.0662 5032 luafv - ok
18:39:05.0725 5032 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:39:05.0725 5032 mdmxsdk - ok
18:39:05.0803 5032 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
18:39:05.0803 5032 megasas - ok
18:39:05.0943 5032 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:39:05.0974 5032 Modem - ok
18:39:06.0052 5032 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:39:06.0068 5032 monitor - ok
18:39:06.0162 5032 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:39:06.0162 5032 mouclass - ok
18:39:06.0208 5032 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:39:06.0224 5032 mouhid - ok
18:39:06.0333 5032 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:39:06.0333 5032 MountMgr - ok
18:39:06.0489 5032 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
18:39:06.0489 5032 mpio - ok
18:39:06.0583 5032 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:39:06.0598 5032 mpsdrv - ok
18:39:06.0676 5032 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:39:06.0676 5032 Mraid35x - ok
18:39:06.0786 5032 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:39:06.0801 5032 MRxDAV - ok
18:39:06.0864 5032 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:39:06.0879 5032 mrxsmb - ok
18:39:06.0957 5032 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:39:06.0973 5032 mrxsmb10 - ok
18:39:07.0035 5032 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:39:07.0051 5032 mrxsmb20 - ok
18:39:07.0144 5032 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
18:39:07.0160 5032 msahci - ok
18:39:07.0238 5032 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
18:39:07.0254 5032 msdsm - ok
18:39:07.0332 5032 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:39:07.0347 5032 Msfs - ok
18:39:07.0534 5032 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:39:07.0550 5032 msisadrv - ok
18:39:07.0644 5032 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:39:07.0659 5032 MSKSSRV - ok
18:39:07.0737 5032 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:39:07.0753 5032 MSPCLOCK - ok
18:39:07.0831 5032 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:39:07.0862 5032 MSPQM - ok
18:39:07.0971 5032 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:39:07.0987 5032 MsRPC - ok
18:39:08.0096 5032 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:39:08.0096 5032 mssmbios - ok
18:39:08.0174 5032 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:39:08.0190 5032 MSTEE - ok
18:39:08.0283 5032 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:39:08.0299 5032 Mup - ok
18:39:08.0392 5032 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:39:08.0408 5032 NativeWifiP - ok
18:39:08.0533 5032 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:39:08.0564 5032 NDIS - ok
18:39:08.0673 5032 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:39:08.0689 5032 NdisTapi - ok
18:39:08.0767 5032 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:39:08.0798 5032 Ndisuio - ok
18:39:08.0860 5032 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:39:08.0892 5032 NdisWan - ok
18:39:08.0985 5032 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:39:09.0001 5032 NDProxy - ok
18:39:09.0094 5032 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:39:09.0126 5032 NetBIOS - ok
18:39:09.0188 5032 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:39:09.0219 5032 netbt - ok
18:39:09.0391 5032 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
18:39:09.0484 5032 NETw4v32 - ok
18:39:09.0640 5032 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:39:09.0640 5032 nfrd960 - ok
18:39:09.0750 5032 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:39:09.0765 5032 Npfs - ok
18:39:09.0859 5032 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:39:09.0890 5032 nsiproxy - ok
18:39:10.0015 5032 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:39:10.0077 5032 Ntfs - ok
18:39:10.0218 5032 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:39:10.0264 5032 ntrigdigi - ok
18:39:10.0374 5032 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:39:10.0389 5032 Null - ok
18:39:10.0654 5032 nvlddmkm (39d8f5a92427c57309355199592ead9f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:39:11.0216 5032 nvlddmkm - ok
18:39:11.0372 5032 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
18:39:11.0388 5032 nvraid - ok
18:39:11.0450 5032 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
18:39:11.0466 5032 nvstor - ok
18:39:11.0512 5032 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
18:39:11.0528 5032 nv_agp - ok
18:39:11.0559 5032 NwlnkFlt - ok
18:39:11.0590 5032 NwlnkFwd - ok
18:39:11.0746 5032 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
18:39:11.0762 5032 ohci1394 - ok
18:39:11.0887 5032 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:39:11.0934 5032 Parport - ok
18:39:11.0980 5032 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:39:11.0996 5032 partmgr - ok
18:39:12.0183 5032 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:39:12.0230 5032 Parvdm - ok
18:39:12.0355 5032 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:39:12.0355 5032 pci - ok
18:39:12.0417 5032 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
18:39:12.0433 5032 pciide - ok
18:39:12.0558 5032 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
18:39:12.0573 5032 pcmcia - ok
18:39:12.0636 5032 PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\Windows\system32\Drivers\PdiPorts.sys
18:39:12.0651 5032 PdiPorts - ok
18:39:12.0729 5032 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:39:12.0792 5032 PEAUTH - ok
18:39:12.0979 5032 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:39:12.0994 5032 PptpMiniport - ok
18:39:13.0057 5032 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
18:39:13.0088 5032 Processor - ok
18:39:13.0166 5032 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:39:13.0197 5032 PSched - ok
18:39:13.0244 5032 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
18:39:13.0260 5032 PxHelp20 - ok
18:39:13.0431 5032 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
18:39:13.0494 5032 ql2300 - ok
18:39:13.0556 5032 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:39:13.0572 5032 ql40xx - ok
18:39:13.0650 5032 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:39:13.0665 5032 QWAVEdrv - ok
18:39:13.0774 5032 R5U870FLx86 (9ac8ac6cd00100443ea6afd0a4ade8f7) C:\Windows\system32\Drivers\R5U870FLx86.sys
18:39:13.0790 5032 R5U870FLx86 - ok
18:39:13.0837 5032 R5U870FUx86 (1ae358affffd13bf6ec7dc72dccfac12) C:\Windows\system32\Drivers\R5U870FUx86.sys
18:39:13.0852 5032 R5U870FUx86 - ok
18:39:13.0930 5032 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:39:13.0946 5032 RasAcd - ok
18:39:14.0024 5032 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:39:14.0055 5032 Rasl2tp - ok
18:39:14.0118 5032 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:39:14.0133 5032 RasPppoe - ok
18:39:14.0242 5032 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:39:14.0258 5032 RasSstp - ok
18:39:14.0352 5032 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:39:14.0367 5032 rdbss - ok
18:39:14.0445 5032 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:39:14.0461 5032 RDPCDD - ok
18:39:14.0523 5032 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
18:39:14.0570 5032 rdpdr - ok
18:39:14.0648 5032 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:39:14.0679 5032 RDPENCDD - ok
18:39:14.0757 5032 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:39:14.0788 5032 RDPWD - ok
18:39:14.0851 5032 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
18:39:14.0866 5032 regi - ok
18:39:14.0991 5032 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
18:39:15.0007 5032 RFCOMM - ok
18:39:15.0100 5032 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:39:15.0132 5032 rspndr - ok
18:39:15.0194 5032 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:39:15.0210 5032 sbp2port - ok
18:39:15.0272 5032 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:39:15.0303 5032 secdrv - ok
18:39:15.0490 5032 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:39:15.0537 5032 Serenum - ok
18:39:15.0615 5032 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:39:15.0662 5032 Serial - ok
18:39:15.0849 5032 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:39:15.0896 5032 sermouse - ok
18:39:16.0052 5032 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
18:39:16.0083 5032 sffdisk - ok
18:39:16.0146 5032 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
18:39:16.0192 5032 sffp_mmc - ok
18:39:16.0302 5032 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
18:39:16.0348 5032 sffp_sd - ok
18:39:16.0395 5032 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
18:39:16.0426 5032 sfloppy - ok
18:39:16.0567 5032 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
18:39:16.0582 5032 sisagp - ok
