| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internetbrowser (Keine Rückmeldung)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.04.2012, 18:48
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Internetbrowser (Keine Rückmeldung) Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.04.2012, 19:46
| #17 |
 | Internetbrowser (Keine Rückmeldung)Code:
ATTFilter 20:43:19.0148 2276 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
20:43:20.0053 2276 ============================================================
20:43:20.0053 2276 Current date / time: 2012/04/19 20:43:20.0053
20:43:20.0053 2276 SystemInfo:
20:43:20.0053 2276
20:43:20.0053 2276 OS Version: 6.1.7601 ServicePack: 1.0
20:43:20.0053 2276 Product type: Workstation
20:43:20.0053 2276 ComputerName: JANINE-PC
20:43:20.0053 2276 UserName: Janine
20:43:20.0053 2276 Windows directory: C:\Windows
20:43:20.0053 2276 System windows directory: C:\Windows
20:43:20.0053 2276 Running under WOW64
20:43:20.0053 2276 Processor architecture: Intel x64
20:43:20.0053 2276 Number of processors: 4
20:43:20.0053 2276 Page size: 0x1000
20:43:20.0053 2276 Boot type: Normal boot
20:43:20.0053 2276 ============================================================
20:43:21.0176 2276 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:43:21.0176 2276 \Device\Harddisk0\DR0:
20:43:21.0176 2276 MBR partitions:
20:43:21.0176 2276 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1388000
20:43:21.0176 2276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13BA800, BlocksNum 0x7530000
20:43:21.0208 2276 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x88EB000, BlocksNum 0x31A9A800
20:43:21.0223 2276 C: <-> \Device\Harddisk0\DR0\Partition2
20:43:21.0239 2276 D: <-> \Device\Harddisk0\DR0\Partition1
20:43:21.0239 2276 Initialize success
20:43:21.0239 2276 ============================================================
20:44:13.0263 1452 ============================================================
20:44:13.0263 1452 Scan started
20:44:13.0263 1452 Mode: Manual; SigCheck; TDLFS;
20:44:13.0263 1452 ============================================================
20:44:14.0246 1452 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:44:14.0324 1452 1394ohci - ok
20:44:14.0339 1452 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:44:14.0370 1452 ACPI - ok
20:44:14.0370 1452 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:44:14.0417 1452 AcpiPmi - ok
20:44:14.0495 1452 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:44:14.0526 1452 AdobeFlashPlayerUpdateSvc - ok
20:44:14.0620 1452 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:44:14.0667 1452 adp94xx - ok
20:44:14.0714 1452 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:44:14.0745 1452 adpahci - ok
20:44:14.0760 1452 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:44:14.0776 1452 adpu320 - ok
20:44:14.0807 1452 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:44:14.0870 1452 AeLookupSvc - ok
20:44:14.0932 1452 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:44:14.0979 1452 AFD - ok
20:44:15.0026 1452 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:44:15.0041 1452 agp440 - ok
20:44:15.0088 1452 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:44:15.0150 1452 ALG - ok
20:44:15.0197 1452 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:44:15.0213 1452 aliide - ok
20:44:15.0244 1452 AMD External Events Utility (d696f317bd465a602566f8e1dcce15f7) C:\Windows\system32\atiesrxx.exe
20:44:15.0275 1452 AMD External Events Utility - ok
20:44:15.0291 1452 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:44:15.0291 1452 amdide - ok
20:44:15.0322 1452 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:44:15.0353 1452 AmdK8 - ok
20:44:15.0369 1452 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:44:15.0384 1452 AmdPPM - ok
20:44:15.0431 1452 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:44:15.0462 1452 amdsata - ok
20:44:15.0494 1452 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:44:15.0540 1452 amdsbs - ok
20:44:15.0556 1452 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:44:15.0587 1452 amdxata - ok
20:44:15.0603 1452 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:44:15.0681 1452 AppID - ok
20:44:15.0712 1452 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:44:15.0774 1452 AppIDSvc - ok
20:44:15.0790 1452 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:44:15.0852 1452 Appinfo - ok
20:44:15.0915 1452 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
20:44:15.0962 1452 AppMgmt - ok
20:44:16.0008 1452 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:44:16.0055 1452 arc - ok
20:44:16.0149 1452 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:44:16.0180 1452 arcsas - ok
20:44:16.0196 1452 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:44:16.0258 1452 AsyncMac - ok
20:44:16.0274 1452 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:44:16.0274 1452 atapi - ok
20:44:16.0430 1452 atikmdag (52bd95caa9cae8977fe043e9ad6d2d0e) C:\Windows\system32\DRIVERS\atikmdag.sys
20:44:16.0632 1452 atikmdag - ok
20:44:16.0679 1452 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:44:16.0773 1452 AudioEndpointBuilder - ok
20:44:16.0773 1452 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:44:16.0820 1452 AudioSrv - ok
20:44:16.0991 1452 AVP (2718dc27571bd1e37813f5759d2dc118) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
20:44:17.0038 1452 AVP - ok
20:44:17.0132 1452 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:44:17.0178 1452 AxInstSV - ok
20:44:17.0241 1452 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:44:17.0288 1452 b06bdrv - ok
20:44:17.0334 1452 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:44:17.0366 1452 b57nd60a - ok
20:44:17.0428 1452 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
20:44:17.0444 1452 BCM42RLY - ok
20:44:17.0537 1452 BCM43XX (f4cd5f52850bf2c978de178f256ba372) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:44:17.0600 1452 BCM43XX - ok
20:44:17.0646 1452 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:44:17.0678 1452 BDESVC - ok
20:44:17.0724 1452 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:44:17.0802 1452 Beep - ok
