| |
| |||||||
Log-Analyse und Auswertung: Spam-Versand über meinen Yahoo-AccountWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.04.2012, 09:34
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Spam-Versand über meinen Yahoo-Account Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.04.2012, 17:28
| #17 |
 | Spam-Versand über meinen Yahoo-Account Hier das Posting:
__________________18:20:23.0124 1028 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47 18:20:23.0330 1028 ============================================================ 18:20:23.0330 1028 Current date / time: 2012/04/23 18:20:23.0330 18:20:23.0330 1028 SystemInfo: 18:20:23.0330 1028 18:20:23.0330 1028 OS Version: 6.1.7601 ServicePack: 1.0 18:20:23.0330 1028 Product type: Workstation 18:20:23.0331 1028 ComputerName: MATTHIAS-PC 18:20:23.0331 1028 UserName: Matthias 18:20:23.0331 1028 Windows directory: C:\Windows 18:20:23.0331 1028 System windows directory: C:\Windows 18:20:23.0331 1028 Processor architecture: Intel x86 18:20:23.0331 1028 Number of processors: 2 18:20:23.0331 1028 Page size: 0x1000 18:20:23.0331 1028 Boot type: Normal boot 18:20:23.0331 1028 ============================================================ 18:20:23.0953 1028 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:20:23.0964 1028 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 18:20:32.0117 1028 \Device\Harddisk0\DR0: 18:20:32.0132 1028 MBR partitions: 18:20:32.0132 1028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1000800, BlocksNum 0x8FDED03 18:20:32.0132 1028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9FDF503, BlocksNum 0x123C62A1 18:20:32.0146 1028 \Device\Harddisk1\DR1: 18:20:32.0146 1028 MBR partitions: 18:20:32.0146 1028 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706D70 18:20:32.0181 1028 C: <-> \Device\Harddisk0\DR0\Partition0 18:20:32.0211 1028 E: <-> \Device\Harddisk0\DR0\Partition1 18:20:32.0233 1028 L: <-> \Device\Harddisk1\DR1\Partition0 18:20:32.0233 1028 Initialize success 18:20:32.0233 1028 ============================================================ 18:21:22.0397 4656 ============================================================ 18:21:22.0397 4656 Scan started 18:21:22.0397 4656 Mode: Manual; SigCheck; TDLFS; 18:21:22.0397 4656 ============================================================ 18:21:23.0255 4656 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 18:21:23.0367 4656 1394ohci - ok 18:21:23.0461 4656 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys 18:21:23.0500 4656 acedrv11 - ok 18:21:23.0562 4656 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 18:21:23.0585 4656 ACPI - ok 18:21:23.0649 4656 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 18:21:23.0704 4656 AcpiPmi - ok 18:21:23.0813 4656 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe 18:21:23.0832 4656 Adobe Version Cue CS3 - ok 18:21:23.0941 4656 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:21:23.0958 4656 AdobeFlashPlayerUpdateSvc - ok 18:21:24.0041 4656 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 18:21:24.0073 4656 adp94xx - ok 18:21:24.0115 4656 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 18:21:24.0139 4656 adpahci - ok 18:21:24.0167 4656 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 18:21:24.0188 4656 adpu320 - ok 18:21:24.0241 4656 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 18:21:24.0366 4656 AeLookupSvc - ok 18:21:24.0468 4656 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 18:21:24.0516 4656 AFD - ok 18:21:24.0560 4656 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 18:21:24.0578 4656 agp440 - ok 18:21:24.0623 4656 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 18:21:24.0642 4656 aic78xx - ok 18:21:24.0683 4656 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 18:21:24.0734 4656 ALG - ok 18:21:24.0788 4656 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 18:21:24.0804 4656 aliide - ok 18:21:24.0854 4656 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 18:21:24.0873 4656 amdagp - ok 18:21:24.0906 4656 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 18:21:24.0922 4656 amdide - ok 18:21:24.0973 4656 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 18:21:25.0003 4656 AmdK8 - ok 18:21:25.0036 4656 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 18:21:25.0076 4656 AmdPPM - ok 18:21:25.0124 4656 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 18:21:25.0143 4656 amdsata - ok 18:21:25.0209 4656 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 18:21:25.0246 4656 amdsbs - ok 18:21:25.0358 4656 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 18:21:25.0375 4656 amdxata - ok 18:21:25.0461 4656 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe 18:21:25.0478 4656 AntiVirSchedulerService - ok 18:21:25.0520 4656 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe 18:21:25.0535 4656 AntiVirService - ok 18:21:25.0619 4656 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe 18:21:25.0633 4656 AOL ACS - ok 18:21:25.0739 4656 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 18:21:25.0790 4656 AppID - ok 18:21:25.0837 4656 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 18:21:25.0889 4656 AppIDSvc - ok 18:21:25.0950 4656 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 18:21:25.0996 4656 Appinfo - ok 18:21:26.0091 4656 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:21:26.0105 4656 Apple Mobile Device - ok 18:21:26.0197 4656 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 18:21:26.0216 4656 arc - ok 18:21:26.0248 4656 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 18:21:26.0266 4656 arcsas - ok 18:21:26.0369 4656 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 18:21:26.0394 4656 aspnet_state - ok 18:21:26.0470 4656 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 18:21:26.0576 4656 AsyncMac - ok 18:21:26.0635 4656 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 18:21:26.0652 4656 atapi - ok 18:21:26.0710 4656 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys 18:21:26.0731 4656 atksgt - ok 18:21:26.0792 4656 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 18:21:26.0845 4656 AudioEndpointBuilder - ok 18:21:26.0875 4656 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 18:21:26.0916 4656 Audiosrv - ok 18:21:26.0946 4656 Automatisches LiveUpdate - Scheduler - ok 18:21:27.0062 4656 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys 18:21:27.0077 4656 avgntflt - ok 18:21:27.0141 4656 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys 18:21:27.0158 4656 avipbb - ok 18:21:27.0242 4656 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys 18:21:27.0256 4656 avkmgr - ok 18:21:27.0311 4656 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 18:21:27.0349 4656 AxInstSV - ok 18:21:27.0418 4656 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 18:21:27.0461 4656 b06bdrv - ok 18:21:27.0523 4656 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 18:21:27.0544 4656 b57nd60x - ok 18:21:27.0590 4656 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 18:21:27.0634 4656 BDESVC - ok 18:21:27.0690 4656 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 18:21:27.0739 4656 Beep - ok 18:21:27.0826 4656 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 18:21:27.0880 4656 BFE - ok 18:21:27.0966 4656 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll 18:21:28.0020 4656 BITS - ok 18:21:28.0102 4656 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 18:21:28.0127 4656 blbdrive - ok 18:21:28.0206 4656 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 18:21:28.0228 4656 Bonjour Service - ok 18:21:28.0321 4656 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 18:21:28.0364 4656 bowser - ok 18:21:28.0397 4656 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:21:28.0425 4656 BrFiltLo - ok 18:21:28.0492 4656 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:21:28.0530 4656 BrFiltUp - ok 18:21:28.0590 4656 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 18:21:28.0649 4656 Browser - ok 18:21:28.0706 4656 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 18:21:28.0764 4656 Brserid - ok 18:21:28.0800 4656 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 18:21:28.0834 4656 BrSerWdm - ok 18:21:28.0850 4656 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:21:28.0881 4656 BrUsbMdm - ok 18:21:28.0894 4656 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 18:21:28.0930 4656 BrUsbSer - ok 18:21:29.0029 4656 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 18:21:29.0060 4656 BTHMODEM - ok 18:21:29.0115 4656 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 18:21:29.0163 4656 bthserv - ok 18:21:29.0253 4656 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 18:21:29.0299 4656 cdfs - ok 18:21:29.0434 4656 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 18:21:29.0467 4656 cdrom - ok 18:21:29.0530 4656 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 18:21:29.0577 4656 CertPropSvc - ok 18:21:29.0615 4656 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 18:21:29.0636 4656 circlass - ok 18:21:29.0708 4656 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 18:21:29.0731 4656 CLFS - ok 18:21:29.0784 4656 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:21:29.0799 4656 clr_optimization_v2.0.50727_32 - ok 18:21:29.0859 4656 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:21:29.0892 4656 clr_optimization_v4.0.30319_32 - ok 18:21:29.0956 4656 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 18:21:29.0983 4656 CmBatt - ok 18:21:30.0036 4656 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 18:21:30.0052 4656 cmdide - ok 18:21:30.0105 4656 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 18:21:30.0147 4656 CNG - ok 18:21:30.0200 4656 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 18:21:30.0217 4656 Compbatt - ok 18:21:30.0272 4656 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 18:21:30.0309 4656 CompositeBus - ok 18:21:30.0389 4656 COMSysApp - ok 18:21:30.0451 4656 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 18:21:30.0467 4656 crcdisk - ok 18:21:30.0525 4656 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 18:21:30.0571 4656 CryptSvc - ok 18:21:30.0633 4656 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 18:21:30.0695 4656 DcomLaunch - ok 18:21:30.0743 4656 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 18:21:30.0791 4656 defragsvc - ok 18:21:30.0863 4656 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 18:21:30.0906 4656 DfsC - ok 18:21:31.0002 4656 dgderdrv - ok 18:21:31.0060 4656 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 18:21:31.0107 4656 Dhcp - ok 18:21:31.0179 4656 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 18:21:31.0231 4656 discache - ok 18:21:31.0345 4656 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 18:21:31.0364 4656 Disk - ok 18:21:31.0394 4656 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 18:21:31.0465 4656 Dnscache - ok 18:21:31.0541 4656 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 18:21:31.0589 4656 dot3svc - ok 18:21:31.0648 4656 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 18:21:31.0710 4656 DPS - ok 18:21:31.0820 4656 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 18:21:31.0847 4656 drmkaud - ok 18:21:31.0925 4656 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 18:21:31.0968 4656 DXGKrnl - ok 18:21:32.0011 4656 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 18:21:32.0063 4656 EapHost - ok 18:21:32.0237 4656 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 18:21:32.0362 4656 ebdrv - ok 18:21:32.0435 4656 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 18:21:32.0482 4656 EFS - ok 18:21:32.0551 4656 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 18:21:32.0590 4656 elxstor - ok 18:21:32.0661 4656 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 18:21:32.0692 4656 ErrDev - ok 18:21:32.0755 4656 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 18:21:32.0803 4656 EventSystem - ok 18:21:32.0902 4656 ewusbnet - ok 18:21:32.0960 4656 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 18:21:33.0008 4656 exfat - ok 18:21:33.0086 4656 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 18:21:33.0135 4656 fastfat - ok 18:21:33.0231 4656 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 18:21:33.0280 4656 Fax - ok 18:21:33.0359 4656 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 18:21:33.0387 4656 fdc - ok 18:21:33.0433 4656 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 18:21:33.0481 4656 fdPHost - ok 18:21:33.0539 4656 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 18:21:33.0583 4656 FDResPub - ok 18:21:33.0688 4656 FETND6V (403bedad0226653ba8d05aefc3f04a0c) C:\Windows\system32\DRIVERS\fetnd6v.sys 18:21:33.0715 4656 FETND6V - ok 18:21:33.0761 4656 FETNDIS (f5cb6cb6d12f495516be27cffccde4bf) C:\Windows\system32\DRIVERS\fetnd6.sys 18:21:33.0798 4656 FETNDIS - ok 18:21:33.0891 4656 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 18:21:33.0909 4656 FileInfo - ok 18:21:33.0945 4656 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 18:21:33.0991 4656 Filetrace - ok 18:21:34.0066 4656 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 18:21:34.0097 4656 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 18:21:34.0097 4656 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 18:21:34.0190 4656 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 18:21:34.0208 4656 flpydisk - ok 18:21:34.0242 4656 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 18:21:34.0261 4656 FltMgr - ok 18:21:34.0335 4656 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 18:21:34.0410 4656 FontCache - ok 18:21:34.0455 4656 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 18:21:34.0469 4656 FontCache3.0.0.0 - ok 18:21:34.0542 4656 Freemake Improver (37c2ff67a2565286f1c1c1072be74678) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe 18:21:34.0565 4656 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning 18:21:34.0565 4656 Freemake Improver - detected UnsignedFile.Multi.Generic (1) 18:21:34.0672 4656 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 18:21:34.0691 4656 FsDepends - ok 18:21:34.0769 4656 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS 18:21:34.0788 4656 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 18:21:34.0788 4656 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 18:21:34.0837 4656 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys 18:21:34.0854 4656 Fs_Rec - ok 18:21:34.0923 4656 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 18:21:34.0948 4656 fvevol - ok 18:21:35.0013 4656 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 18:21:35.0032 4656 gagp30kx - ok 18:21:35.0085 4656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:21:35.0097 4656 GEARAspiWDM - ok 18:21:35.0154 4656 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 18:21:35.0218 4656 gpsvc - ok 18:21:35.0315 4656 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 18:21:35.0357 4656 hcw85cir - ok 18:21:35.0455 4656 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 18:21:35.0502 4656 HdAudAddService - ok 18:21:35.0576 4656 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 18:21:35.0608 4656 HDAudBus - ok 18:21:35.0640 4656 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 18:21:35.0673 4656 HidBatt - ok 18:21:35.0756 4656 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 18:21:35.0791 4656 HidBth - ok 18:21:35.0832 4656 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 18:21:35.0853 4656 HidIr - ok 18:21:35.0894 4656 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll 18:21:35.0944 4656 hidserv - ok 18:21:36.0064 4656 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 18:21:36.0082 4656 HidUsb - ok 18:21:36.0132 4656 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 18:21:36.0181 4656 hkmsvc - ok 18:21:36.0243 4656 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 18:21:36.0289 4656 HomeGroupListener - ok 18:21:36.0336 4656 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 18:21:36.0373 4656 HomeGroupProvider - ok 18:21:36.0443 4656 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 18:21:36.0461 4656 HpSAMD - ok 18:21:36.0527 4656 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 18:21:36.0573 4656 HTTP - ok 18:21:36.0617 4656 hwdatacard - ok 18:21:36.0670 4656 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 18:21:36.0690 4656 hwpolicy - ok 18:21:36.0733 4656 hwusbdev - ok 18:21:36.0797 4656 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 18:21:36.0831 4656 i8042prt - ok 18:21:36.0904 4656 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 18:21:36.0929 4656 iaStorV - ok 18:21:37.0008 4656 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 18:21:37.0029 4656 IDriverT ( UnsignedFile.Multi.Generic ) - warning 18:21:37.0030 4656 IDriverT - detected UnsignedFile.Multi.Generic (1) 18:21:37.0138 4656 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:21:37.0187 4656 idsvc - ok 