18:39:16.0645 5032 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
18:39:16.0660 5032 SiSRaid2 - ok
18:39:16.0723 5032 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
18:39:16.0738 5032 SiSRaid4 - ok
18:39:16.0816 5032 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:39:16.0832 5032 Smb - ok
18:39:16.0988 5032 SNC (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys
18:39:16.0988 5032 SNC - ok
18:39:17.0113 5032 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:39:17.0113 5032 spldr - ok
18:39:17.0316 5032 sp_rsdrv2 (8831252bcf05fcfb5abd116a22e552d8) C:\Windows\system32\drivers\sp_rsdrv2.sys
18:39:17.0316 5032 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
18:39:17.0316 5032 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)
18:39:17.0394 5032 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:39:17.0409 5032 srv - ok
18:39:17.0550 5032 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:39:17.0565 5032 srv2 - ok
18:39:17.0643 5032 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:39:17.0659 5032 srvnet - ok
18:39:17.0706 5032 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:39:17.0721 5032 ssmdrv - ok
18:39:17.0799 5032 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
18:39:17.0815 5032 STHDA - ok
18:39:17.0986 5032 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:39:18.0002 5032 swenum - ok
18:39:18.0064 5032 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:39:18.0064 5032 Symc8xx - ok
18:39:18.0142 5032 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:39:18.0142 5032 Sym_hi - ok
18:39:18.0205 5032 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:39:18.0205 5032 Sym_u3 - ok
18:39:18.0454 5032 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
18:39:18.0486 5032 Tcpip - ok
18:39:18.0548 5032 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
18:39:18.0579 5032 Tcpip6 - ok
18:39:18.0704 5032 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:39:18.0720 5032 tcpipreg - ok
18:39:18.0782 5032 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:39:18.0813 5032 TDPIPE - ok
18:39:18.0860 5032 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:39:18.0891 5032 TDTCP - ok
18:39:18.0985 5032 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:39:19.0016 5032 tdx - ok
18:39:19.0063 5032 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:39:19.0078 5032 TermDD - ok
18:39:19.0219 5032 ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
18:39:19.0281 5032 ti21sony - ok
18:39:19.0422 5032 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:39:19.0437 5032 tssecsrv - ok
18:39:19.0593 5032 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:39:19.0609 5032 tunmp - ok
18:39:19.0718 5032 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
18:39:19.0718 5032 tunnel - ok
18:39:19.0780 5032 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
18:39:19.0796 5032 uagp35 - ok
18:39:19.0890 5032 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:39:19.0905 5032 udfs - ok
18:39:20.0046 5032 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
18:39:20.0046 5032 uliagpkx - ok
18:39:20.0108 5032 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
18:39:20.0124 5032 uliahci - ok
18:39:20.0202 5032 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:39:20.0217 5032 UlSata - ok
18:39:20.0295 5032 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:39:20.0311 5032 ulsata2 - ok
18:39:20.0436 5032 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:39:20.0451 5032 umbus - ok
18:39:20.0529 5032 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:39:20.0560 5032 usbccgp - ok
18:39:20.0623 5032 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:39:20.0654 5032 usbcir - ok
18:39:20.0732 5032 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:39:20.0763 5032 usbehci - ok
18:39:20.0872 5032 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:39:20.0904 5032 usbhub - ok
18:39:20.0950 5032 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:39:20.0997 5032 usbohci - ok
18:39:21.0106 5032 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:39:21.0122 5032 usbprint - ok
18:39:21.0294 5032 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
18:39:21.0309 5032 usbscan - ok
18:39:21.0372 5032 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:39:21.0403 5032 USBSTOR - ok
18:39:21.0465 5032 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:39:21.0481 5032 usbuhci - ok
18:39:21.0637 5032 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:39:21.0652 5032 usbvideo - ok
18:39:21.0808 5032 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
18:39:21.0840 5032 vga - ok
18:39:21.0918 5032 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:39:21.0949 5032 VgaSave - ok
18:39:22.0058 5032 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
18:39:22.0074 5032 viaagp - ok
18:39:22.0152 5032 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
18:39:22.0183 5032 ViaC7 - ok
18:39:22.0245 5032 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
18:39:22.0261 5032 viaide - ok
18:39:22.0401 5032 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:39:22.0417 5032 volmgr - ok
18:39:22.0542 5032 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:39:22.0557 5032 volmgrx - ok
18:39:22.0635 5032 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:39:22.0635 5032 volsnap - ok
18:39:22.0776 5032 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
18:39:22.0776 5032 vsmraid - ok
18:39:22.0869 5032 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:39:22.0900 5032 WacomPen - ok
18:39:22.0978 5032 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:39:22.0994 5032 Wanarp - ok
18:39:23.0010 5032 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:39:23.0041 5032 Wanarpv6 - ok
18:39:23.0134 5032 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
18:39:23.0166 5032 Wd - ok
18:39:23.0306 5032 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:39:23.0322 5032 Wdf01000 - ok
18:39:23.0431 5032 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
18:39:23.0431 5032 WimFltr - ok
18:39:23.0556 5032 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:39:23.0587 5032 winachsf - ok
18:39:23.0680 5032 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
18:39:23.0712 5032 WmiAcpi - ok
18:39:23.0821 5032 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
18:39:23.0821 5032 WpdUsb - ok
18:39:23.0930 5032 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:39:23.0961 5032 ws2ifsl - ok
18:39:24.0180 5032 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:39:24.0195 5032 WUDFRd - ok
18:39:24.0289 5032 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
18:39:24.0304 5032 XAudio - ok
18:39:24.0414 5032 yukonwlh (7927e830ecde6db3682cc319bad26984) C:\Windows\system32\DRIVERS\yk60x86.sys
18:39:24.0429 5032 yukonwlh - ok
18:39:24.0585 5032 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:39:24.0632 5032 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:39:24.0632 5032 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:39:24.0648 5032 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
18:39:24.0788 5032 \Device\Harddisk2\DR2 - ok
18:39:24.0788 5032 Boot (0x1200) (3615683225c78d54b0482cf5c756d7e8) \Device\Harddisk0\DR0\Partition0
18:39:24.0788 5032 \Device\Harddisk0\DR0\Partition0 - ok
18:39:24.0804 5032 Boot (0x1200) (8a8466a3915d7c971aba7cdcd4f4eb1b) \Device\Harddisk2\DR2\Partition0
18:39:24.0804 5032 \Device\Harddisk2\DR2\Partition0 - ok
18:39:24.0804 5032 ============================================================
18:39:24.0804 5032 Scan finished
18:39:24.0804 5032 ============================================================
18:39:24.0804 5324 Detected object count: 2
18:39:24.0804 5324 Actual detected object count: 2
18:40:23.0959 5324 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:40:23.0959 5324 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:40:23.0974 5324 \Device\Harddisk0\DR0\TDLFS - deleted
18:40:23.0974 5324 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
18:41:32.0115 3984 ============================================================
18:41:32.0115 3984 Scan started
18:41:32.0115 3984 Mode: Manual; SigCheck; TDLFS;
18:41:32.0115 3984 ============================================================
18:41:32.0630 3984 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:41:32.0646 3984 ACPI - ok
18:41:32.0724 3984 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
18:41:32.0739 3984 adp94xx - ok
18:41:32.0802 3984 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
18:41:32.0817 3984 adpahci - ok
18:41:32.0864 3984 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
18:41:32.0880 3984 adpu160m - ok
18:41:33.0020 3984 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
18:41:33.0020 3984 adpu320 - ok
18:41:33.0114 3984 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:41:33.0129 3984 AFD - ok