18:21:37.0256 4656 IGDCTRL (e28602c9e17b0ddce9f5deb3b3e2a635) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE 18:21:37.0270 4656 IGDCTRL - ok 18:21:37.0375 4656 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 18:21:37.0394 4656 iirsp - ok 18:21:37.0453 4656 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 18:21:37.0517 4656 IKEEXT - ok 18:21:37.0663 4656 IntcAzAudAddService (4a705bf2a6f7972f2f2ad8a0d8079f95) C:\Windows\system32\drivers\RTKVHDA.sys 18:21:37.0741 4656 IntcAzAudAddService - ok 18:21:37.0846 4656 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 18:21:37.0863 4656 intelide - ok 18:21:37.0901 4656 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 18:21:37.0935 4656 intelppm - ok 18:21:38.0004 4656 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 18:21:38.0043 4656 IPBusEnum - ok 18:21:38.0116 4656 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:21:38.0168 4656 IpFilterDriver - ok 18:21:38.0246 4656 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 18:21:38.0313 4656 iphlpsvc - ok 18:21:38.0375 4656 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 18:21:38.0408 4656 IPMIDRV - ok 18:21:38.0452 4656 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 18:21:38.0505 4656 IPNAT - ok 18:21:38.0606 4656 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe 18:21:38.0635 4656 iPod Service - ok 18:21:38.0735 4656 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 18:21:38.0756 4656 IRENUM - ok 18:21:38.0794 4656 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 18:21:38.0812 4656 isapnp - ok 18:21:38.0843 4656 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 18:21:38.0866 4656 iScsiPrt - ok 18:21:38.0912 4656 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 18:21:38.0929 4656 kbdclass - ok 18:21:38.0969 4656 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 18:21:38.0999 4656 kbdhid - ok 18:21:39.0033 4656 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 18:21:39.0050 4656 KeyIso - ok 18:21:39.0091 4656 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 18:21:39.0109 4656 KSecDD - ok 18:21:39.0147 4656 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 18:21:39.0167 4656 KSecPkg - ok 18:21:39.0229 4656 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 18:21:39.0287 4656 KtmRm - ok 18:21:39.0379 4656 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll 18:21:39.0432 4656 LanmanServer - ok 18:21:39.0486 4656 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 18:21:39.0524 4656 LanmanWorkstation - ok 18:21:39.0611 4656 LightScribeService (ccad2aae36e24346488b0f54a049de78) C:\Program Files\Common Files\LightScribe\LSSrvc.exe 18:21:39.0624 4656 LightScribeService - ok 18:21:39.0716 4656 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys 18:21:39.0730 4656 lirsgt - ok 18:21:39.0783 4656 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 18:21:39.0829 4656 lltdio - ok 18:21:39.0895 4656 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 18:21:39.0937 4656 lltdsvc - ok 18:21:39.0960 4656 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 18:21:40.0012 4656 lmhosts - ok 18:21:40.0074 4656 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 18:21:40.0093 4656 LSI_FC - ok 18:21:40.0130 4656 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 18:21:40.0150 4656 LSI_SAS - ok 18:21:40.0194 4656 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:21:40.0212 4656 LSI_SAS2 - ok 18:21:40.0247 4656 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:21:40.0267 4656 LSI_SCSI - ok 18:21:40.0308 4656 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 18:21:40.0345 4656 luafv - ok 18:21:40.0396 4656 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 18:21:40.0414 4656 megasas - ok 18:21:40.0445 4656 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 18:21:40.0468 4656 MegaSR - ok 18:21:40.0504 4656 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 18:21:40.0574 4656 MMCSS - ok 18:21:40.0667 4656 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 18:21:40.0720 4656 Modem - ok 18:21:40.0802 4656 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 18:21:40.0834 4656 monitor - ok 18:21:40.0888 4656 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 18:21:40.0907 4656 mouclass - ok 18:21:40.0961 4656 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 18:21:40.0997 4656 mouhid - ok 18:21:41.0071 4656 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 18:21:41.0088 4656 mountmgr - ok 18:21:41.0145 4656 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 18:21:41.0165 4656 mpio - ok 18:21:41.0205 4656 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 18:21:41.0249 4656 mpsdrv - ok 18:21:41.0330 4656 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 18:21:41.0395 4656 MpsSvc - ok 18:21:41.0450 4656 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 18:21:41.0475 4656 MRxDAV - ok 18:21:41.0556 4656 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:21:41.0591 4656 mrxsmb - ok 18:21:41.0628 4656 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:21:41.0664 4656 mrxsmb10 - ok 18:21:41.0720 4656 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:21:41.0754 4656 mrxsmb20 - ok 18:21:41.0806 4656 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 18:21:41.0824 4656 msahci - ok 18:21:41.0858 4656 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 18:21:41.0877 4656 msdsm - ok 18:21:41.0910 4656 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 18:21:41.0944 4656 MSDTC - ok 18:21:42.0039 4656 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 18:21:42.0075 4656 Msfs - ok 18:21:42.0097 4656 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 18:21:42.0143 4656 mshidkmdf - ok 18:21:42.0197 4656 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 18:21:42.0213 4656 msisadrv - ok 18:21:42.0272 4656 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 18:21:42.0319 4656 MSiSCSI - ok 18:21:42.0360 4656 msiserver - ok 18:21:42.0453 4656 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 18:21:42.0505 4656 MSKSSRV - ok 18:21:42.0608 4656 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 18:21:42.0652 4656 MSPCLOCK - ok 18:21:42.0748 4656 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 18:21:42.0799 4656 MSPQM - ok 18:21:42.0871 4656 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 18:21:42.0891 4656 MsRPC - ok 18:21:42.0953 4656 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 18:21:42.0970 4656 mssmbios - ok 18:21:43.0054 4656 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 18:21:43.0090 4656 MSTEE - ok 18:21:43.0155 4656 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 18:21:43.0181 4656 MTConfig - ok 18:21:43.0249 4656 MTSBDA (f87e160bed37ad7e2e5394cf4bce7839) C:\Windows\system32\Drivers\MtsBda.sys 18:21:43.0267 4656 MTSBDA - ok 18:21:43.0311 4656 MtsHID (dae8572b995a67e90633a28d7b204a4f) C:\Windows\system32\drivers\MtsHID.sys 18:21:43.0324 4656 MtsHID - ok 18:21:43.0370 4656 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 18:21:43.0387 4656 Mup - ok 18:21:43.0430 4656 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 18:21:43.0496 4656 napagent - ok 18:21:43.0600 4656 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 18:21:43.0627 4656 NativeWifiP - ok 18:21:43.0743 4656 NBService (5836b9e91863a00ec1b8e785efd86ecb) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe 18:21:43.0790 4656 NBService - ok 18:21:43.0889 4656 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 18:21:43.0927 4656 NDIS - ok 18:21:43.0972 4656 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 18:21:44.0021 4656 NdisCap - ok 18:21:44.0115 4656 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 18:21:44.0161 4656 NdisTapi - ok 18:21:44.0275 4656 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 18:21:44.0319 4656 Ndisuio - ok 18:21:44.0392 4656 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 18:21:44.0437 4656 NdisWan - ok 18:21:44.0491 4656 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 18:21:44.0527 4656 NDProxy - ok 18:21:44.0590 4656 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 18:21:44.0643 4656 NetBIOS - ok 18:21:44.0740 4656 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 18:21:44.0791 4656 NetBT - ok 18:21:44.0863 4656 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 18:21:44.0881 4656 Netlogon - ok 18:21:44.0939 4656 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 18:21:45.0000 4656 Netman - ok 18:21:45.0109 4656 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:21:45.0132 4656 NetMsmqActivator - ok 18:21:45.0175 4656 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:21:45.0193 4656 NetPipeActivator - ok 18:21:45.0274 4656 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 18:21:45.0341 4656 netprofm - ok 18:21:45.0443 4656 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:21:45.0458 4656 NetTcpActivator - ok 18:21:45.0464 4656 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:21:45.0480 4656 NetTcpPortSharing - ok 18:21:45.0556 4656 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 18:21:45.0576 4656 nfrd960 - ok 18:21:45.0617 4656 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 18:21:45.0677 4656 NlaSvc - ok 18:21:45.0771 4656 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe 18:21:45.0791 4656 NMIndexingService - ok 18:21:45.0827 4656 NovacomD (085440078813949c51c33589557bfd29) C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe 18:21:45.0845 4656 NovacomD ( UnsignedFile.Multi.Generic ) - warning 18:21:45.0845 4656 NovacomD - detected UnsignedFile.Multi.Generic (1) 18:21:45.0965 4656 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys 18:21:45.0978 4656 NPF - ok 18:21:46.0041 4656 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 18:21:46.0087 4656 Npfs - ok 18:21:46.0146 4656 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 18:21:46.0203 4656 nsi - ok 18:21:46.0251 4656 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 18:21:46.0301 4656 nsiproxy - ok 18:21:46.0385 4656 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 18:21:46.0453 4656 Ntfs - ok 18:21:46.0498 4656 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 18:21:46.0535 4656 Null - ok 18:21:46.0829 4656 nvlddmkm (847b1755f7757f825305a1ffe6dac3e9) C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:21:47.0080 4656 nvlddmkm - ok 18:21:47.0189 4656 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 18:21:47.0209 4656 nvraid - ok 18:21:47.0232 4656 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 18:21:47.0252 4656 nvstor - ok 18:21:47.0332 4656 nvsvc (7c732aff202dcd06c3d262966d71604c) C:\Windows\system32\nvvsvc.exe 18:21:47.0363 4656 nvsvc - ok 18:21:47.0508 4656 nvUpdatusService (262d2fbf211a88dcb84249df0f6ef6e7) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 18:21:47.0591 4656 nvUpdatusService - ok 18:21:47.0681 4656 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 18:21:47.0701 4656 nv_agp - ok 18:21:47.0783 4656 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:21:47.0809 4656 odserv - ok 18:21:47.0908 4656 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 18:21:47.0941 4656 ohci1394 - ok 18:21:48.0015 4656 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:21:48.0033 4656 ose - ok 18:21:48.0103 4656 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 18:21:48.0131 4656 p2pimsvc - ok 18:21:48.0154 4656 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 18:21:48.0180 4656 p2psvc - ok 18:21:48.0268 4656 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 18:21:48.0297 4656 Parport - ok 18:21:48.0359 4656 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 18:21:48.0376 4656 partmgr - ok 18:21:48.0422 4656 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 18:21:48.0456 4656 Parvdm - ok 18:21:48.0513 4656 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 18:21:48.0539 4656 PcaSvc - ok 18:21:48.0586 4656 pccsmcfd - ok 18:21:48.0624 4656 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 18:21:48.0644 4656 pci - ok 18:21:48.0703 4656 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 18:21:48.0719 4656 pciide - ok 18:21:48.0783 4656 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 18:21:48.0804 4656 pcmcia - ok 18:21:48.0851 4656 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 18:21:48.0869 4656 pcw - ok 18:21:48.0902 4656 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 18:21:48.0969 4656 PEAUTH - ok 18:21:49.0077 4656 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys 18:21:49.0092 4656 pfc ( UnsignedFile.Multi.Generic ) - warning 18:21:49.0092 4656 pfc - detected UnsignedFile.Multi.Generic (1) 18:21:49.0172 4656 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 18:21:49.0268 4656 pla - ok 18:21:49.0358 4656 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 18:21:49.0391 4656 PlugPlay - ok 18:21:49.0431 4656 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 18:21:49.0461 4656 PNRPAutoReg - ok 18:21:49.0510 4656 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 18:21:49.0535 4656 PNRPsvc - ok 18:21:49.0605 4656 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 18:21:49.0655 4656 PolicyAgent - ok 18:21:49.0720 4656 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 18:21:49.0774 4656 Power - ok 18:21:49.0848 4656 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 18:21:49.0897 4656 PptpMiniport - ok 18:21:49.0971 4656 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 18:21:50.0004 4656 Processor - ok 18:21:50.0057 4656 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 18:21:50.0096 4656 ProfSvc - ok 18:21:50.0161 4656 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 18:21:50.0179 4656 ProtectedStorage - ok 18:21:50.0239 4656 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 18:21:50.0278 4656 Psched - ok 18:21:50.0341 4656 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys 18:21:50.0360 4656 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning 18:21:50.0360 4656 PxHelp20 - detected UnsignedFile.Multi.Generic (1) 18:21:50.0448 4656 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 18:21:50.0515 4656 ql2300 - ok 18:21:50.0590 4656 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 18:21:50.0610 4656 ql40xx - ok 18:21:50.0658 4656 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 18:21:50.0694 4656 QWAVE - ok 18:21:50.0755 4656 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 18:21:50.0778 4656 QWAVEdrv - ok 18:21:50.0817 4656 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 18:21:50.0883 4656 RasAcd - ok 18:21:50.0969 4656 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:21:51.0017 4656 RasAgileVpn - ok 18:21:51.0078 4656 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 18:21:51.0117 4656 RasAuto - ok 18:21:51.0215 4656 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:21:51.0261 4656 Rasl2tp - ok 18:21:51.0346 4656 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 18:21:51.0398 4656 RasMan - ok 18:21:51.0474 4656 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 18:21:51.0527 4656 RasPppoe - ok 18:21:51.0625 4656 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 18:21:51.0670 4656 RasSstp - ok 18:21:51.0764 4656 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 18:21:51.0811 4656 rdbss - ok 18:21:51.0875 4656 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 18:21:51.0905 4656 rdpbus - ok 18:21:51.0957 4656 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:21:52.0000 4656 RDPCDD - ok 18:21:52.0105 4656 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 18:21:52.0151 4656 RDPENCDD - ok 18:21:52.0221 4656 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 18:21:52.0264 4656 RDPREFMP - ok 18:21:52.0339 4656 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys 18:21:52.0370 4656 RDPWD - ok 18:21:52.0438 4656 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 18:21:52.0459 4656 rdyboost - ok 18:21:52.0496 4656 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 18:21:52.0532 4656 RemoteAccess - ok 18:21:52.0596 4656 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 18:21:52.0636 4656 RemoteRegistry - ok 18:21:52.0754 4656 RichVideo (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files\CyberLink\Shared Files\RichVideo.exe 18:21:52.0773 4656 RichVideo - ok 18:21:52.0867 4656 RoxMediaDB9 (9c19e4419a6acf8fff53f1dd1c305e9e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe 18:21:52.0916 4656 RoxMediaDB9 - ok 18:21:52.0950 4656 RoxWatch9 (9d95da35ec22511a1ceb38a8c3a0bc7e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe 18:21:52.0965 4656 RoxWatch9 - ok 18:21:53.0020 4656 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe 18:21:53.0036 4656 rpcapd - ok 18:21:53.0106 4656 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 18:21:53.0153 4656 RpcEptMapper - ok 18:21:53.0213 4656 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 18:21:53.0247 4656 RpcLocator - ok 18:21:53.0289 4656 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 18:21:53.0332 4656 RpcSs - ok 18:21:53.0426 4656 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 18:21:53.0472 4656 rspndr - ok 18:21:53.0569 4656 RTL8187 (99c27fceb21347daf3ee9e8c205314d6) C:\Windows\system32\DRIVERS\wg111v2.sys 18:21:53.0611 4656 RTL8187 - ok 18:21:53.0659 4656 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 18:21:53.0679 4656 SamSs - ok 18:21:53.0745 4656 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 18:21:53.0765 4656 sbp2port - ok 18:21:53.0801 4656 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 18:21:53.0855 4656 SCardSvr - ok 18:21:53.0943 4656 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 18:21:53.0992 4656 scfilter - ok 18:21:54.0045 4656 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 18:21:54.0118 4656 Schedule - ok 18:21:54.0191 4656 SCMNdisP (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys 18:21:54.0205 4656 SCMNdisP - ok 18:21:54.0255 4656 SCM_Service (42660bbed859ac22dfd12ae598a8ffaa) C:\Windows\System32\WinService.exe 18:21:54.0277 4656 SCM_Service ( UnsignedFile.Multi.Generic ) - warning 18:21:54.0277 4656 SCM_Service - detected UnsignedFile.Multi.Generic (1) 18:21:54.0334 4656 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 18:21:54.0370 4656 SCPolicySvc - ok 18:21:54.0416 4656 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 18:21:54.0458 4656 SDRSVC - ok 18:21:54.0511 4656 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 18:21:54.0547 4656 secdrv - ok 18:21:54.0608 4656 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 18:21:54.0661 4656 seclogon - ok 18:21:54.0707 4656 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll 18:21:54.0760 4656 SENS - ok 18:21:54.0825 4656 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 18:21:54.0867 4656 SensrSvc - ok 18:21:54.0925 4656 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 18:21:54.0952 4656 Serenum - ok 18:21:55.0012 4656 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 18:21:55.0040 4656 Serial - ok 18:21:55.0093 4656 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 18:21:55.0126 4656 sermouse - ok 18:21:55.0191 4656 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 18:21:55.0228 4656 SessionEnv - ok 18:21:55.0309 4656 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 18:21:55.0336 4656 sffdisk - ok 18:21:55.0357 4656 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 18:21:55.0389 4656 sffp_mmc - ok 18:21:55.0463 4656 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 18:21:55.0486 4656 sffp_sd - ok 18:21:55.0536 4656 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 18:21:55.0562 4656 sfloppy - ok 18:21:55.0629 4656 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 18:21:55.0686 4656 SharedAccess - ok 18:21:55.0766 4656 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 18:21:55.0819 4656 ShellHWDetection - ok 18:21:55.0879 4656 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 18:21:55.0898 4656 sisagp - ok 18:21:55.0974 4656 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:21:55.0992 4656 SiSRaid2 - ok 18:21:56.0015 4656 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 18:21:56.0035 4656 SiSRaid4 - ok 18:21:56.0072 4656 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 18:21:56.0110 4656 Smb - ok 18:21:56.0195 4656 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 18:21:56.0215 4656 SNMPTRAP - ok 18:21:56.0305 4656 SplashtopRemoteService (ccf611a259882d8cf4dbabae2341ee31) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe 18:21:56.0331 4656 SplashtopRemoteService - ok 18:21:56.0421 4656 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 18:21:56.0439 4656 spldr - ok 18:21:56.0496 4656 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 18:21:56.0563 4656 Spooler - ok 18:21:56.0711 4656 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 18:21:56.0838 4656 sppsvc - ok 18:21:56.0901 4656 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 18:21:56.0952 4656 sppuinotify - ok 18:21:57.0012 4656 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 18:21:57.0057 4656 srv - ok 18:21:57.0109 4656 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 18:21:57.0139 4656 srv2 - ok 18:21:57.0218 4656 SrvCDEject (9e0e4c777bf358b7863d22a8ca56b189) C:\Program Files\Packard Bell\SrvCDEject.exe 18:21:57.0245 4656 SrvCDEject ( UnsignedFile.Multi.Generic ) - warning 18:21:57.0245 4656 SrvCDEject - detected UnsignedFile.Multi.Generic (1) 18:21:57.0339 4656 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 18:21:57.0358 4656 srvnet - ok 18:21:57.0395 4656 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 18:21:57.0435 4656 SSDPSRV - ok 18:21:57.0514 4656 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 18:21:57.0526 4656 ssmdrv - ok 18:21:57.0558 4656 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 18:21:57.0597 4656 SstpSvc - ok 18:21:57.0686 4656 SSUService (1cfa4a1f3c7bb4c8f299e00428eb8677) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe 18:21:57.0707 4656 SSUService - ok 18:21:57.0773 4656 Steam Client Service - ok 18:21:57.0864 4656 Stereo Service (a2abc52cd8a5b60262b220a17a92eb31) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 18:21:57.0883 4656 Stereo Service - ok 18:21:57.0980 4656 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 18:21:57.0997 4656 stexstor - ok 18:21:58.0041 4656 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 18:21:58.0092 4656 StiSvc - ok 18:21:58.0164 4656 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 18:21:58.0184 4656 stllssvr ( UnsignedFile.Multi.Generic ) - warning 18:21:58.0184 4656 stllssvr - detected UnsignedFile.Multi.Generic (1) 18:21:58.0287 4656 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 18:21:58.0303 4656 swenum - ok 18:21:58.0341 4656 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 18:21:58.0396 4656 swprv - ok 18:21:58.0478 4656 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 18:21:58.0541 4656 SysMain - ok 18:21:58.0586 4656 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 18:21:58.0613 4656 TabletInputService - ok 18:21:58.0666 4656 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 18:21:58.0731 4656 TapiSrv - ok 18:21:58.0791 4656 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 18:21:58.0845 4656 TBS - ok 18:21:58.0977 4656 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 18:21:59.0043 4656 Tcpip - ok 18:21:59.0161 4656 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 18:21:59.0205 4656 TCPIP6 - ok 18:21:59.0300 4656 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 18:21:59.0351 4656 tcpipreg - ok 18:21:59.0445 4656 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 18:21:59.0471 4656 TDPIPE - ok 18:21:59.0515 4656 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 18:21:59.0549 4656 TDTCP - ok 18:21:59.0629 4656 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 18:21:59.0676 4656 tdx - ok 18:21:59.0819 4656 TeamViewer5 (2a64c802f4c8aa00ac8472c771688e00) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe 18:21:59.0908 4656 TeamViewer5 - ok 18:22:00.0014 4656 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 18:22:00.0035 4656 TermDD - ok 18:22:00.0096 4656 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 18:22:00.0142 4656 TermService - ok 18:22:00.0217 4656 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 18:22:00.0243 4656 Themes - ok 18:22:00.0278 4656 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 18:22:00.0315 4656 THREADORDER - ok 18:22:00.0381 4656 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 18:22:00.0436 4656 TrkWks - ok 18:22:00.0483 4656 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 18:22:00.0531 4656 TrustedInstaller - ok 18:22:00.0612 4656 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:22:00.0647 4656 tssecsrv - ok 18:22:00.0738 4656 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 18:22:00.0760 4656 TsUsbFlt - ok 18:22:00.0812 4656 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 18:22:00.0849 4656 tunnel - ok 18:22:00.0890 4656 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 18:22:00.0908 4656 uagp35 - ok 18:22:00.0949 4656 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 18:22:00.0997 4656 udfs - ok 18:22:01.0072 4656 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 18:22:01.0106 4656 UI0Detect - ok 18:22:01.0175 4656 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 18:22:01.0193 4656 uliagpkx - ok 18:22:01.0256 4656 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 18:22:01.0284 4656 umbus - ok 18:22:01.0339 4656 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 18:22:01.0368 4656 UmPass - ok 18:22:01.0425 4656 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 18:22:01.0479 4656 upnphost - ok 18:22:01.0541 4656 USB28xxBGA (599a5d2f536f64ff4502f9b0d61e57c6) C:\Windows\system32\DRIVERS\emBDA.sys 18:22:01.0574 4656 USB28xxBGA - ok 18:22:01.0680 4656 USB28xxOEM (6ec3f4024514ce503789e80833b452a8) C:\Windows\system32\DRIVERS\emOEM.sys 18:22:01.0708 4656 USB28xxOEM - ok 18:22:01.0758 4656 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 18:22:01.0798 4656 USBAAPL - ok 18:22:01.0886 4656 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys 18:22:01.0918 4656 usbaudio - ok 18:22:01.0972 4656 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 18:22:02.0002 4656 usbccgp - ok 18:22:02.0056 4656 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 18:22:02.0078 4656 usbcir - ok 18:22:02.0133 4656 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 18:22:02.0152 4656 usbehci - ok 18:22:02.0229 4656 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 18:22:02.0266 4656 usbhub - ok 18:22:02.0310 4656 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 18:22:02.0328 4656 usbohci - ok 18:22:02.0374 4656 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 18:22:02.0395 4656 usbprint - ok 18:22:02.0439 4656 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 18:22:02.0469 4656 usbscan - ok 18:22:02.0525 4656 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:22:02.0567 4656 USBSTOR - ok 18:22:02.0645 4656 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 18:22:02.0663 4656 usbuhci - ok 18:22:02.0702 4656 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 18:22:02.0750 4656 UxSms - ok 18:22:02.0821 4656 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 18:22:02.0839 4656 VaultSvc - ok 18:22:02.0925 4656 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 18:22:02.0943 4656 vdrvroot - ok 18:22:03.0000 4656 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 18:22:03.0052 4656 vds - ok 18:22:03.0154 4656 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 18:22:03.0174 4656 vga - ok 18:22:03.0223 4656 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 18:22:03.0260 4656 VgaSave - ok 18:22:03.0363 4656 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 18:22:03.0384 4656 vhdmp - ok 18:22:03.0428 4656 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 18:22:03.0447 4656 viaagp - ok 18:22:03.0505 4656 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 18:22:03.0533 4656 ViaC7 - ok 18:22:03.0590 4656 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 18:22:03.0610 4656 viaide - ok 18:22:03.0649 4656 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 18:22:03.0666 4656 volmgr - ok 18:22:03.0734 4656 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 18:22:03.0757 4656 volmgrx - ok 18:22:03.0816 4656 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 18:22:03.0836 4656 volsnap - ok 18:22:03.0891 4656 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 18:22:03.0912 4656 vsmraid - ok 18:22:03.0984 4656 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 18:22:04.0054 4656 VSS - ok 18:22:04.0129 4656 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 18:22:04.0162 4656 vwifibus - ok 18:22:04.0225 4656 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 18:22:04.0268 4656 W32Time - ok 18:22:04.0351 4656 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 18:22:04.0381 4656 WacomPen - ok 18:22:04.0481 4656 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 18:22:04.0516 4656 WANARP - ok 18:22:04.0540 4656 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 18:22:04.0573 4656 Wanarpv6 - ok 18:22:04.0638 4656 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 18:22:04.0718 4656 wbengine - ok 18:22:04.0795 4656 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 18:22:04.0849 4656 WbioSrvc - ok 18:22:04.0894 4656 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 18:22:04.0945 4656 wcncsvc - ok 18:22:04.0974 4656 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 18:22:05.0021 4656 WcsPlugInService - ok 18:22:05.0084 4656 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 18:22:05.0102 4656 Wd - ok 18:22:05.0148 4656 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 18:22:05.0185 4656 Wdf01000 - ok 18:22:05.0256 4656 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 18:22:05.0299 4656 WdiServiceHost - ok 18:22:05.0315 4656 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 18:22:05.0339 4656 WdiSystemHost - ok 18:22:05.0416 4656 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 18:22:05.0459 4656 WebClient - ok 18:22:05.0494 4656 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 18:22:05.0536 4656 Wecsvc - ok 18:22:05.0585 4656 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 18:22:05.0636 4656 wercplsupport - ok 18:22:05.0739 4656 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 18:22:05.0779 4656 WerSvc - ok 18:22:05.0849 4656 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 18:22:05.0885 4656 WfpLwf - ok 18:22:05.0944 4656 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 18:22:05.0961 4656 WIMMount - ok 18:22:06.0029 4656 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 18:22:06.0082 4656 WinDefend - ok 18:22:06.0094 4656 WinHttpAutoProxySvc - ok 18:22:06.0203 4656 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 18:22:06.0250 4656 Winmgmt - ok 18:22:06.0320 4656 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 18:22:06.0407 4656 WinRM - ok 18:22:06.0530 4656 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 18:22:06.0559 4656 WinUsb - ok 18:22:06.0609 4656 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 18:22:06.0659 4656 Wlansvc - ok 18:22:06.0772 4656 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:22:06.0838 4656 wlidsvc - ok 18:22:06.0934 4656 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 18:22:06.0954 4656 WmiAcpi - ok 18:22:07.0036 4656 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 18:22:07.0056 4656 wmiApSrv - ok 18:22:07.0143 4656 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 18:22:07.0208 4656 WMPNetworkSvc - ok 18:22:07.0271 4656 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 18:22:07.0300 4656 WPCSvc - ok 18:22:07.0341 4656 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 18:22:07.0378 4656 WPDBusEnum - ok 18:22:07.0477 4656 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 18:22:07.0526 4656 ws2ifsl - ok 18:22:07.0584 4656 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll 18:22:07.0623 4656 wscsvc - ok 18:22:07.0635 4656 WSearch - ok 18:22:07.0724 4656 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 18:22:07.0821 4656 wuauserv - ok 18:22:07.0871 4656 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 18:22:07.0909 4656 WudfPf - ok 18:22:08.0011 4656 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:22:08.0047 4656 WUDFRd - ok 18:22:08.0125 4656 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 18:22:08.0164 4656 wudfsvc - ok 18:22:08.0213 4656 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 18:22:08.0254 4656 WwanSvc - ok 18:22:08.0316 4656 xusb21 (c26c68bcbac1f33f890c226769759209) C:\Windows\system32\DRIVERS\xusb21.sys 18:22:08.0344 4656 xusb21 - ok 18:22:08.0379 4656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 18:22:08.0517 4656 \Device\Harddisk0\DR0 - ok 18:22:08.0523 4656 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 18:22:08.0627 4656 \Device\Harddisk1\DR1 - ok 18:22:08.0649 4656 Boot (0x1200) (2161ede224ba40d5a38958512178ff54) \Device\Harddisk0\DR0\Partition0 18:22:08.0650 4656 \Device\Harddisk0\DR0\Partition0 - ok 18:22:08.0655 4656 Boot (0x1200) (b9709801f07bfef5ac160c75a705b7c0) \Device\Harddisk0\DR0\Partition1 18:22:08.0657 4656 \Device\Harddisk0\DR0\Partition1 - ok 18:22:08.0665 4656 Boot (0x1200) (f55078df5ffb4d1cc2922c6214e153e6) \Device\Harddisk1\DR1\Partition0 18:22:08.0666 4656 \Device\Harddisk1\DR1\Partition0 - ok 18:22:08.0668 4656 ============================================================ 18:22:08.0668 4656 Scan finished 18:22:08.0668 4656 ============================================================ 18:22:08.0697 2512 Detected object count: 10 18:22:08.0697 2512 Actual detected object count: 10 |
|
23.04.2012, 21:18
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spam-Versand über meinen Yahoo-Account Poste die Logs bitte in CODE-Tags umschlossen!