18:41:33.0160 3984 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
18:41:33.0176 3984 agp440 - ok
18:41:33.0270 3984 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:41:33.0285 3984 aic78xx - ok
18:41:33.0488 3984 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
18:41:33.0488 3984 aliide - ok
18:41:33.0550 3984 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
18:41:33.0550 3984 amdagp - ok
18:41:33.0628 3984 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
18:41:33.0628 3984 amdide - ok
18:41:33.0691 3984 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
18:41:33.0722 3984 AmdK7 - ok
18:41:33.0800 3984 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
18:41:33.0831 3984 AmdK8 - ok
18:41:33.0940 3984 ApfiltrService (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:41:33.0940 3984 ApfiltrService - ok
18:41:34.0018 3984 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
18:41:34.0034 3984 arc - ok
18:41:34.0112 3984 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
18:41:34.0112 3984 arcsas - ok
18:41:34.0221 3984 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:41:34.0237 3984 AsyncMac - ok
18:41:34.0346 3984 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:41:34.0346 3984 atapi - ok
18:41:34.0424 3984 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
18:41:34.0424 3984 avgio - ok
18:41:34.0518 3984 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
18:41:34.0518 3984 avgntflt - ok
18:41:34.0596 3984 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
18:41:34.0596 3984 avipbb - ok
18:41:34.0705 3984 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:41:34.0736 3984 Beep - ok
18:41:34.0767 3984 blbdrive - ok
18:41:34.0861 3984 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:41:34.0861 3984 bowser - ok
18:41:34.0939 3984 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:41:34.0954 3984 BrFiltLo - ok
18:41:35.0017 3984 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:41:35.0032 3984 BrFiltUp - ok
18:41:35.0188 3984 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:41:35.0235 3984 Brserid - ok
18:41:35.0376 3984 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:41:35.0407 3984 BrSerWdm - ok
18:41:35.0469 3984 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:41:35.0500 3984 BrUsbMdm - ok
18:41:35.0563 3984 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:41:35.0610 3984 BrUsbSer - ok
18:41:35.0734 3984 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
18:41:35.0750 3984 BthEnum - ok
18:41:35.0844 3984 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:41:35.0890 3984 BTHMODEM - ok
18:41:35.0968 3984 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
18:41:35.0984 3984 BthPan - ok
18:41:36.0109 3984 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
18:41:36.0140 3984 BTHPORT - ok
18:41:36.0327 3984 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
18:41:36.0343 3984 BTHUSB - ok
18:41:36.0405 3984 btwaudio (6ca69fa57cf251e890105923ad215b99) C:\Windows\system32\drivers\btwaudio.sys
18:41:36.0405 3984 btwaudio - ok
18:41:36.0452 3984 btwavdt (12b4a9afa82bfe5a7d8819bf7ae20601) C:\Windows\system32\drivers\btwavdt.sys
18:41:36.0452 3984 btwavdt - ok
18:41:36.0483 3984 btwl2cap (d02f4d18aa4a38f781beefeb1892e144) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:41:36.0499 3984 btwl2cap - ok
18:41:36.0608 3984 btwrchid (d5e554f6c1a3baeb79daf9e1684f8102) C:\Windows\system32\DRIVERS\btwrchid.sys
18:41:36.0608 3984 btwrchid - ok
18:41:36.0686 3984 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:41:36.0702 3984 cdfs - ok
18:41:36.0764 3984 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:41:36.0780 3984 cdrom - ok
18:41:36.0842 3984 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
18:41:36.0889 3984 circlass - ok
18:41:36.0998 3984 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:41:37.0014 3984 CLFS - ok
18:41:37.0107 3984 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:41:37.0138 3984 CmBatt - ok
18:41:37.0185 3984 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
18:41:37.0185 3984 cmdide - ok
18:41:37.0248 3984 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:41:37.0248 3984 Compbatt - ok
18:41:37.0310 3984 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
18:41:37.0310 3984 crcdisk - ok
18:41:37.0372 3984 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
18:41:37.0419 3984 Crusoe - ok
18:41:37.0544 3984 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:41:37.0560 3984 DfsC - ok
18:41:37.0638 3984 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:41:37.0653 3984 disk - ok
18:41:37.0794 3984 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
18:41:37.0794 3984 DMICall - ok
18:41:38.0137 3984 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:41:38.0168 3984 drmkaud - ok
18:41:38.0230 3984 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:41:38.0262 3984 DXGKrnl - ok
18:41:38.0386 3984 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:41:38.0418 3984 E1G60 - ok
18:41:38.0511 3984 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:41:38.0527 3984 Ecache - ok
18:41:38.0605 3984 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
18:41:38.0605 3984 elxstor - ok
18:41:38.0698 3984 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:41:38.0714 3984 exfat - ok
18:41:38.0839 3984 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:41:38.0854 3984 fastfat - ok
18:41:38.0948 3984 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
18:41:38.0979 3984 fdc - ok
18:41:39.0088 3984 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:41:39.0088 3984 FileInfo - ok
18:41:39.0166 3984 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:41:39.0182 3984 Filetrace - ok
18:41:39.0322 3984 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
18:41:39.0354 3984 flpydisk - ok
18:41:39.0463 3984 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:41:39.0478 3984 FltMgr - ok
18:41:39.0525 3984 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:41:39.0541 3984 Fs_Rec - ok
18:41:39.0603 3984 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
18:41:39.0619 3984 gagp30kx - ok
18:41:39.0712 3984 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:41:39.0712 3984 GEARAspiWDM - ok
18:41:39.0806 3984 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
18:41:39.0806 3984 ggflt - ok
18:41:39.0868 3984 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
18:41:39.0884 3984 ggsemc - ok
18:41:39.0978 3984 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:41:40.0024 3984 HdAudAddService - ok
18:41:40.0180 3984 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:41:40.0212 3984 HDAudBus - ok
18:41:40.0305 3984 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:41:40.0352 3984 HidBth - ok
18:41:40.0414 3984 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:41:40.0446 3984 HidIr - ok
18:41:40.0524 3984 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:41:40.0539 3984 HidUsb - ok
18:41:40.0726 3984 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
18:41:40.0742 3984 HpCISSs - ok
18:41:40.0836 3984 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:41:40.0867 3984 HSFHWAZL - ok
18:41:40.0945 3984 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
18:41:40.0960 3984 HSF_DPV - ok
18:41:41.0101 3984 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
18:41:41.0101 3984 HSXHWAZL - ok
18:41:41.0179 3984 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:41:41.0194 3984 HTTP - ok
18:41:41.0288 3984 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
18:41:41.0304 3984 i2omp - ok
18:41:41.0397 3984 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:41:41.0413 3984 i8042prt - ok
18:41:41.0694 3984 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys
18:41:41.0709 3984 iaStor - ok
18:41:41.0787 3984 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
18:41:41.0803 3984 iaStorV - ok
18:41:41.0850 3984 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:41:41.0865 3984 iirsp - ok
18:41:41.0928 3984 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:41:41.0943 3984 intelide - ok
18:41:42.0021 3984 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:41:42.0052 3984 intelppm - ok
18:41:42.0115 3984 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:41:42.0146 3984 IpFilterDriver - ok
18:41:42.0193 3984 IpInIp - ok
18:41:42.0255 3984 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
18:41:42.0286 3984 IPMIDRV - ok
18:41:42.0380 3984 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:41:42.0411 3984 IPNAT - ok
18:41:42.0567 3984 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:41:42.0583 3984 IRENUM - ok
18:41:42.0645 3984 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
18:41:42.0645 3984 isapnp - ok
18:41:42.0739 3984 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:41:42.0754 3984 iScsiPrt - ok