__________________Das TDSS-Killer-Log ist unvollständig, die untere Zusammenfassung fehlt
__________________ |
|
23.04.2012, 21:34
| #19 |
| | Spam-Versand über meinen Yahoo-Account Okay, sorry. Ist mir nicht aufgefallen, dass etwas fehlt. Hier nun vollständig und als Code Code:
ATTFilter 18:20:23.0124 1028 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
18:20:23.0330 1028 ============================================================
18:20:23.0330 1028 Current date / time: 2012/04/23 18:20:23.0330
18:20:23.0330 1028 SystemInfo:
18:20:23.0330 1028
18:20:23.0330 1028 OS Version: 6.1.7601 ServicePack: 1.0
18:20:23.0330 1028 Product type: Workstation
18:20:23.0331 1028 ComputerName: MATTHIAS-PC
18:20:23.0331 1028 UserName: Matthias
18:20:23.0331 1028 Windows directory: C:\Windows
18:20:23.0331 1028 System windows directory: C:\Windows
18:20:23.0331 1028 Processor architecture: Intel x86
18:20:23.0331 1028 Number of processors: 2
18:20:23.0331 1028 Page size: 0x1000
18:20:23.0331 1028 Boot type: Normal boot
18:20:23.0331 1028 ============================================================
18:20:23.0953 1028 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:20:23.0964 1028 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:20:32.0117 1028 \Device\Harddisk0\DR0:
18:20:32.0132 1028 MBR partitions:
18:20:32.0132 1028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1000800, BlocksNum 0x8FDED03
18:20:32.0132 1028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9FDF503, BlocksNum 0x123C62A1
18:20:32.0146 1028 \Device\Harddisk1\DR1:
18:20:32.0146 1028 MBR partitions:
18:20:32.0146 1028 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706D70
18:20:32.0181 1028 C: <-> \Device\Harddisk0\DR0\Partition0
18:20:32.0211 1028 E: <-> \Device\Harddisk0\DR0\Partition1
18:20:32.0233 1028 L: <-> \Device\Harddisk1\DR1\Partition0
18:20:32.0233 1028 Initialize success
18:20:32.0233 1028 ============================================================
18:21:22.0397 4656 ============================================================
18:21:22.0397 4656 Scan started
18:21:22.0397 4656 Mode: Manual; SigCheck; TDLFS;
18:21:22.0397 4656 ============================================================
18:21:23.0255 4656 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:21:23.0367 4656 1394ohci - ok
18:21:23.0461 4656 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
18:21:23.0500 4656 acedrv11 - ok
18:21:23.0562 4656 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:21:23.0585 4656 ACPI - ok
18:21:23.0649 4656 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:21:23.0704 4656 AcpiPmi - ok
18:21:23.0813 4656 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
18:21:23.0832 4656 Adobe Version Cue CS3 - ok
18:21:23.0941 4656 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:21:23.0958 4656 AdobeFlashPlayerUpdateSvc - ok
18:21:24.0041 4656 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:21:24.0073 4656 adp94xx - ok
18:21:24.0115 4656 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:21:24.0139 4656 adpahci - ok
18:21:24.0167 4656 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:21:24.0188 4656 adpu320 - ok
18:21:24.0241 4656 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:21:24.0366 4656 AeLookupSvc - ok
18:21:24.0468 4656 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:21:24.0516 4656 AFD - ok
18:21:24.0560 4656 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:21:24.0578 4656 agp440 - ok
18:21:24.0623 4656 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:21:24.0642 4656 aic78xx - ok
18:21:24.0683 4656 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:21:24.0734 4656 ALG - ok
18:21:24.0788 4656 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:21:24.0804 4656 aliide - ok
18:21:24.0854 4656 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:21:24.0873 4656 amdagp - ok
18:21:24.0906 4656 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:21:24.0922 4656 amdide - ok
18:21:24.0973 4656 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:21:25.0003 4656 AmdK8 - ok
18:21:25.0036 4656 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:21:25.0076 4656 AmdPPM - ok
18:21:25.0124 4656 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:21:25.0143 4656 amdsata - ok
18:21:25.0209 4656 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:21:25.0246 4656 amdsbs - ok
18:21:25.0358 4656 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:21:25.0375 4656 amdxata - ok
18:21:25.0461 4656 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:21:25.0478 4656 AntiVirSchedulerService - ok
18:21:25.0520 4656 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:21:25.0535 4656 AntiVirService - ok
18:21:25.0619 4656 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
18:21:25.0633 4656 AOL ACS - ok
18:21:25.0739 4656 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:21:25.0790 4656 AppID - ok
18:21:25.0837 4656 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:21:25.0889 4656 AppIDSvc - ok
18:21:25.0950 4656 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
18:21:25.0996 4656 Appinfo - ok
18:21:26.0091 4656 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:21:26.0105 4656 Apple Mobile Device - ok
18:21:26.0197 4656 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:21:26.0216 4656 arc - ok
18:21:26.0248 4656 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:21:26.0266 4656 arcsas - ok
18:21:26.0369 4656 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:21:26.0394 4656 aspnet_state - ok
18:21:26.0470 4656 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:21:26.0576 4656 AsyncMac - ok
18:21:26.0635 4656 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:21:26.0652 4656 atapi - ok
18:21:26.0710 4656 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
18:21:26.0731 4656 atksgt - ok
18:21:26.0792 4656 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:21:26.0845 4656 AudioEndpointBuilder - ok
18:21:26.0875 4656 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:21:26.0916 4656 Audiosrv - ok
18:21:26.0946 4656 Automatisches LiveUpdate - Scheduler - ok
18:21:27.0062 4656 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
18:21:27.0077 4656 avgntflt - ok
18:21:27.0141 4656 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
18:21:27.0158 4656 avipbb - ok
18:21:27.0242 4656 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
18:21:27.0256 4656 avkmgr - ok
18:21:27.0311 4656 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
18:21:27.0349 4656 AxInstSV - ok
18:21:27.0418 4656 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:21:27.0461 4656 b06bdrv - ok
18:21:27.0523 4656 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:21:27.0544 4656 b57nd60x - ok
18:21:27.0590 4656 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:21:27.0634 4656 BDESVC - ok
18:21:27.0690 4656 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:21:27.0739 4656 Beep - ok
18:21:27.0826 4656 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
18:21:27.0880 4656 BFE - ok
18:21:27.0966 4656 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
18:21:28.0020 4656 BITS - ok
18:21:28.0102 4656 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:21:28.0127 4656 blbdrive - ok
18:21:28.0206 4656 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:21:28.0228 4656 Bonjour Service - ok
18:21:28.0321 4656 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:21:28.0364 4656 bowser - ok
18:21:28.0397 4656 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:21:28.0425 4656 BrFiltLo - ok
18:21:28.0492 4656 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:21:28.0530 4656 BrFiltUp - ok
18:21:28.0590 4656 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
18:21:28.0649 4656 Browser - ok
18:21:28.0706 4656 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:21:28.0764 4656 Brserid - ok
18:21:28.0800 4656 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:21:28.0834 4656 BrSerWdm - ok
18:21:28.0850 4656 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:21:28.0881 4656 BrUsbMdm - ok
18:21:28.0894 4656 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:21:28.0930 4656 BrUsbSer - ok
18:21:29.0029 4656 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:21:29.0060 4656 BTHMODEM - ok
18:21:29.0115 4656 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:21:29.0163 4656 bthserv - ok
18:21:29.0253 4656 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:21:29.0299 4656 cdfs - ok
18:21:29.0434 4656 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
18:21:29.0467 4656 cdrom - ok
18:21:29.0530 4656 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:21:29.0577 4656 CertPropSvc - ok
18:21:29.0615 4656 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:21:29.0636 4656 circlass - ok
18:21:29.0708 4656 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:21:29.0731 4656 CLFS - ok
18:21:29.0784 4656 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:21:29.0799 4656 clr_optimization_v2.0.50727_32 - ok
18:21:29.0859 4656 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:21:29.0892 4656 clr_optimization_v4.0.30319_32 - ok
18:21:29.0956 4656 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:21:29.0983 4656 CmBatt - ok
18:21:30.0036 4656 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:21:30.0052 4656 cmdide - ok
18:21:30.0105 4656 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
18:21:30.0147 4656 CNG - ok
18:21:30.0200 4656 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:21:30.0217 4656 Compbatt - ok
18:21:30.0272 4656 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:21:30.0309 4656 CompositeBus - ok
18:21:30.0389 4656 COMSysApp - ok
18:21:30.0451 4656 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:21:30.0467 4656 crcdisk - ok
18:21:30.0525 4656 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
18:21:30.0571 4656 CryptSvc - ok
18:21:30.0633 4656 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:21:30.0695 4656 DcomLaunch - ok
18:21:30.0743 4656 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:21:30.0791 4656 defragsvc - ok
18:21:30.0863 4656 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:21:30.0906 4656 DfsC - ok
18:21:31.0002 4656 dgderdrv - ok
18:21:31.0060 4656 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
18:21:31.0107 4656 Dhcp - ok
18:21:31.0179 4656 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:21:31.0231 4656 discache - ok
18:21:31.0345 4656 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:21:31.0364 4656 Disk - ok
18:21:31.0394 4656 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
18:21:31.0465 4656 Dnscache - ok
18:21:31.0541 4656 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
18:21:31.0589 4656 dot3svc - ok
18:21:31.0648 4656 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
18:21:31.0710 4656 DPS - ok
18:21:31.0820 4656 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:21:31.0847 4656 drmkaud - ok
18:21:31.0925 4656 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:21:31.0968 4656 DXGKrnl - ok
18:21:32.0011 4656 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:21:32.0063 4656 EapHost - ok
18:21:32.0237 4656 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:21:32.0362 4656 ebdrv - ok
18:21:32.0435 4656 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
18:21:32.0482 4656 EFS - ok
18:21:32.0551 4656 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:21:32.0590 4656 elxstor - ok
18:21:32.0661 4656 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:21:32.0692 4656 ErrDev - ok
18:21:32.0755 4656 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:21:32.0803 4656 EventSystem - ok
18:21:32.0902 4656 ewusbnet - ok
18:21:32.0960 4656 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:21:33.0008 4656 exfat - ok
18:21:33.0086 4656 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:21:33.0135 4656 fastfat - ok
18:21:33.0231 4656 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
18:21:33.0280 4656 Fax - ok
18:21:33.0359 4656 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:21:33.0387 4656 fdc - ok
18:21:33.0433 4656 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:21:33.0481 4656 fdPHost - ok
18:21:33.0539 4656 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:21:33.0583 4656 FDResPub - ok
18:21:33.0688 4656 FETND6V (403bedad0226653ba8d05aefc3f04a0c) C:\Windows\system32\DRIVERS\fetnd6v.sys
18:21:33.0715 4656 FETND6V - ok
18:21:33.0761 4656 FETNDIS (f5cb6cb6d12f495516be27cffccde4bf) C:\Windows\system32\DRIVERS\fetnd6.sys
18:21:33.0798 4656 FETNDIS - ok
18:21:33.0891 4656 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:21:33.0909 4656 FileInfo - ok
18:21:33.0945 4656 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:21:33.0991 4656 Filetrace - ok
18:21:34.0066 4656 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:21:34.0097 4656 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0097 4656 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
18:21:34.0190 4656 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:21:34.0208 4656 flpydisk - ok
18:21:34.0242 4656 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:21:34.0261 4656 FltMgr - ok
18:21:34.0335 4656 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
18:21:34.0410 4656 FontCache - ok
18:21:34.0455 4656 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:21:34.0469 4656 FontCache3.0.0.0 - ok
18:21:34.0542 4656 Freemake Improver (37c2ff67a2565286f1c1c1072be74678) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:21:34.0565 4656 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0565 4656 Freemake Improver - detected UnsignedFile.Multi.Generic (1)
18:21:34.0672 4656 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:21:34.0691 4656 FsDepends - ok
18:21:34.0769 4656 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS
18:21:34.0788 4656 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0788 4656 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
18:21:34.0837 4656 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
18:21:34.0854 4656 Fs_Rec - ok
18:21:34.0923 4656 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:21:34.0948 4656 fvevol - ok
18:21:35.0013 4656 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:21:35.0032 4656 gagp30kx - ok
18:21:35.0085 4656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:21:35.0097 4656 GEARAspiWDM - ok
18:21:35.0154 4656 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
18:21:35.0218 4656 gpsvc - ok
18:21:35.0315 4656 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:21:35.0357 4656 hcw85cir - ok
18:21:35.0455 4656 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:21:35.0502 4656 HdAudAddService - ok
18:21:35.0576 4656 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:21:35.0608 4656 HDAudBus - ok
18:21:35.0640 4656 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:21:35.0673 4656 HidBatt - ok
18:21:35.0756 4656 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:21:35.0791 4656 HidBth - ok
18:21:35.0832 4656 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:21:35.0853 4656 HidIr - ok
18:21:35.0894 4656 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
18:21:35.0944 4656 hidserv - ok
18:21:36.0064 4656 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
18:21:36.0082 4656 HidUsb - ok
18:21:36.0132 4656 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
18:21:36.0181 4656 hkmsvc - ok
18:21:36.0243 4656 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
18:21:36.0289 4656 HomeGroupListener - ok
18:21:36.0336 4656 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
18:21:36.0373 4656 HomeGroupProvider - ok
18:21:36.0443 4656 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:21:36.0461 4656 HpSAMD - ok
18:21:36.0527 4656 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:21:36.0573 4656 HTTP - ok
18:21:36.0617 4656 hwdatacard - ok
18:21:36.0670 4656 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:21:36.0690 4656 hwpolicy - ok
18:21:36.0733 4656 hwusbdev - ok
18:21:36.0797 4656 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:21:36.0831 4656 i8042prt - ok
18:21:36.0904 4656 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:21:36.0929 4656 iaStorV - ok
18:21:37.0008 4656 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:21:37.0029 4656 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:21:37.0030 4656 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:21:37.0138 4656 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:21:37.0187 4656 idsvc - ok
18:21:37.0256 4656 IGDCTRL (e28602c9e17b0ddce9f5deb3b3e2a635) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
18:21:37.0270 4656 IGDCTRL - ok
18:21:37.0375 4656 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:21:37.0394 4656 iirsp - ok
18:21:37.0453 4656 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
18:21:37.0517 4656 IKEEXT - ok
18:21:37.0663 4656 IntcAzAudAddService (4a705bf2a6f7972f2f2ad8a0d8079f95) C:\Windows\system32\drivers\RTKVHDA.sys
18:21:37.0741 4656 IntcAzAudAddService - ok
18:21:37.0846 4656 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:21:37.0863 4656 intelide - ok
18:21:37.0901 4656 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:21:37.0935 4656 intelppm - ok
18:21:38.0004 4656 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:21:38.0043 4656 IPBusEnum - ok
18:21:38.0116 4656 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:21:38.0168 4656 IpFilterDriver - ok
18:21:38.0246 4656 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
18:21:38.0313 4656 iphlpsvc - ok
18:21:38.0375 4656 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:21:38.0408 4656 IPMIDRV - ok
18:21:38.0452 4656 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:21:38.0505 4656 IPNAT - ok
18:21:38.0606 4656 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
18:21:38.0635 4656 iPod Service - ok
18:21:38.0735 4656 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:21:38.0756 4656 IRENUM - ok
18:21:38.0794 4656 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:21:38.0812 4656 isapnp - ok
18:21:38.0843 4656 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:21:38.0866 4656 iScsiPrt - ok
18:21:38.0912 4656 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:21:38.0929 4656 kbdclass - ok
18:21:38.0969 4656 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
18:21:38.0999 4656 kbdhid - ok
18:21:39.0033 4656 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:39.0050 4656 KeyIso - ok
18:21:39.0091 4656 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
18:21:39.0109 4656 KSecDD - ok
18:21:39.0147 4656 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
18:21:39.0167 4656 KSecPkg - ok
18:21:39.0229 4656 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:21:39.0287 4656 KtmRm - ok
18:21:39.0379 4656 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
18:21:39.0432 4656 LanmanServer - ok
18:21:39.0486 4656 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
18:21:39.0524 4656 LanmanWorkstation - ok
18:21:39.0611 4656 LightScribeService (ccad2aae36e24346488b0f54a049de78) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:21:39.0624 4656 LightScribeService - ok
18:21:39.0716 4656 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
18:21:39.0730 4656 lirsgt - ok
18:21:39.0783 4656 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:21:39.0829 4656 lltdio - ok
18:21:39.0895 4656 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:21:39.0937 4656 lltdsvc - ok
18:21:39.0960 4656 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:21:40.0012 4656 lmhosts - ok
18:21:40.0074 4656 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:21:40.0093 4656 LSI_FC - ok
18:21:40.0130 4656 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:21:40.0150 4656 LSI_SAS - ok
18:21:40.0194 4656 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:21:40.0212 4656 LSI_SAS2 - ok
18:21:40.0247 4656 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:21:40.0267 4656 LSI_SCSI - ok
18:21:40.0308 4656 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:21:40.0345 4656 luafv - ok
18:21:40.0396 4656 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:21:40.0414 4656 megasas - ok
18:21:40.0445 4656 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:21:40.0468 4656 MegaSR - ok
18:21:40.0504 4656 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:21:40.0574 4656 MMCSS - ok
18:21:40.0667 4656 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:21:40.0720 4656 Modem - ok
18:21:40.0802 4656 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:21:40.0834 4656 monitor - ok
18:21:40.0888 4656 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:21:40.0907 4656 mouclass - ok
18:21:40.0961 4656 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:21:40.0997 4656 mouhid - ok
18:21:41.0071 4656 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:21:41.0088 4656 mountmgr - ok
18:21:41.0145 4656 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:21:41.0165 4656 mpio - ok
18:21:41.0205 4656 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:21:41.0249 4656 mpsdrv - ok
18:21:41.0330 4656 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
18:21:41.0395 4656 MpsSvc - ok
18:21:41.0450 4656 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:21:41.0475 4656 MRxDAV - ok
18:21:41.0556 4656 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:21:41.0591 4656 mrxsmb - ok
18:21:41.0628 4656 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:21:41.0664 4656 mrxsmb10 - ok
18:21:41.0720 4656 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:21:41.0754 4656 mrxsmb20 - ok
18:21:41.0806 4656 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:21:41.0824 4656 msahci - ok
18:21:41.0858 4656 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:21:41.0877 4656 msdsm - ok
18:21:41.0910 4656 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:21:41.0944 4656 MSDTC - ok
18:21:42.0039 4656 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:21:42.0075 4656 Msfs - ok
18:21:42.0097 4656 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:21:42.0143 4656 mshidkmdf - ok
18:21:42.0197 4656 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:21:42.0213 4656 msisadrv - ok
18:21:42.0272 4656 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:21:42.0319 4656 MSiSCSI - ok
18:21:42.0360 4656 msiserver - ok
18:21:42.0453 4656 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:21:42.0505 4656 MSKSSRV - ok
18:21:42.0608 4656 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:21:42.0652 4656 MSPCLOCK - ok
18:21:42.0748 4656 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:21:42.0799 4656 MSPQM - ok
18:21:42.0871 4656 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:21:42.0891 4656 MsRPC - ok
18:21:42.0953 4656 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:21:42.0970 4656 mssmbios - ok
18:21:43.0054 4656 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:21:43.0090 4656 MSTEE - ok
18:21:43.0155 4656 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:21:43.0181 4656 MTConfig - ok
18:21:43.0249 4656 MTSBDA (f87e160bed37ad7e2e5394cf4bce7839) C:\Windows\system32\Drivers\MtsBda.sys
18:21:43.0267 4656 MTSBDA - ok
18:21:43.0311 4656 MtsHID (dae8572b995a67e90633a28d7b204a4f) C:\Windows\system32\drivers\MtsHID.sys
18:21:43.0324 4656 MtsHID - ok
18:21:43.0370 4656 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:21:43.0387 4656 Mup - ok
18:21:43.0430 4656 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
18:21:43.0496 4656 napagent - ok
18:21:43.0600 4656 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:21:43.0627 4656 NativeWifiP - ok
18:21:43.0743 4656 NBService (5836b9e91863a00ec1b8e785efd86ecb) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:21:43.0790 4656 NBService - ok
18:21:43.0889 4656 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:21:43.0927 4656 NDIS - ok
18:21:43.0972 4656 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:21:44.0021 4656 NdisCap - ok
18:21:44.0115 4656 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:21:44.0161 4656 NdisTapi - ok
18:21:44.0275 4656 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:21:44.0319 4656 Ndisuio - ok
18:21:44.0392 4656 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:21:44.0437 4656 NdisWan - ok
18:21:44.0491 4656 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:21:44.0527 4656 NDProxy - ok
18:21:44.0590 4656 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:21:44.0643 4656 NetBIOS - ok
18:21:44.0740 4656 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:21:44.0791 4656 NetBT - ok
18:21:44.0863 4656 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:44.0881 4656 Netlogon - ok
18:21:44.0939 4656 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:21:45.0000 4656 Netman - ok
18:21:45.0109 4656 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0132 4656 NetMsmqActivator - ok
18:21:45.0175 4656 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0193 4656 NetPipeActivator - ok
18:21:45.0274 4656 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:21:45.0341 4656 netprofm - ok
18:21:45.0443 4656 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0458 4656 NetTcpActivator - ok
18:21:45.0464 4656 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0480 4656 NetTcpPortSharing - ok
18:21:45.0556 4656 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:21:45.0576 4656 nfrd960 - ok
18:21:45.0617 4656 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
18:21:45.0677 4656 NlaSvc - ok
18:21:45.0771 4656 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:21:45.0791 4656 NMIndexingService - ok
18:21:45.0827 4656 NovacomD (085440078813949c51c33589557bfd29) C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
18:21:45.0845 4656 NovacomD ( UnsignedFile.Multi.Generic ) - warning
18:21:45.0845 4656 NovacomD - detected UnsignedFile.Multi.Generic (1)
18:21:45.0965 4656 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
18:21:45.0978 4656 NPF - ok
18:21:46.0041 4656 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:21:46.0087 4656 Npfs - ok
18:21:46.0146 4656 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:21:46.0203 4656 nsi - ok
18:21:46.0251 4656 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:21:46.0301 4656 nsiproxy - ok
18:21:46.0385 4656 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:21:46.0453 4656 Ntfs - ok
18:21:46.0498 4656 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:21:46.0535 4656 Null - ok
18:21:46.0829 4656 nvlddmkm (847b1755f7757f825305a1ffe6dac3e9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:21:47.0080 4656 nvlddmkm - ok
18:21:47.0189 4656 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:21:47.0209 4656 nvraid - ok
18:21:47.0232 4656 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:21:47.0252 4656 nvstor - ok
18:21:47.0332 4656 nvsvc (7c732aff202dcd06c3d262966d71604c) C:\Windows\system32\nvvsvc.exe
18:21:47.0363 4656 nvsvc - ok
18:21:47.0508 4656 nvUpdatusService (262d2fbf211a88dcb84249df0f6ef6e7) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:21:47.0591 4656 nvUpdatusService - ok
18:21:47.0681 4656 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:21:47.0701 4656 nv_agp - ok
18:21:47.0783 4656 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:21:47.0809 4656 odserv - ok
18:21:47.0908 4656 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:21:47.0941 4656 ohci1394 - ok
18:21:48.0015 4656 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:21:48.0033 4656 ose - ok
18:21:48.0103 4656 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:21:48.0131 4656 p2pimsvc - ok
18:21:48.0154 4656 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:21:48.0180 4656 p2psvc - ok
18:21:48.0268 4656 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:21:48.0297 4656 Parport - ok
18:21:48.0359 4656 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:21:48.0376 4656 partmgr - ok
18:21:48.0422 4656 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:21:48.0456 4656 Parvdm - ok
18:21:48.0513 4656 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:21:48.0539 4656 PcaSvc - ok
18:21:48.0586 4656 pccsmcfd - ok
18:21:48.0624 4656 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:21:48.0644 4656 pci - ok
18:21:48.0703 4656 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:21:48.0719 4656 pciide - ok
18:21:48.0783 4656 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:21:48.0804 4656 pcmcia - ok
18:21:48.0851 4656 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:21:48.0869 4656 pcw - ok
18:21:48.0902 4656 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:21:48.0969 4656 PEAUTH - ok
18:21:49.0077 4656 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys
18:21:49.0092 4656 pfc ( UnsignedFile.Multi.Generic ) - warning
18:21:49.0092 4656 pfc - detected UnsignedFile.Multi.Generic (1)
18:21:49.0172 4656 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
18:21:49.0268 4656 pla - ok
18:21:49.0358 4656 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
18:21:49.0391 4656 PlugPlay - ok
18:21:49.0431 4656 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:21:49.0461 4656 PNRPAutoReg - ok
18:21:49.0510 4656 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:21:49.0535 4656 PNRPsvc - ok
18:21:49.0605 4656 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
18:21:49.0655 4656 PolicyAgent - ok
18:21:49.0720 4656 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
18:21:49.0774 4656 Power - ok
18:21:49.0848 4656 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:21:49.0897 4656 PptpMiniport - ok
18:21:49.0971 4656 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:21:50.0004 4656 Processor - ok
18:21:50.0057 4656 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
18:21:50.0096 4656 ProfSvc - ok
18:21:50.0161 4656 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:50.0179 4656 ProtectedStorage - ok
18:21:50.0239 4656 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:21:50.0278 4656 Psched - ok
18:21:50.0341 4656 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
18:21:50.0360 4656 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
18:21:50.0360 4656 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
18:21:50.0448 4656 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:21:50.0515 4656 ql2300 - ok
18:21:50.0590 4656 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:21:50.0610 4656 ql40xx - ok