18:41:42.0832 3984 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:41:42.0832 3984 iteatapi - ok
18:41:42.0942 3984 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:41:42.0942 3984 iteraid - ok
18:41:43.0035 3984 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:41:43.0051 3984 kbdclass - ok
18:41:43.0129 3984 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:41:43.0144 3984 kbdhid - ok
18:41:43.0269 3984 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
18:41:43.0300 3984 KSecDD - ok
18:41:43.0472 3984 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:41:43.0488 3984 lltdio - ok
18:41:43.0566 3984 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
18:41:43.0581 3984 LSI_FC - ok
18:41:43.0675 3984 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
18:41:43.0675 3984 LSI_SAS - ok
18:41:43.0737 3984 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
18:41:43.0753 3984 LSI_SCSI - ok
18:41:43.0831 3984 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:41:43.0862 3984 luafv - ok
18:41:43.0956 3984 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:41:43.0971 3984 mdmxsdk - ok
18:41:44.0049 3984 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
18:41:44.0065 3984 megasas - ok
18:41:44.0143 3984 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:41:44.0158 3984 Modem - ok
18:41:44.0236 3984 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:41:44.0252 3984 monitor - ok
18:41:44.0424 3984 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:41:44.0439 3984 mouclass - ok
18:41:44.0470 3984 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:41:44.0502 3984 mouhid - ok
18:41:44.0564 3984 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:41:44.0580 3984 MountMgr - ok
18:41:44.0642 3984 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
18:41:44.0642 3984 mpio - ok
18:41:44.0782 3984 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:41:44.0798 3984 mpsdrv - ok
18:41:44.0845 3984 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:41:44.0860 3984 Mraid35x - ok
18:41:44.0938 3984 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:41:44.0938 3984 MRxDAV - ok
18:41:45.0001 3984 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:41:45.0016 3984 mrxsmb - ok
18:41:45.0157 3984 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:41:45.0172 3984 mrxsmb10 - ok
18:41:45.0204 3984 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:41:45.0219 3984 mrxsmb20 - ok
18:41:45.0282 3984 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
18:41:45.0297 3984 msahci - ok
18:41:45.0360 3984 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
18:41:45.0360 3984 msdsm - ok
18:41:45.0500 3984 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:41:45.0516 3984 Msfs - ok
18:41:45.0562 3984 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:41:45.0578 3984 msisadrv - ok
18:41:45.0656 3984 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:41:45.0687 3984 MSKSSRV - ok
18:41:45.0750 3984 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:41:45.0781 3984 MSPCLOCK - ok
18:41:45.0984 3984 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:41:45.0999 3984 MSPQM - ok
18:41:46.0108 3984 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:41:46.0124 3984 MsRPC - ok
18:41:46.0202 3984 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:41:46.0202 3984 mssmbios - ok
18:41:46.0327 3984 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:41:46.0358 3984 MSTEE - ok
18:41:46.0436 3984 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:41:46.0452 3984 Mup - ok
18:41:46.0530 3984 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:41:46.0545 3984 NativeWifiP - ok
18:41:46.0686 3984 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:41:46.0717 3984 NDIS - ok
18:41:46.0935 3984 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:41:46.0951 3984 NdisTapi - ok
18:41:47.0029 3984 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:41:47.0044 3984 Ndisuio - ok
18:41:47.0107 3984 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:41:47.0122 3984 NdisWan - ok
18:41:47.0247 3984 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:41:47.0263 3984 NDProxy - ok
18:41:47.0325 3984 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:41:47.0341 3984 NetBIOS - ok
18:41:47.0403 3984 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:41:47.0419 3984 netbt - ok
18:41:47.0606 3984 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
18:41:47.0715 3984 NETw4v32 - ok
18:41:47.0887 3984 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:41:47.0902 3984 nfrd960 - ok
18:41:47.0965 3984 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:41:47.0980 3984 Npfs - ok
18:41:48.0058 3984 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:41:48.0090 3984 nsiproxy - ok
18:41:48.0168 3984 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:41:48.0230 3984 Ntfs - ok
18:41:48.0339 3984 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:41:48.0386 3984 ntrigdigi - ok
18:41:48.0495 3984 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:41:48.0511 3984 Null - ok
18:41:48.0823 3984 nvlddmkm (39d8f5a92427c57309355199592ead9f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:41:49.0088 3984 nvlddmkm - ok
18:41:49.0150 3984 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
18:41:49.0166 3984 nvraid - ok
18:41:49.0291 3984 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
18:41:49.0306 3984 nvstor - ok
18:41:49.0353 3984 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
18:41:49.0353 3984 nv_agp - ok
18:41:49.0384 3984 NwlnkFlt - ok
18:41:49.0431 3984 NwlnkFwd - ok
18:41:49.0556 3984 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
18:41:49.0572 3984 ohci1394 - ok
18:41:49.0696 3984 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:41:49.0743 3984 Parport - ok
18:41:49.0821 3984 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:41:49.0837 3984 partmgr - ok
18:41:49.0884 3984 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:41:49.0930 3984 Parvdm - ok
18:41:50.0008 3984 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:41:50.0024 3984 pci - ok
18:41:50.0071 3984 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
18:41:50.0086 3984 pciide - ok
18:41:50.0242 3984 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
18:41:50.0258 3984 pcmcia - ok
18:41:50.0320 3984 PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\Windows\system32\Drivers\PdiPorts.sys
18:41:50.0336 3984 PdiPorts - ok
18:41:50.0476 3984 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:41:50.0523 3984 PEAUTH - ok
18:41:50.0710 3984 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:41:50.0742 3984 PptpMiniport - ok
18:41:50.0788 3984 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
18:41:50.0835 3984 Processor - ok
18:41:50.0913 3984 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:41:50.0929 3984 PSched - ok
18:41:50.0991 3984 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
18:41:50.0991 3984 PxHelp20 - ok
18:41:51.0132 3984 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
18:41:51.0163 3984 ql2300 - ok
18:41:51.0241 3984 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:41:51.0256 3984 ql40xx - ok
18:41:51.0334 3984 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:41:51.0350 3984 QWAVEdrv - ok
18:41:51.0412 3984 R5U870FLx86 (9ac8ac6cd00100443ea6afd0a4ade8f7) C:\Windows\system32\Drivers\R5U870FLx86.sys
18:41:51.0412 3984 R5U870FLx86 - ok
18:41:51.0522 3984 R5U870FUx86 (1ae358affffd13bf6ec7dc72dccfac12) C:\Windows\system32\Drivers\R5U870FUx86.sys
18:41:51.0522 3984 R5U870FUx86 - ok
18:41:51.0600 3984 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:41:51.0631 3984 RasAcd - ok
18:41:51.0693 3984 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:41:51.0724 3984 Rasl2tp - ok
18:41:51.0787 3984 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:41:51.0802 3984 RasPppoe - ok
18:41:51.0943 3984 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:41:51.0958 3984 RasSstp - ok
18:41:52.0068 3984 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:41:52.0099 3984 rdbss - ok
18:41:52.0208 3984 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:41:52.0239 3984 RDPCDD - ok
18:41:52.0411 3984 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
18:41:52.0458 3984 rdpdr - ok
18:41:52.0520 3984 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:41:52.0536 3984 RDPENCDD - ok
18:41:52.0598 3984 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:41:52.0614 3984 RDPWD - ok
18:41:52.0676 3984 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
18:41:52.0692 3984 regi - ok
18:41:52.0832 3984 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
18:41:52.0848 3984 RFCOMM - ok
18:41:52.0926 3984 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:41:52.0941 3984 rspndr - ok
18:41:53.0004 3984 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:41:53.0019 3984 sbp2port - ok