18:21:50.0658 4656 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:21:50.0694 4656 QWAVE - ok
18:21:50.0755 4656 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:21:50.0778 4656 QWAVEdrv - ok
18:21:50.0817 4656 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:21:50.0883 4656 RasAcd - ok
18:21:50.0969 4656 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:21:51.0017 4656 RasAgileVpn - ok
18:21:51.0078 4656 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:21:51.0117 4656 RasAuto - ok
18:21:51.0215 4656 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:21:51.0261 4656 Rasl2tp - ok
18:21:51.0346 4656 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
18:21:51.0398 4656 RasMan - ok
18:21:51.0474 4656 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:21:51.0527 4656 RasPppoe - ok
18:21:51.0625 4656 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:21:51.0670 4656 RasSstp - ok
18:21:51.0764 4656 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:21:51.0811 4656 rdbss - ok
18:21:51.0875 4656 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:21:51.0905 4656 rdpbus - ok
18:21:51.0957 4656 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:21:52.0000 4656 RDPCDD - ok
18:21:52.0105 4656 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:21:52.0151 4656 RDPENCDD - ok
18:21:52.0221 4656 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:21:52.0264 4656 RDPREFMP - ok
18:21:52.0339 4656 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
18:21:52.0370 4656 RDPWD - ok
18:21:52.0438 4656 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:21:52.0459 4656 rdyboost - ok
18:21:52.0496 4656 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:21:52.0532 4656 RemoteAccess - ok
18:21:52.0596 4656 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:21:52.0636 4656 RemoteRegistry - ok
18:21:52.0754 4656 RichVideo (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:21:52.0773 4656 RichVideo - ok
18:21:52.0867 4656 RoxMediaDB9 (9c19e4419a6acf8fff53f1dd1c305e9e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:21:52.0916 4656 RoxMediaDB9 - ok
18:21:52.0950 4656 RoxWatch9 (9d95da35ec22511a1ceb38a8c3a0bc7e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
18:21:52.0965 4656 RoxWatch9 - ok
18:21:53.0020 4656 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
18:21:53.0036 4656 rpcapd - ok
18:21:53.0106 4656 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:21:53.0153 4656 RpcEptMapper - ok
18:21:53.0213 4656 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:21:53.0247 4656 RpcLocator - ok
18:21:53.0289 4656 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:21:53.0332 4656 RpcSs - ok
18:21:53.0426 4656 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:21:53.0472 4656 rspndr - ok
18:21:53.0569 4656 RTL8187 (99c27fceb21347daf3ee9e8c205314d6) C:\Windows\system32\DRIVERS\wg111v2.sys
18:21:53.0611 4656 RTL8187 - ok
18:21:53.0659 4656 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:53.0679 4656 SamSs - ok
18:21:53.0745 4656 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:21:53.0765 4656 sbp2port - ok
18:21:53.0801 4656 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:21:53.0855 4656 SCardSvr - ok
18:21:53.0943 4656 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:21:53.0992 4656 scfilter - ok
18:21:54.0045 4656 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
18:21:54.0118 4656 Schedule - ok
18:21:54.0191 4656 SCMNdisP (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys
18:21:54.0205 4656 SCMNdisP - ok
18:21:54.0255 4656 SCM_Service (42660bbed859ac22dfd12ae598a8ffaa) C:\Windows\System32\WinService.exe
18:21:54.0277 4656 SCM_Service ( UnsignedFile.Multi.Generic ) - warning
18:21:54.0277 4656 SCM_Service - detected UnsignedFile.Multi.Generic (1)
18:21:54.0334 4656 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:21:54.0370 4656 SCPolicySvc - ok
18:21:54.0416 4656 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
18:21:54.0458 4656 SDRSVC - ok
18:21:54.0511 4656 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:21:54.0547 4656 secdrv - ok
18:21:54.0608 4656 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:21:54.0661 4656 seclogon - ok
18:21:54.0707 4656 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
18:21:54.0760 4656 SENS - ok
18:21:54.0825 4656 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:21:54.0867 4656 SensrSvc - ok
18:21:54.0925 4656 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:21:54.0952 4656 Serenum - ok
18:21:55.0012 4656 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:21:55.0040 4656 Serial - ok
18:21:55.0093 4656 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:21:55.0126 4656 sermouse - ok
18:21:55.0191 4656 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
18:21:55.0228 4656 SessionEnv - ok
18:21:55.0309 4656 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:21:55.0336 4656 sffdisk - ok
18:21:55.0357 4656 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:21:55.0389 4656 sffp_mmc - ok
18:21:55.0463 4656 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:21:55.0486 4656 sffp_sd - ok
18:21:55.0536 4656 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:21:55.0562 4656 sfloppy - ok
18:21:55.0629 4656 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:21:55.0686 4656 SharedAccess - ok
18:21:55.0766 4656 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
18:21:55.0819 4656 ShellHWDetection - ok
18:21:55.0879 4656 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:21:55.0898 4656 sisagp - ok
18:21:55.0974 4656 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:21:55.0992 4656 SiSRaid2 - ok
18:21:56.0015 4656 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:21:56.0035 4656 SiSRaid4 - ok
18:21:56.0072 4656 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:21:56.0110 4656 Smb - ok
18:21:56.0195 4656 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:21:56.0215 4656 SNMPTRAP - ok
18:21:56.0305 4656 SplashtopRemoteService (ccf611a259882d8cf4dbabae2341ee31) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
18:21:56.0331 4656 SplashtopRemoteService - ok
18:21:56.0421 4656 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:21:56.0439 4656 spldr - ok
18:21:56.0496 4656 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
18:21:56.0563 4656 Spooler - ok
18:21:56.0711 4656 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
18:21:56.0838 4656 sppsvc - ok
18:21:56.0901 4656 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
18:21:56.0952 4656 sppuinotify - ok
18:21:57.0012 4656 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:21:57.0057 4656 srv - ok
18:21:57.0109 4656 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:21:57.0139 4656 srv2 - ok
18:21:57.0218 4656 SrvCDEject (9e0e4c777bf358b7863d22a8ca56b189) C:\Program Files\Packard Bell\SrvCDEject.exe
18:21:57.0245 4656 SrvCDEject ( UnsignedFile.Multi.Generic ) - warning
18:21:57.0245 4656 SrvCDEject - detected UnsignedFile.Multi.Generic (1)
18:21:57.0339 4656 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:21:57.0358 4656 srvnet - ok
18:21:57.0395 4656 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:21:57.0435 4656 SSDPSRV - ok
18:21:57.0514 4656 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:21:57.0526 4656 ssmdrv - ok
18:21:57.0558 4656 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:21:57.0597 4656 SstpSvc - ok
18:21:57.0686 4656 SSUService (1cfa4a1f3c7bb4c8f299e00428eb8677) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
18:21:57.0707 4656 SSUService - ok
18:21:57.0773 4656 Steam Client Service - ok
18:21:57.0864 4656 Stereo Service (a2abc52cd8a5b60262b220a17a92eb31) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:21:57.0883 4656 Stereo Service - ok
18:21:57.0980 4656 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:21:57.0997 4656 stexstor - ok
18:21:58.0041 4656 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
18:21:58.0092 4656 StiSvc - ok
18:21:58.0164 4656 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:21:58.0184 4656 stllssvr ( UnsignedFile.Multi.Generic ) - warning
18:21:58.0184 4656 stllssvr - detected UnsignedFile.Multi.Generic (1)
18:21:58.0287 4656 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:21:58.0303 4656 swenum - ok
18:21:58.0341 4656 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:21:58.0396 4656 swprv - ok
18:21:58.0478 4656 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
18:21:58.0541 4656 SysMain - ok
18:21:58.0586 4656 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
18:21:58.0613 4656 TabletInputService - ok
18:21:58.0666 4656 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
18:21:58.0731 4656 TapiSrv - ok
18:21:58.0791 4656 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:21:58.0845 4656 TBS - ok
18:21:58.0977 4656 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
18:21:59.0043 4656 Tcpip - ok
18:21:59.0161 4656 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
18:21:59.0205 4656 TCPIP6 - ok
18:21:59.0300 4656 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:21:59.0351 4656 tcpipreg - ok
18:21:59.0445 4656 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:21:59.0471 4656 TDPIPE - ok
18:21:59.0515 4656 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
18:21:59.0549 4656 TDTCP - ok
18:21:59.0629 4656 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:21:59.0676 4656 tdx - ok
18:21:59.0819 4656 TeamViewer5 (2a64c802f4c8aa00ac8472c771688e00) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
18:21:59.0908 4656 TeamViewer5 - ok
18:22:00.0014 4656 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:22:00.0035 4656 TermDD - ok
18:22:00.0096 4656 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
18:22:00.0142 4656 TermService - ok
18:22:00.0217 4656 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:22:00.0243 4656 Themes - ok
18:22:00.0278 4656 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:22:00.0315 4656 THREADORDER - ok
18:22:00.0381 4656 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:22:00.0436 4656 TrkWks - ok
18:22:00.0483 4656 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
18:22:00.0531 4656 TrustedInstaller - ok
18:22:00.0612 4656 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:22:00.0647 4656 tssecsrv - ok
18:22:00.0738 4656 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:22:00.0760 4656 TsUsbFlt - ok
18:22:00.0812 4656 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:22:00.0849 4656 tunnel - ok
18:22:00.0890 4656 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:22:00.0908 4656 uagp35 - ok
18:22:00.0949 4656 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:22:00.0997 4656 udfs - ok
18:22:01.0072 4656 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:22:01.0106 4656 UI0Detect - ok
18:22:01.0175 4656 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:22:01.0193 4656 uliagpkx - ok
18:22:01.0256 4656 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:22:01.0284 4656 umbus - ok
18:22:01.0339 4656 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:22:01.0368 4656 UmPass - ok
18:22:01.0425 4656 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:22:01.0479 4656 upnphost - ok
18:22:01.0541 4656 USB28xxBGA (599a5d2f536f64ff4502f9b0d61e57c6) C:\Windows\system32\DRIVERS\emBDA.sys
18:22:01.0574 4656 USB28xxBGA - ok
18:22:01.0680 4656 USB28xxOEM (6ec3f4024514ce503789e80833b452a8) C:\Windows\system32\DRIVERS\emOEM.sys
18:22:01.0708 4656 USB28xxOEM - ok
18:22:01.0758 4656 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
18:22:01.0798 4656 USBAAPL - ok
18:22:01.0886 4656 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
18:22:01.0918 4656 usbaudio - ok
18:22:01.0972 4656 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
18:22:02.0002 4656 usbccgp - ok
18:22:02.0056 4656 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:22:02.0078 4656 usbcir - ok
18:22:02.0133 4656 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:22:02.0152 4656 usbehci - ok
18:22:02.0229 4656 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:22:02.0266 4656 usbhub - ok
18:22:02.0310 4656 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
18:22:02.0328 4656 usbohci - ok
18:22:02.0374 4656 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:22:02.0395 4656 usbprint - ok
18:22:02.0439 4656 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
18:22:02.0469 4656 usbscan - ok
18:22:02.0525 4656 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:22:02.0567 4656 USBSTOR - ok
18:22:02.0645 4656 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:22:02.0663 4656 usbuhci - ok
18:22:02.0702 4656 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:22:02.0750 4656 UxSms - ok
18:22:02.0821 4656 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:22:02.0839 4656 VaultSvc - ok
18:22:02.0925 4656 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:22:02.0943 4656 vdrvroot - ok
18:22:03.0000 4656 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
18:22:03.0052 4656 vds - ok
18:22:03.0154 4656 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:22:03.0174 4656 vga - ok
18:22:03.0223 4656 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:22:03.0260 4656 VgaSave - ok
18:22:03.0363 4656 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:22:03.0384 4656 vhdmp - ok
18:22:03.0428 4656 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:22:03.0447 4656 viaagp - ok
18:22:03.0505 4656 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:22:03.0533 4656 ViaC7 - ok
18:22:03.0590 4656 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:22:03.0610 4656 viaide - ok
18:22:03.0649 4656 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:22:03.0666 4656 volmgr - ok
18:22:03.0734 4656 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:22:03.0757 4656 volmgrx - ok
18:22:03.0816 4656 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:22:03.0836 4656 volsnap - ok
18:22:03.0891 4656 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:22:03.0912 4656 vsmraid - ok
18:22:03.0984 4656 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
18:22:04.0054 4656 VSS - ok
18:22:04.0129 4656 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
18:22:04.0162 4656 vwifibus - ok
18:22:04.0225 4656 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:22:04.0268 4656 W32Time - ok
18:22:04.0351 4656 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:22:04.0381 4656 WacomPen - ok
18:22:04.0481 4656 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:22:04.0516 4656 WANARP - ok
18:22:04.0540 4656 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:22:04.0573 4656 Wanarpv6 - ok
18:22:04.0638 4656 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
18:22:04.0718 4656 wbengine - ok
18:22:04.0795 4656 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:22:04.0849 4656 WbioSrvc - ok
18:22:04.0894 4656 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
18:22:04.0945 4656 wcncsvc - ok
18:22:04.0974 4656 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:22:05.0021 4656 WcsPlugInService - ok
18:22:05.0084 4656 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:22:05.0102 4656 Wd - ok