18:41:53.0082 3984 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:41:53.0128 3984 secdrv - ok
18:41:53.0269 3984 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:41:53.0300 3984 Serenum - ok
18:41:53.0362 3984 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:41:53.0409 3984 Serial - ok
18:41:53.0472 3984 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:41:53.0503 3984 sermouse - ok
18:41:53.0581 3984 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
18:41:53.0612 3984 sffdisk - ok
18:41:53.0674 3984 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
18:41:53.0706 3984 sffp_mmc - ok
18:41:53.0815 3984 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
18:41:53.0862 3984 sffp_sd - ok
18:41:53.0908 3984 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
18:41:53.0955 3984 sfloppy - ok
18:41:54.0018 3984 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
18:41:54.0018 3984 sisagp - ok
18:41:54.0111 3984 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
18:41:54.0127 3984 SiSRaid2 - ok
18:41:54.0205 3984 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
18:41:54.0220 3984 SiSRaid4 - ok
18:41:54.0330 3984 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:41:54.0345 3984 Smb - ok
18:41:54.0408 3984 SNC (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys
18:41:54.0408 3984 SNC - ok
18:41:54.0501 3984 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:41:54.0517 3984 spldr - ok
18:41:54.0642 3984 sp_rsdrv2 (8831252bcf05fcfb5abd116a22e552d8) C:\Windows\system32\drivers\sp_rsdrv2.sys
18:41:54.0642 3984 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
18:41:54.0642 3984 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)
18:41:54.0782 3984 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:41:54.0798 3984 srv - ok
18:41:54.0985 3984 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:41:55.0000 3984 srv2 - ok
18:41:55.0047 3984 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:41:55.0063 3984 srvnet - ok
18:41:55.0125 3984 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:41:55.0125 3984 ssmdrv - ok
18:41:55.0188 3984 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
18:41:55.0203 3984 STHDA - ok
18:41:55.0328 3984 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:41:55.0344 3984 swenum - ok
18:41:55.0406 3984 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:41:55.0406 3984 Symc8xx - ok
18:41:55.0484 3984 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:41:55.0500 3984 Sym_hi - ok
18:41:55.0562 3984 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:41:55.0562 3984 Sym_u3 - ok
18:41:55.0671 3984 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
18:41:55.0718 3984 Tcpip - ok
18:41:55.0843 3984 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
18:41:55.0874 3984 Tcpip6 - ok
18:41:55.0952 3984 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:41:55.0968 3984 tcpipreg - ok
18:41:56.0108 3984 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:41:56.0124 3984 TDPIPE - ok
18:41:56.0202 3984 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:41:56.0233 3984 TDTCP - ok
18:41:56.0295 3984 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:41:56.0311 3984 tdx - ok
18:41:56.0404 3984 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:41:56.0420 3984 TermDD - ok
18:41:56.0560 3984 ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
18:41:56.0576 3984 ti21sony - ok
18:41:56.0935 3984 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:41:56.0950 3984 tssecsrv - ok
18:41:57.0060 3984 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:41:57.0060 3984 tunmp - ok
18:41:57.0122 3984 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
18:41:57.0138 3984 tunnel - ok
18:41:57.0200 3984 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
18:41:57.0216 3984 uagp35 - ok
18:41:57.0340 3984 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:41:57.0356 3984 udfs - ok
18:41:57.0434 3984 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
18:41:57.0434 3984 uliagpkx - ok
18:41:57.0512 3984 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
18:41:57.0528 3984 uliahci - ok
18:41:57.0590 3984 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:41:57.0590 3984 UlSata - ok
18:41:57.0699 3984 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:41:57.0715 3984 ulsata2 - ok
18:41:57.0793 3984 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:41:57.0808 3984 umbus - ok
18:41:57.0902 3984 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:41:57.0918 3984 usbccgp - ok
18:41:57.0980 3984 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:41:58.0027 3984 usbcir - ok
18:41:58.0136 3984 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:41:58.0152 3984 usbehci - ok
18:41:58.0214 3984 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:41:58.0245 3984 usbhub - ok
18:41:58.0370 3984 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:41:58.0401 3984 usbohci - ok
18:41:58.0573 3984 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:41:58.0604 3984 usbprint - ok
18:41:58.0666 3984 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
18:41:58.0682 3984 usbscan - ok
18:41:58.0776 3984 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:41:58.0791 3984 USBSTOR - ok
18:41:58.0900 3984 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:41:58.0932 3984 usbuhci - ok
18:41:59.0010 3984 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:41:59.0041 3984 usbvideo - ok
18:41:59.0197 3984 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
18:41:59.0259 3984 vga - ok
18:41:59.0368 3984 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:41:59.0400 3984 VgaSave - ok
18:41:59.0462 3984 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
18:41:59.0462 3984 viaagp - ok
18:41:59.0524 3984 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
18:41:59.0556 3984 ViaC7 - ok
18:41:59.0618 3984 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
18:41:59.0634 3984 viaide - ok
18:41:59.0712 3984 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:41:59.0727 3984 volmgr - ok
18:41:59.0836 3984 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:41:59.0852 3984 volmgrx - ok
18:41:59.0930 3984 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:41:59.0946 3984 volsnap - ok
18:42:00.0008 3984 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
18:42:00.0008 3984 vsmraid - ok
18:42:00.0133 3984 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:42:00.0180 3984 WacomPen - ok
18:42:00.0351 3984 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:42:00.0367 3984 Wanarp - ok
18:42:00.0367 3984 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:42:00.0398 3984 Wanarpv6 - ok
18:42:00.0460 3984 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
18:42:00.0476 3984 Wd - ok
18:42:00.0585 3984 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:42:00.0601 3984 Wdf01000 - ok
18:42:00.0757 3984 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
18:42:00.0757 3984 WimFltr - ok
18:42:00.0819 3984 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:42:00.0850 3984 winachsf - ok
18:42:00.0944 3984 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
18:42:00.0975 3984 WmiAcpi - ok
18:42:01.0162 3984 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
18:42:01.0178 3984 WpdUsb - ok
18:42:01.0272 3984 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:42:01.0287 3984 ws2ifsl - ok
18:42:01.0381 3984 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:42:01.0412 3984 WUDFRd - ok
18:42:01.0490 3984 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
18:42:01.0506 3984 XAudio - ok
18:42:01.0630 3984 yukonwlh (7927e830ecde6db3682cc319bad26984) C:\Windows\system32\DRIVERS\yk60x86.sys
18:42:01.0646 3984 yukonwlh - ok
18:42:01.0677 3984 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:42:01.0802 3984 \Device\Harddisk0\DR0 - ok
18:42:01.0818 3984 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
18:42:01.0958 3984 \Device\Harddisk2\DR2 - ok
18:42:01.0958 3984 Boot (0x1200) (3615683225c78d54b0482cf5c756d7e8) \Device\Harddisk0\DR0\Partition0
18:42:01.0958 3984 \Device\Harddisk0\DR0\Partition0 - ok
18:42:01.0974 3984 Boot (0x1200) (8a8466a3915d7c971aba7cdcd4f4eb1b) \Device\Harddisk2\DR2\Partition0
18:42:01.0974 3984 \Device\Harddisk2\DR2\Partition0 - ok
18:42:01.0974 3984 ============================================================
18:42:01.0974 3984 Scan finished
18:42:01.0974 3984 ============================================================
18:42:01.0974 5748 Detected object count: 1
18:42:01.0974 5748 Actual detected object count: 1
18:42:15.0873 5748 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:42:15.0873 5748 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
16.10.2011, 17:59
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Anscheinend mit Trojaner von Facebook infiziert Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
16.10.2011, 18:40
| #18 |
| | Anscheinend mit Trojaner von Facebook infiziert ComboFix ist durch, hier das Log:
__________________Code:
ATTFilter ComboFix 11-10-15.04 - Michael 16.10.2011 19:16:04.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2046.1111 [GMT 2:00]
ausgeführt von:: c:\users\Michael\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe
c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-09-16 bis 2011-10-16 ))))))))))))))))))))))))))))))
.
.
2011-10-16 16:02 . 2011-10-16 16:02 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CD312A81-F20E-467E-8821-83F429A4A379}\offreg.dll
2011-10-14 18:13 . 2011-09-12 23:14 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CD312A81-F20E-467E-8821-83F429A4A379}\mpengine.dll
2011-10-12 18:49 . 2011-10-12 18:49 -------- d-----w- C:\_OTL
2011-10-12 11:17 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 11:17 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 11:17 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-12 11:17 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-12 11:16 . 2011-09-06 13:30 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 11:16 . 2011-09-14 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-10-12 11:16 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-12 11:16 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 11:16 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 11:16 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-10 20:41 . 2011-10-10 20:41 -------- d-----w- C:\ebf847f73aca53fefe6baa74
2011-10-10 08:14 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-10-10 08:14 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-10-10 07:35 . 2011-10-10 07:35 -------- d-----w- c:\program files\Windows Portable Devices
2011-10-09 18:01 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-10-09 18:01 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-10-09 18:01 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-10-09 17:55 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-10-09 15:49 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2011-10-09 15:49 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-10-08 22:58 . 2011-10-08 22:58 -------- d-----w- c:\program files\ESET
2011-10-08 18:27 . 2011-10-08 18:27 -------- d-----w- c:\users\Michael\AppData\Roaming\Malwarebytes
2011-10-08 18:27 . 2011-10-08 18:27 -------- d-----w- c:\programdata\Malwarebytes
2011-10-08 18:27 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-08 18:27 . 2011-10-08 18:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-07 07:41 . 2011-10-07 07:41 -------- d-----w- c:\windows\Sun
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-16 09:31 . 2011-06-12 08:45 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-09 11:04 . 2011-08-09 11:04 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-08-09 11:04 . 2011-08-09 11:04 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-08-09 11:04 . 2011-08-09 11:04 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-03-31 08:09 . 2010-03-31 08:09 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2010-04-08 10:36 . 2010-04-08 10:36 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2011-10-03 21:34 . 2011-05-09 07:31 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-31 11:39 . 2008-09-25 18:12 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2006-05-03 10:06 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\System32\msfDX.dll
2007-12-17 13:43 27648 --sh--w- c:\windows\System32\Smab0.dll
.
Viele Grüße, Telemann |
|
16.10.2011, 19:26
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Anscheinend mit Trojaner von Facebook infiziert Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.10.2011, 19:10
| #20 |
| | Anscheinend mit Trojaner von Facebook infiziert Hi, Gmer ist wieder abgestürzt, auch im abgesicherten Modus. Daher hier nur die Log-Datei von OSAM: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 19:30:30 on 17.10.2011 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 7.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Adobe Gamma" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "catchme" (catchme) - ? - C:\Users\Michael\AppData\Local\Temp\catchme.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "Portrait Displays low level device driver" (PdiPorts) - "Portrait Displays, Inc." - C:\Windows\System32\Drivers\PdiPorts.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "regi" (regi) - "InterVideo" - C:\Windows\System32\drivers\regi.sys "Sony DMI Call service" (DMICall) - "Sony Corporation" - C:\Windows\System32\DRIVERS\DMICall.sys "Spyware Terminator Driver 2" (sp_rsdrv2) - ? - C:\Windows\system32\drivers\sp_rsdrv2.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {A155339D-CCCD-4714-85EB-3754B804C9DF} "a-squared Free Shell Extension" - "Emsi Software GmbH" - C:\Program Files\a-squared Free\a2freecontmenu.dll {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll {654D0431-C930-43C4-B8DA-9AA01BA5B486} "PDI GUI Engine COM Obj" - "Portrait Displays, Inc" - C:\Program Files\Common Files\Portrait Displays\Shared\HtmlEngine.dll {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {ED58A35B-B554-42AF-A26C-6F3D424200D3} "SPMPanel" - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMPanel.dll {BD88A479-9623-4897-8546-BC62B9628F44} "SPTHandler" - "Crawler.com" - C:\Program Files\Spyware Terminator\sptcontmenu.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} "Java Plug-in 1.6.0_01" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.6.0_03" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.6.0_05" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll {CA6319C0-31B7-401E-A518-A07C3DB8F777} "CBrowserHelperObject Object" - "Your Company Name" - C:\PROGRA~1\GOOGLE~1\BAE.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Adobe Acrobat - Schnellstart.lnk" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "EPSON SMART PANEL for Scanner.lnk" - "NewSoft" - C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\espmain.exe (Shortcut exists | File exists) "BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "SpywareTerminatorUpdate" - ? - "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (File not found) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Acrobat Assistant 8.0" - "Adobe Systems Inc." - "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "DT HPW" - "Portrait Displays, Inc" - C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder "LexwareInfoService" - "Lexware GmbH & Co. KG" - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart "Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "SpywareTerminator" - ? - "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" (File not found) [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Dell Enhanced TCP/IP Port" - " " - C:\Windows\system32\dkablmpm.dll "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Adobe Active File Monitor V5" (AdobeActiveFileMonitor5.0) - ? - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe (File found, but it contains no detailed information) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "dkab_device" (dkab_device) - " " - C:\Windows\system32\DKabcoms.exe "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "MSCSPTISRV" (MSCSPTISRV) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PACSPTISVR" (PACSPTISVR) - ? - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe "Portrait Displays Display Tune Service" (DTSRVC) - ? - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe (File found, but it contains no detailed information) "Sony Ericsson PCCompanion" (Sony Ericsson PCCompanion) - "Avanquest Software" - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe "Sony SPTI Service" (SPTISRV) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe "Spyware Terminator Realtime Shield Service" (sp_rssrv) - "Crawler.com" - C:\Program Files\Spyware Terminator\sp_rsser.exe "Symantec Lic NetConnect service" (CLTNetCnService) - ? - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (File not found) "VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe "VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe "VAIO Entertainment Database Service" (VzCdbSvc) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe "VAIO Entertainment File Import Service" (VzFw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe "VAIO Entertainment TV Device Arbitration Service" (VAIO Entertainment TV Device Arbitration Service) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe "VAIO Entertainment UPnP Client Adapter" (Vcsw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe "VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe "VAIO Media Content Collection" (VAIOMediaPlatform-UCLS-AppServer) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe "VAIO Media Content Collection (HTTP)" (VAIOMediaPlatform-UCLS-HTTP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe "VAIO Media Content Collection (UPnP)" (VAIOMediaPlatform-UCLS-UPnP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe "VAIO Media Gateway Server" (VAIOMediaPlatform-Mobile-Gateway) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe "VAIO Media Integrated Server" (VAIOMediaPlatform-IntegratedServer-AppServer) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe "VAIO Media Integrated Server (HTTP)" (VAIOMediaPlatform-IntegratedServer-HTTP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe "VAIO Media Integrated Server (UPnP)" (VAIOMediaPlatform-IntegratedServer-UPnP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [Winlogon] -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "VESWinlogon" - "Sony Corporation" - C:\Windows\system32\VESWinlogon.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-17 19:35:42