18:22:05.0148 4656 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:22:05.0185 4656 Wdf01000 - ok
18:22:05.0256 4656 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:22:05.0299 4656 WdiServiceHost - ok
18:22:05.0315 4656 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:22:05.0339 4656 WdiSystemHost - ok
18:22:05.0416 4656 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
18:22:05.0459 4656 WebClient - ok
18:22:05.0494 4656 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:22:05.0536 4656 Wecsvc - ok
18:22:05.0585 4656 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:22:05.0636 4656 wercplsupport - ok
18:22:05.0739 4656 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:22:05.0779 4656 WerSvc - ok
18:22:05.0849 4656 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:22:05.0885 4656 WfpLwf - ok
18:22:05.0944 4656 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:22:05.0961 4656 WIMMount - ok
18:22:06.0029 4656 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:22:06.0082 4656 WinDefend - ok
18:22:06.0094 4656 WinHttpAutoProxySvc - ok
18:22:06.0203 4656 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:22:06.0250 4656 Winmgmt - ok
18:22:06.0320 4656 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
18:22:06.0407 4656 WinRM - ok
18:22:06.0530 4656 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
18:22:06.0559 4656 WinUsb - ok
18:22:06.0609 4656 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:22:06.0659 4656 Wlansvc - ok
18:22:06.0772 4656 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:22:06.0838 4656 wlidsvc - ok
18:22:06.0934 4656 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:22:06.0954 4656 WmiAcpi - ok
18:22:07.0036 4656 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:22:07.0056 4656 wmiApSrv - ok
18:22:07.0143 4656 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:22:07.0208 4656 WMPNetworkSvc - ok
18:22:07.0271 4656 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:22:07.0300 4656 WPCSvc - ok
18:22:07.0341 4656 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
18:22:07.0378 4656 WPDBusEnum - ok
18:22:07.0477 4656 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:22:07.0526 4656 ws2ifsl - ok
18:22:07.0584 4656 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
18:22:07.0623 4656 wscsvc - ok
18:22:07.0635 4656 WSearch - ok
18:22:07.0724 4656 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
18:22:07.0821 4656 wuauserv - ok
18:22:07.0871 4656 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:22:07.0909 4656 WudfPf - ok
18:22:08.0011 4656 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:22:08.0047 4656 WUDFRd - ok
18:22:08.0125 4656 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
18:22:08.0164 4656 wudfsvc - ok
18:22:08.0213 4656 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:22:08.0254 4656 WwanSvc - ok
18:22:08.0316 4656 xusb21 (c26c68bcbac1f33f890c226769759209) C:\Windows\system32\DRIVERS\xusb21.sys
18:22:08.0344 4656 xusb21 - ok
18:22:08.0379 4656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:22:08.0517 4656 \Device\Harddisk0\DR0 - ok
18:22:08.0523 4656 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
18:22:08.0627 4656 \Device\Harddisk1\DR1 - ok
18:22:08.0649 4656 Boot (0x1200) (2161ede224ba40d5a38958512178ff54) \Device\Harddisk0\DR0\Partition0
18:22:08.0650 4656 \Device\Harddisk0\DR0\Partition0 - ok
18:22:08.0655 4656 Boot (0x1200) (b9709801f07bfef5ac160c75a705b7c0) \Device\Harddisk0\DR0\Partition1
18:22:08.0657 4656 \Device\Harddisk0\DR0\Partition1 - ok
18:22:08.0665 4656 Boot (0x1200) (f55078df5ffb4d1cc2922c6214e153e6) \Device\Harddisk1\DR1\Partition0
18:22:08.0666 4656 \Device\Harddisk1\DR1\Partition0 - ok
18:22:08.0668 4656 ============================================================
18:22:08.0668 4656 Scan finished
18:22:08.0668 4656 ============================================================
18:22:08.0697 2512 Detected object count: 10
18:22:08.0697 2512 Actual detected object count: 10
18:25:15.0099 2512 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0100 2512 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0102 2512 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0102 2512 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0105 2512 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0105 2512 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0108 2512 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0108 2512 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0110 2512 NovacomD ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0111 2512 NovacomD ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0116 2512 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0116 2512 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0118 2512 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0118 2512 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0120 2512 SCM_Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0121 2512 SCM_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0123 2512 SrvCDEject ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0123 2512 SrvCDEject ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:15.0125 2512 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0125 2512 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:25:19.0692 2696 Deinitialize success
|
|
23.04.2012, 21:36
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spam-Versand über meinen Yahoo-Account Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.04.2012, 04:38
| #21 |
| | Spam-Versand über meinen Yahoo-Account Okay, Combofix lief problemlos und ohne irgendwelche Meldungen durch. Hier die Textdatei: Code:
ATTFilter ComboFix 12-04-23.03 - Matthias 24.04.2012 5:05.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3070.2303 [GMT 2:00]
ausgeführt von:: c:\users\Matthias\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\facemoods.com
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoods.crx
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoods.png
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsApp.dll
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsEng.dll
c:\program files\facemoods.com\facemoods\1.4.17.3\uninstall.exe
c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\avwfls0h.default\weave\toFetch
c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\avwfls0h.default\weave\toFetch\clients.json
c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\avwfls0h.default\weave\toFetch\tabs.json
c:\windows\system32\urttemp
c:\windows\system32\urttemp\regtlib.exe
L:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-24 bis 2012-04-24 ))))))))))))))))))))))))))))))
.
.
2016-03-23 16:11 . 2016-03-23 16:11 -------- d-----w- c:\users\Matthias\AppData\Roaming\MAGIX
2016-03-23 16:08 . 2010-03-28 05:48 -------- d-----w- c:\programdata\MAGIX
2016-03-23 16:07 . 2010-03-28 05:48 -------- d-----w- c:\program files\MAGIX
2016-03-23 16:07 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2016-03-23 16:06 . 2010-03-28 05:46 -------- d-----w- c:\program files\Common Files\MAGIX Services
2012-04-24 03:33 . 2012-04-24 03:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-04-24 03:33 . 2012-04-24 03:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-23 16:29 . 2012-04-23 16:29 -------- d-----w- c:\program files\Common Files\Skype
2012-04-23 15:42 . 2012-04-23 15:42 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23D8129C-567F-4718-A857-9F886D57752B}\offreg.dll
2012-04-22 08:24 . 2012-04-22 08:25 -------- d-----w- c:\program files\DVR-Studio HD 2
2012-04-20 15:10 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23D8129C-567F-4718-A857-9F886D57752B}\mpengine.dll
2012-04-12 20:11 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 20:11 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 20:11 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 20:11 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 20:11 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 20:11 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-09 14:24 . 2012-04-09 14:24 -------- d-----w- C:\_OTL
2012-04-08 04:52 . 2012-04-08 04:52 -------- d-----w- c:\program files\ESET
2012-04-04 17:49 . 2012-04-04 17:49 -------- d-----w- c:\users\Matthias\AppData\Roaming\Malwarebytes
2012-04-04 17:46 . 2012-04-04 17:46 -------- d-----w- c:\programdata\Malwarebytes
2012-04-04 17:46 . 2012-04-04 17:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-04 17:46 . 2011-12-10 13:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-04 11:48 . 2012-04-13 18:44 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-29 17:29 . 2012-03-29 17:29 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 18:44 . 2011-05-22 07:44 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-29 17:25 . 2010-11-18 16:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-29 19:21 . 2012-02-29 19:21 42392 ----a-w- c:\windows\system32\xfcodec.dll
2012-02-23 08:18 . 2009-11-13 08:07 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 18:04 . 2012-01-02 10:22 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-02-17 05:34 . 2012-03-13 17:24 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-13 17:24 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-13 17:24 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 10:01 . 2012-02-15 10:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 10:01 . 2012-02-15 10:01 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-02-10 05:38 . 2012-03-13 21:02 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-02-07 09:02 . 2012-02-07 09:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-02-03 03:54 . 2012-03-13 21:02 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 05:32 . 2012-03-13 17:24 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-01-25 05:32 . 2012-03-13 17:24 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-01-25 05:27 . 2012-03-13 17:24 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-20 16:38 . 2011-04-12 16:15 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 4390912]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-20 228088]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FRITZ!DSL Startcenter.lnk - c:\windows\Installer\{2457326B-C110-40C3-89B0-889CC913871A}\Icon2457326B4.exe [2009-11-12 29184]
Inhaltsmanager-Assistent für PlayStation(R).lnk - c:\program files\Sony\Content Manager Assistant\CMA.exe [2012-1-26 2520504]
NETGEAR WG111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v2\WG111v2.exe [2009-12-28 1261568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^Users^Matthias^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Partner]
c:\program files\WEB Partner\WEB Partner [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirVideoServer]
2010-09-22 01:03 4923784 ----a-w- c:\program files\AirVideoServer\AirVideoServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-27 03:09 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-03-14 20:01 71216 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-12-02 74752]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 SrvCDEject;SrvCDEject;c:\program files\Packard Bell\SrvCDEject.exe [2006-07-25 613376]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 253088]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 SCM_Service;SCM_Service;c:\windows\System32\WinService.exe [2007-07-17 180224]
R4 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [2007-01-19 21728]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 36000]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE [2007-09-04 87344]
S2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacomd\x86\novacomd.exe [2011-03-15 61440]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files\Splashtop\Splashtop Remote\Server\SRService.exe [2012-02-09 531328]
S2 SSUService;Splashtop Software Updater Service;c:\program files\Splashtop\Splashtop Software Updater\SSUService.exe [2012-03-15 370504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520]
S3 MTSBDA;TechniSat CableStar HD2;c:\windows\system32\Drivers\MtsBda.sys [2009-07-15 265744]
S3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys [2009-07-15 23568]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 288768]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 79192321
*Deregistered* - 79192321
*Deregistered* - EraserUtilRebootDrv
*Deregistered* - hotcore3
*Deregistered* - IDSVix86
*Deregistered* - SPBBCDrv
*Deregistered* - SRTSPX
*Deregistered* - SYMDNS
*Deregistered* - SymEvent
*Deregistered* - SYMFW
*Deregistered* - SYMIDS
*Deregistered* - SYMNDISV
*Deregistered* - SYMREDRV
*Deregistered* - SYMTDI
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-12-05 11:27 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 18:44]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: An vorhandenes PDF anfügen - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Free YouTube Download - c:\users\Matthias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Matthias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\avwfls0h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - LEO Eng-Deu
FF - prefs.js: browser.startup.homepage - hxxp://web.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file)
MSConfigStartUp-FVDSuite - c:\program files\FVD Suite\fvdbox.exe
MSConfigStartUp-KiesTrayAgent - c:\program files\Samsung\Kies\/\KiesTrayAgent.exe
MSConfigStartUp-Remote Control Editor - c:\program files\Common Files\TerraTec\Remote\TTTvRc.exe
AddRemove-AOL Deinstallation - c:\program files\Common Files\AOL\uninstaller.exe
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.3\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-24 05:35:20
ComboFix-quarantined-files.txt 2012-04-24 03:35
.
Vor Suchlauf: 21 Verzeichnis(se), 18.051.694.592 Bytes frei
Nach Suchlauf: 31 Verzeichnis(se), 17.872.465.920 Bytes frei
.
- - End Of File - - F10E3257F2B4036F19BE0D85AAB2B32F
|
|
24.04.2012, 12:54
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spam-Versand über meinen Yahoo-Account Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.04.2012, 11:49
| #23 |
| | Spam-Versand über meinen Yahoo-Account Hallo, hat ein bißl gedauert, hier nun aber die drei Scans: GMER: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-04-30 10:12:47
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3320820AS rev.3.AAD
Running: xdopzmku.exe; Driver: C:\Users\Matthias\AppData\Local\Temp\fxddqkow.sys
---- System - GMER 1.0.15 ----
SSDT 90DD0BA6 ZwCreateSection
SSDT 90DD0BB0 ZwRequestWaitReplyPort
SSDT 90DD0BAB ZwSetContextThread
SSDT 90DD0BB5 ZwSetSecurityObject
SSDT 90DD0BBA ZwSystemDebugControl
SSDT 90DD0B47 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKey + 13C1 82E48359 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E81D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82E88ECC 4 Bytes [A6, 0B, DD, 90] {CMPSB ; OR EBX, EBP; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82E89228 4 Bytes [B0, 0B, DD, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82E8926C 4 Bytes [AB, 0B, DD, 90] {STOSD ; OR EBX, EBP; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82E892E8 4 Bytes [B5, 0B, DD, 90]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82E8933C 4 Bytes [BA, 0B, DD, 90]
.text ...
.vmp2 C:\Windows\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0x9D9E469D]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9F800300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9F843300, 0x1BEE, 0xE8000020]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73E02437] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73DE5600] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73DE56BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73E024B2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73DF8514] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73DF4CC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73DF506F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73DF5144] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73DF6671] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73DF826B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73DF87BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73DF901B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73DFE1BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73DF4BFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004b halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume9 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ffwp\OpenWithProgids@Lucom GmbH.FormsForWeb\xae Filler 3.1
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 12:44:56 on 30.04.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Mozilla Corporation Firefox 11.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "SAT-1 30-04-2012 20-07-00 Der letzte Bulle.job" - ? - C:\Program Files\DVBViewer\Scheduler.exe "SAT-1 30-04-2012 20-09-00 Der letzte Bulle.job" - ? - C:\Program Files\DVBViewer\Scheduler.exe "ZDF (deu) 01-05-2012 01-43-00 Lewis.job" - ? - C:\Program Files\DVBViewer\Scheduler.exe "ZDF (deu) 01-05-2012 01-45-00 Lewis.job" - ? - C:\Program Files\DVBViewer\Scheduler.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "CplMCDec.cpl" - "MainConcept AG" - C:\Windows\system32\CplMCDec.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "ISUSPM.cpl" - "InstallShield Software Corporation" - C:\Windows\system32\ISUSPM.cpl "nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl "RTSndMgr.cpl" - "Realtek Semiconductor Corp." - C:\Windows\system32\RTSndMgr.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Adobe Version Cue CS3" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.cpl "CplMCDec" - "MainConcept AG" - C:\Windows\System32\CplMCDec.cpl "CplMCDec_x86" - ? - C:\Windows\SysWOW64\CplMCDec.cpl (File not found) "Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "acedrv11" (acedrv11) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv11.sys "aswMBR" (aswMBR) - ? - C:\Users\Matthias\AppData\Local\Temp\aswMBR.sys (Hidden registry entry, rootkit activity | File not found) "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\Matthias\AppData\Local\Temp\catchme.sys (File not found) "dgderdrv" (dgderdrv) - ? - C:\Windows\System32\drivers\dgderdrv.sys (File not found) "FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS (File found, but it contains no detailed information) "fxddqkow" (fxddqkow) - ? - C:\Users\Matthias\AppData\Local\Temp\fxddqkow.sys (Hidden registry entry, rootkit activity | File not found) "Huawei DataCard USB Modem and USB Serial" (hwdatacard) - ? - C:\Windows\System32\DRIVERS\ewusbmdm.sys (File not found) "Huawei DataCard USB PNP Device" (hwusbdev) - ? - C:\Windows\System32\DRIVERS\ewusbdev.sys (File not found) "HUAWEI USB-NDIS miniport" (ewusbnet) - ? - C:\Windows\System32\DRIVERS\ewusbnet.sys (File not found) "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "NetGroup Packet Filter Driver" (NPF) - "CACE Technologies, Inc." - C:\Windows\System32\drivers\npf.sys "Padus ASPI Shell" (pfc) - "Padus, Inc." - C:\Windows\System32\drivers\pfc.sys "PCCS Mode Change Filter Driver" (pccsmcfd) - ? - C:\Windows\System32\DRIVERS\pccsmcfd.sys (File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - "Realtek Semiconductor Corp." - C:\Windows\System32\drivers\RTKVHDA.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "TerraTec H5 Capture service" (USB28xxBGA) - "eMPIA Technology, Inc." - C:\Windows\System32\DRIVERS\emBDA.sys "TerraTec H5 OEM service" (USB28xxOEM) - "eMPIA Technology, Inc." - C:\Windows\System32\DRIVERS\emOEM.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Program Files\DVR-Studio HD 2\Filters\mmfinfo.dll (File found, but it contains no detailed information) {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll {89C76D3A-6B6A-4CC5-A237-42D617C12896} "DVBViewer Recordings Property Handler" - "CM & V" - C:\PROGRA~1\COMMON~1\DVBVIE~1\DVBVPR~1.DLL {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Program Files\DVR-Studio HD 2\Filters\mmfinfo.dll (File found, but it contains no detailed information) {5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Program Files\DVR-Studio HD 2\Filters\mmfinfo.dll (File found, but it contains no detailed information) {327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Program Files\DVR-Studio HD 2\Filters\mmfinfo.dll (File found, but it contains no detailed information) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {7020EDF4-B454-4814-9AA4-1D604D3F1417} "TraXExCM" - ? - C:\PROGRA~1\TraXEx\INTEGR~1\TraXExCM.dll (File not found) {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll <binary data> "Grab Pro" - ? - C:\Program Files\Orbitdownloader\GrabPro.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll "ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll <binary data> "Grab Pro" - ? - C:\Program Files\Orbitdownloader\GrabPro.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll {000123B4-9B42-4900-B3F7-F4B073EFC214} "Octh Class" - "Orbitdownloader.com" - C:\Program Files\Orbitdownloader\orbitcth.dll {2B171655-A69C-5c18-B693-6CB5DC269D44} "Open FVD Suite Toolbar" - "www.flashvideodownloader.org/fvd-suite/" - C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "FRITZ!DSL Startcenter.lnk" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\StCenter.exe (Shortcut exists | File exists) "Inhaltsmanager-Assistent für PlayStation(R).lnk" - "Sony Computer Entertainment Inc." - C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Shortcut exists | File exists) "NETGEAR WG111v2 Smart Wizard.lnk" - ? - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "MobileDocuments" - "Apple Inc." - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Acrobat Assistant 8.0" - "Adobe Systems Inc." - "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "LanguageShortcut" - ? - "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" "NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "RoxWatchTray" - "Sonic Solutions" - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" "RtHDVCpl" - "Realtek Semiconductor" - RtHDVCpl.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Adobe PDF Port" - "Adobe Systems Incorporated." - C:\Windows\system32\AdobePDF.dll "KM Language Monitor" - "KYOCERA MITA Corporation" - C:\Windows\system32\KMPJLMN.DLL "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Adobe Version Cue CS3 {de_DE} " (Adobe Version Cue CS3) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe "AOL Connectivity Service" (AOL ACS) - "AOL LLC" - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe "Automatisches LiveUpdate - Scheduler" (Automatisches LiveUpdate - Scheduler) - ? - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (File not found) "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "AVM IGD CTRL Service" (IGDCTRL) - "AVM Berlin" - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "Freemake Improver" (Freemake Improver) - "Freemake" - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Palm Novacom" (NovacomD) - "Palm" - C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe "Remote Packet Capture Protocol v.0 (experimental)" (rpcapd) - "CACE Technologies, Inc." - C:\Program Files\WinPcap\rpcapd.exe "Roxio Hard Drive Watcher 9" (RoxWatch9) - "Sonic Solutions" - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe "RoxMediaDB9" (RoxMediaDB9) - "Sonic Solutions" - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe "Splashtop Software Updater Service" (SSUService) - "Splashtop Inc." - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe "Splashtop® Remote Service" (SplashtopRemoteService) - "Splashtop Inc." - C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe "SrvCDEject" (SrvCDEject) - ? - C:\Program Files\Packard Bell\SrvCDEject.exe (File found, but it contains no detailed information) "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe "stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll "WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-30 10:14:10
-----------------------------
10:14:10.482 OS Version: Windows 6.1.7601 Service Pack 1
10:14:10.482 Number of processors: 2 586 0xF02
10:14:10.483 ComputerName: MATTHIAS-PC UserName: Matthias
10:14:11.039 Initialize success
10:15:14.772 AVAST engine defs: 12042901
10:16:08.327 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:16:08.327 Disk 0 Vendor: ST3320820AS 3.AAD Size: 305245MB BusType: 3
10:16:08.342 Disk 0 MBR read successfully
10:16:08.342 Disk 0 MBR scan
10:16:08.358 Disk 0 Windows 7 default MBR code
10:16:08.452 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 8192 MB offset 2048
10:16:08.467 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 73661 MB offset 16779264
10:16:08.483 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 149388 MB offset 167638275
10:16:08.483 Disk 0 Partition - 00 0F Extended LBA 74000 MB offset 473587712
10:16:08.514 Disk 0 Partition - 00 05 Extended 73999 MB offset 473589759
10:16:08.530 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 73999 MB offset 473589760
10:16:08.545 Disk 0 scanning sectors +625139712
10:16:08.827 Disk 0 scanning C:\Windows\system32\drivers
10:17:00.389 Service scanning
10:17:25.805 Modules scanning
10:18:33.080 Disk 0 trace - called modules:
10:18:33.095 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS viaide.sys PCIIDEX.SYS atapi.sys
10:18:33.095 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86580030]
10:18:33.111 3 CLASSPNP.SYS[8b5a259e] -> nt!IofCallDriver -> [0x864ae328]
10:18:33.111 5 ACPI.sys[83abc3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x857bd908]
10:18:33.470 AVAST engine scan C:\Windows
10:18:44.347 AVAST engine scan C:\Windows\system32
10:22:11.439 AVAST engine scan C:\Windows\system32\drivers
10:22:34.489 AVAST engine scan C:\Users\Matthias
10:50:42.749 AVAST engine scan C:\ProgramData
10:56:34.186 Scan finished successfully
12:18:00.308 Disk 0 MBR has been saved successfully to "C:\Users\Matthias\Desktop\MBR.dat"
12:18:00.308 The log file has been saved successfully to "C:\Users\Matthias\Desktop\aswMBR.txt"
Broid |
|
30.04.2012, 12:51
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spam-Versand über meinen Yahoo-Account Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2012, 10:38
| #25 |
| | Spam-Versand über meinen Yahoo-Account So, geschafft. Endlich die Zeit gefunden, beide Scans durchzuführen. Hier die Ergebnisse: Malewarebytes Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.05.03.06 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Matthias :: MATTHIAS-PC [Administrator] 03.05.2012 19:13:58 mbam-log-2012-05-03 (19-13-58).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 428637 Laufzeit: 2 Stunde(n), 13 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 05/05/2012 at 11:31 AM
Application Version : 5.0.1148
Core Rules Database Version : 8560
Trace Rules Database Version: 6372
Scan type : Complete Scan
Total Scan Time : 01:48:24
Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 780
Memory threats detected : 0
Registry items scanned : 39310
Registry threats detected : 0
File items scanned : 189454
File threats detected : 199
Adware.Tracking Cookie
C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Cookies\7S1NSZKI.txt [ /mediaplex.com ]
C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Cookies\5SSQV8OZ.txt [ /apmebf.com ]
C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Cookies\G4RP6QW9.txt [ /tracking.quisma.com ]
C:\USERS\MATTHIAS\Cookies\7S1NSZKI.txt [ Cookie:matthias@mediaplex.com/ ]
C:\USERS\MATTHIAS\Cookies\5SSQV8OZ.txt [ Cookie:matthias@apmebf.com/ ]
C:\USERS\MATTHIAS\Cookies\G4RP6QW9.txt [ Cookie:matthias@tracking.quisma.com/ ]
delivery.ibanner.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\74FBR4VJ ]
s0.2mdn.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\74FBR4VJ ]
.questionmarket.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AVWFLS0H.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.richmedia.yahoo.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.discount24.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www9.discount24.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
a2.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
advertiser.contextmatters.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
server.cpmstar.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ads3.exp.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ads.gamingmedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adsrv.admediate.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adsrv.admediate.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
free-toplisten.at [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.free-toplisten.at [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adserver.mmoga.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euroclick.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.shopica.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.chitika.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ads2.tuningsuche.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
zbox.zanox.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ads.gamingmedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ads3.net2day.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ads3.net2day.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ads3.net2day.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.highfi-stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.highfi-stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adserver.xboxuser.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.discount24.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.discount24.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.performance-adserver.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.himedia.individuad.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adsystem.netcomposer-nc04.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.mynortonaccount.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.mynortonaccount.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
1xxx.cqcounter.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.3gnet.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
stats.sevenmac.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
a7.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
dfb.stats.yum.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.multimediaxis.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.multimediaxis.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
a6.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ads.gamingmedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.media.photobucket.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.medialand.ru [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.medialand.ru [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.medialand.ru [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
a3.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.kalypsomedia.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.kalypsomedia.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adserver.sevenload.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adserver.yopi.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
a7.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
a7.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
cdn5.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
cdn5.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.iacas.adbureau.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.iacas.adbureau.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
media.adrevolver.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
banner.slashcam.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
adserver.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-ImageDocFake
F:\ASGLOBE\AS120\BUECHER\PERSONEN\IMAGE789.JPG
Trojan.Agent/Gen-Bancos
C:\DVBDREAM\DEVICES\BDA_ALL.DEV
|
|
06.05.2012, 18:10
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spam-Versand über meinen Yahoo-Account Sieht ok aus, da wurden nur Cookies gefunden und zwei Fehlalarme waren bei SUPERAntiSpyware da noch Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2012, 18:24
| #27 |
| | Spam-Versand über meinen Yahoo-Account Ja, ich denke, es ist nun alles in Ordnung. Und nein, es gibt keine weiteren Probleme. Danke sehr, für die sehr ausführliche Betreung. Wahnsinn!! LG, Broid |
|
07.05.2012, 19:31
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spam-Versand über meinen Yahoo-Account Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Adobe - Andere Version des Adobe Flash Player installieren Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Spam-Versand über meinen Yahoo-Account |
| adresse, adressen, angemeldet, anleitung, antivirus, avira, checken, durchgeführt, ergebnis, file, free, interne, internet, laufen, passwort, sauber, schließe, spam-mails, spam-versand, system, sämtliche, touchpad, versand, verändert, virenscaner, wirklich, würde |
Linear-Darstellung