-----------------------------
19:35:42.491 OS Version: Windows 6.0.6002 Service Pack 2
19:35:42.491 Number of processors: 2 586 0xF0D
19:35:42.491 ComputerName: MICHAEL-PC UserName: Michael
19:35:43.771 Initialize success
19:37:05.319 AVAST engine defs: 11101700
19:37:37.361 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:37:37.361 Disk 0 Vendor: FUJITSU_ 0000 Size: 190782MB BusType: 3
19:37:37.361 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000060
19:37:37.377 Disk 1 Vendor: ( Size: 190782MB BusType: 0
19:37:37.377 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000061
19:37:37.377 Disk 2 Vendor: ( Size: 3787MB BusType: 0
19:37:37.392 Disk 0 MBR read successfully
19:37:37.392 Disk 0 MBR scan
19:37:37.408 Disk 0 Windows VISTA default MBR code
19:37:37.408 Disk 0 scanning sectors +390719920
19:37:37.502 Disk 0 scanning C:\Windows\system32\drivers
19:37:49.233 Service scanning
19:37:50.730 Modules scanning
19:37:59.295 Disk 0 trace - called modules:
19:37:59.310 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
19:37:59.310 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x859218f0]
19:37:59.326 3 CLASSPNP.SYS[885ab8b3] -> nt!IofCallDriver -> [0x844851d8]
19:37:59.326 5 acpi.sys[8069c6bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84e16030]
19:38:00.543 AVAST engine scan C:\Windows
19:38:05.784 AVAST engine scan C:\Windows\system32
19:40:34.486 AVAST engine scan C:\Windows\system32\drivers
19:40:48.713 AVAST engine scan C:\Users\Michael
19:48:21.581 AVAST engine scan C:\ProgramData
19:55:36.930 Scan finished successfully
20:02:33.869 Disk 0 MBR has been saved successfully to "C:\Users\Michael\Desktop\MBR.dat"
20:02:33.869 The log file has been saved successfully to "C:\Users\Michael\Desktop\aswMBR.txt"
Telemann |
|
18.10.2011, 18:21
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Anscheinend mit Trojaner von Facebook infiziert Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ --> Anscheinend mit Trojaner von Facebook infiziert |
|
19.10.2011, 22:05
| #22 |
| | Anscheinend mit Trojaner von Facebook infiziert Hi, also zuerst das Log von Malwarebytes: Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 7974
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
18.10.2011 23:18:45
mbam-log-2011-10-18 (23-18-45).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 372985
Laufzeit: 1 Stunde(n), 23 Minute(n), 47 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/19/2011 at 12:18 PM
Application Version : 5.0.1134
Core Rules Database Version : 7815
Trace Rules Database Version: 5627
Scan type : Complete Scan
Total Scan Time : 02:09:08
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Administrator
Memory items scanned : 730
Memory threats detected : 0
Registry items scanned : 38636
Registry threats detected : 0
File items scanned : 193127
File threats detected : 230
Adware.Tracking Cookie
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@AD.ZANOX[2].TXT [ /AD.ZANOX ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@2O7[1].TXT [ /2O7 ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@WWW.ZANOX-AFFILIATE[2].TXT [ /WWW.ZANOX-AFFILIATE ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@PERF.OVERTURE[1].TXT [ /PERF.OVERTURE ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@TRACKING.QUISMA[1].TXT [ /TRACKING.QUISMA ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@KOMTRACK[2].TXT [ /KOMTRACK ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@TRIBALFUSION[2].TXT [ /TRIBALFUSION ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\MICHAEL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\MICHAEL@ZANOX[1].TXT [ /ZANOX ]
.vodafonegroup.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
adserver.konradin.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.wlw.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.parship.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.perf.overture.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.rewetouristik.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.comvelgmbh.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.clickandbuy.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.clickandbuy.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.revenue.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stattrack.0catch.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.cdn.complexmedianetwork.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.stats.complex.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adcentriconline.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stats.grolltroll.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.trackmatics.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.twittercounter.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
track.yellostrom.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.siemens.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.bshg.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
www.elitepartner.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
gotacha.rotator.hadj7.adjuggler.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
gotacha.rotator.hadj7.adjuggler.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
bmmg.panda-media.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.biz [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.meet-teens.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.meet-teens.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.meet-teens.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.meet-teens.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
www.meet-teens.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.sevenoneintermedia.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.audiag.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.viewablemedia.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.snapfish.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.hotlog.ru [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
nbi6.ads2.odn.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
nbi6.ads2.odn.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.teenproblem.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.teenproblem.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
www.mediamarkt.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.mediamarkt-fotoservice.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.mediamarkt-fotoservice.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.123handydiscount.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.123handydiscount.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.cnetaustralia.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.thomascookag.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.ehg-artnetworldwide.hitbox.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stat.aldi.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wblywodzmgp.stats.esomniture.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfl4omcjseq.stats.esomniture.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.prepaid-discounter.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.prepaid-discounter.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.openstat.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.spylog.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
s4.trafficmaxx.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.loyaltypartner.122.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.sexytimeusa.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.sexytimeusa.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stats.linx.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
www.der-schaumstoffdiscounter.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
www.der-schaumstoffdiscounter.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
www.blogcounter.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
logging.ourstats.de [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.clickandbuy.com [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHAEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FHYBKLFO.DEFAULT\COOKIES.SQLITE ]
h2porn.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6QKZHE3 ]
media.mtvu.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6QKZHE3 ]
pk.webcamsex.nl [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6QKZHE3 ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\G6QKZHE3 ]
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=7f6ac70eaba0fc40abd879fe3d5b1d2f
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-08 11:39:53
# local_time=2011-10-09 01:39:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 14556 93011496 0 0
# compatibility_mode=5892 16776573 100 100 14542 155647660 0 0
# compatibility_mode=7937 16777213 100 75 15503 27478776 0 0
# compatibility_mode=8192 67108863 100 0 198 198 0 0
# scanned=44942
# found=0
# cleaned=0
# scan_time=2261
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=7f6ac70eaba0fc40abd879fe3d5b1d2f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-09 11:37:13
# local_time=2011-10-09 01:37:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 52220 93049160 50136 0
# compatibility_mode=5892 16776573 100 100 1620 155685324 0 0
# compatibility_mode=7937 16777213 100 100 247 27516440 0 0
# compatibility_mode=8192 67108863 100 0 37862 37862 0 0
# scanned=216330
# found=12
# cleaned=0
# scan_time=7636
C:\Users\Michael\AppData\Local\Temp\00313.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\1022145.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\1827324.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\41936.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\57823.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\7419518.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\75087.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\83508.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\94545.exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\M-1-52-5782-8752-5245\winsvc .exe probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\IMG04506864689.JPG.scr probably a variant of Win32/AutoRun.Injector.AE worm (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\704dc34-2c70dc1c a variant of Java/TrojanDownloader.OpenStream.NCM trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=7f6ac70eaba0fc40abd879fe3d5b1d2f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-11 10:09:59
# local_time=2011-10-12 12:09:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 262788 93259728 79873 0
# compatibility_mode=5892 16776573 100 100 45219 155895892 0 0
# compatibility_mode=7937 16777213 100 100 210815 27727008 0 0
# compatibility_mode=8192 67108863 100 0 248430 248430 0 0
# scanned=222310
# found=20
# cleaned=0
# scan_time=7835
C:\Users\Michael\AppData\Local\Temp\00313.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\1022145.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\1827324.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\41936.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\57823.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\7419518.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\75087.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\83508.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\Local\Temp\94545.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\7709867e-7413ff1e a variant of Java/TrojanDownloader.OpenStream.NCM trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Michael\M-1-52-5782-8752-5245\winsvc .exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\IMG04506864689.JPG.scr a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JWQF0E6V\soft_be_tc[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VON5QKS5\ni[1].htm HTML/Iframe.B.Gen virus (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\5371c350-5fa0ae37 Java/Agent.DU trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\321af3d6-339ec4f1 Java/Agent.DU trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\704dc34-2c70dc1c a variant of Java/TrojanDownloader.OpenStream.NCM trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\630bdaf9-25073e04 Java/Agent.DU trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\Temp\AcrBE4.tmp JS/Exploit.Pdfka.PEN trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\Temp\jar_cache6805097543519546117.tmp Java/Agent.DU trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=7f6ac70eaba0fc40abd879fe3d5b1d2f
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-19 10:31:37
# local_time=2011-10-19 12:31:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 239292 93916824 231870 0
# compatibility_mode=5892 16776573 100 100 9535 156552988 0 0
# compatibility_mode=7937 16777213 100 75 234363 28384104 0 0
# compatibility_mode=8192 67108863 100 0 905526 905526 0 0
# scanned=716
# found=0
# cleaned=0
# scan_time=36
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=7f6ac70eaba0fc40abd879fe3d5b1d2f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-19 08:33:16
# local_time=2011-10-19 10:33:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 268356 93945888 260934 0
# compatibility_mode=5892 16776573 100 100 463 156582052 0 0
# compatibility_mode=7937 16777213 100 75 263427 28413168 0 0
# compatibility_mode=8192 67108863 100 0 934590 934590 0 0
# scanned=195986
# found=13
# cleaned=0
# scan_time=7072
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\5371c350-5fa0ae37 Java/Agent.DU trojan (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\00313.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\1022145.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\1827324.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\41936.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\57823.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\7419518.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\75087.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\83508.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\AppData\Local\Temp\94545.exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Users\Michael\M-1-52-5782-8752-5245\winsvc .exe a variant of Win32/AutoRun.Injector.AF worm (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F2RQBDGA\28b82[1].pdf JS/Exploit.Pdfka.PES trojan (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10122011_204919\C_Windows\temp\AcrCF7F.tmp JS/Exploit.Pdfka.PES trojan (unable to clean) 00000000000000000000000000000000 I
Viele Grüße, Telemann |
|
20.10.2011, 12:52
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Anscheinend mit Trojaner von Facebook infiziert Nur Cookies und (isolierte) Überreste. Können soweit weg. Rechner soweit wieder ok oder noch andere Probleme und/oder Funde?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.10.2011, 21:25
| #24 |
| | Anscheinend mit Trojaner von Facebook infiziert Hi, ja, der Rechner scheint wieder das zu tun, was er soll. Ganz herzlichen Dank für deine kompetente Hilfe! Nur immer wenn der Lüfter seine Drehzahl erhöht, was irgendwie öfter als früher zu sein scheint (kann mich auch irren), krieg ich nen Schreck und denke, jetzt verschickt vielleicht grad ein Schadprogramm tausende von Spam-Mails, oder was auch immer die so tun... Stimmt wahrscheinlich nicht, aber ich bin jetzt empfindlicher geworden. Zwei Fragen fallen mir ein: 1. Seit einigen Tagen bekomme ich immer die Meldung "Einige Autostartprogramme wurden geblockt". Das scheint Malwarebytes zu sein, das da geblockt wird. Was bedeutet das? 2. Wie bekomme ich jetzt das Objekt weg, das beim letzten ESET-Scan (Zitat siehe unten) noch entdeckt wurde? Code:
ATTFilter C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\5371c350-5fa0ae37 Java/Agent.DU trojan (unable to clean)
Telemann |
|
21.10.2011, 13:07
| #25 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Anscheinend mit Trojaner von Facebook infiziertZitat:
Zitat:
Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink: Mozilla und andere Browser => http://filepony.de/?q=Flash+Player Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2011, 20:19
| #26 |
| | Anscheinend mit Trojaner von Facebook infiziert Hi, habe 1. im Autostart sauber gemacht und 2. das verdächtige Verzeichnis gelöscht, wie empfohlen. Habe außerdem JavaRa angewendet. Ich werde jetzt ca. zwei Wochen nicht dazu kommen, andere Ratschläge in die Tat umzusetzen, danach melde ich mich wieder. Das mit dem Ubuntu interessiert mich evtl. Nochmal vielen, vielen Dank fürs Helfen! |
|
| Themen zu Anscheinend mit Trojaner von Facebook infiziert |
| adobe, avira, backdoor.ircbot, blockiert, bluescreen, dateien, desktop, explorer, forum, google, infiziert, infizierte, infizierte dateien, kein bild, link, log-file, logfiles, löschen, malwarebytes, microsoft, programme, rogue.privacycenter, setup, software, spyware, system, temp, trojan.agent, trojaner |
Linear-Darstellung