20:44:17.0849 1452 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:44:17.0958 1452 BFE - ok
20:44:17.0990 1452 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:44:18.0083 1452 BITS - ok
20:44:18.0130 1452 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:44:18.0161 1452 blbdrive - ok
20:44:18.0208 1452 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:44:18.0239 1452 bowser - ok
20:44:18.0302 1452 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:44:18.0333 1452 BrFiltLo - ok
20:44:18.0333 1452 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:44:18.0364 1452 BrFiltUp - ok
20:44:18.0411 1452 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:44:18.0473 1452 Browser - ok
20:44:18.0504 1452 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:44:18.0551 1452 Brserid - ok
20:44:18.0567 1452 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:44:18.0582 1452 BrSerWdm - ok
20:44:18.0614 1452 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:44:18.0645 1452 BrUsbMdm - ok
20:44:18.0645 1452 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:44:18.0676 1452 BrUsbSer - ok
20:44:18.0738 1452 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:44:18.0785 1452 BthEnum - ok
20:44:18.0832 1452 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:44:18.0879 1452 BTHMODEM - ok
20:44:18.0926 1452 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:44:18.0972 1452 BthPan - ok
20:44:19.0019 1452 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
20:44:19.0082 1452 BTHPORT - ok
20:44:19.0128 1452 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:44:19.0191 1452 bthserv - ok
20:44:19.0222 1452 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
20:44:19.0269 1452 BTHUSB - ok
20:44:19.0316 1452 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:44:19.0378 1452 cdfs - ok
20:44:19.0409 1452 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:44:19.0425 1452 cdrom - ok
20:44:19.0456 1452 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:44:19.0550 1452 CertPropSvc - ok
20:44:19.0596 1452 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:44:19.0643 1452 circlass - ok
20:44:19.0674 1452 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:44:19.0706 1452 CLFS - ok
20:44:19.0768 1452 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:44:19.0799 1452 clr_optimization_v2.0.50727_32 - ok
20:44:19.0830 1452 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:44:19.0846 1452 clr_optimization_v2.0.50727_64 - ok
20:44:20.0096 1452 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:44:20.0127 1452 clr_optimization_v4.0.30319_32 - ok
20:44:20.0330 1452 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:44:20.0361 1452 clr_optimization_v4.0.30319_64 - ok
20:44:20.0439 1452 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:44:20.0470 1452 CmBatt - ok
20:44:20.0501 1452 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:44:20.0517 1452 cmdide - ok
20:44:20.0564 1452 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:44:20.0610 1452 CNG - ok
20:44:20.0657 1452 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:44:20.0673 1452 Compbatt - ok
20:44:20.0688 1452 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:44:20.0720 1452 CompositeBus - ok
20:44:20.0735 1452 COMSysApp - ok
20:44:20.0751 1452 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:44:20.0766 1452 crcdisk - ok
20:44:20.0798 1452 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:44:20.0860 1452 CryptSvc - ok
20:44:20.0891 1452 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:44:20.0938 1452 CSC - ok
20:44:20.0985 1452 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
20:44:21.0032 1452 CscService - ok
20:44:21.0110 1452 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:44:21.0156 1452 CtClsFlt - ok
20:44:21.0234 1452 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:44:21.0344 1452 DcomLaunch - ok
20:44:21.0359 1452 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:44:21.0422 1452 defragsvc - ok
20:44:21.0468 1452 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:44:21.0531 1452 DfsC - ok
20:44:21.0562 1452 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:44:21.0624 1452 Dhcp - ok
20:44:21.0640 1452 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:44:21.0687 1452 discache - ok
20:44:21.0702 1452 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:44:21.0718 1452 Disk - ok
20:44:21.0749 1452 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
20:44:21.0780 1452 dmvsc - ok
20:44:21.0812 1452 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:44:21.0858 1452 Dnscache - ok
20:44:21.0921 1452 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:44:21.0999 1452 dot3svc - ok
20:44:22.0030 1452 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:44:22.0092 1452 DPS - ok
20:44:22.0124 1452 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:44:22.0155 1452 drmkaud - ok
20:44:22.0202 1452 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:44:22.0233 1452 DXGKrnl - ok
20:44:22.0264 1452 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:44:22.0311 1452 EapHost - ok
20:44:22.0404 1452 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:44:22.0545 1452 ebdrv - ok
20:44:22.0592 1452 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:44:22.0623 1452 EFS - ok
20:44:22.0670 1452 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:44:22.0732 1452 ehRecvr - ok
20:44:22.0732 1452 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:44:22.0763 1452 ehSched - ok
20:44:22.0841 1452 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:44:22.0888 1452 elxstor - ok
20:44:22.0904 1452 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:44:22.0935 1452 ErrDev - ok
20:44:22.0982 1452 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:44:23.0044 1452 EventSystem - ok
20:44:23.0106 1452 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:44:23.0169 1452 exfat - ok
20:44:23.0184 1452 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:44:23.0231 1452 fastfat - ok
20:44:23.0294 1452 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:44:23.0356 1452 Fax - ok
20:44:23.0418 1452 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:44:23.0450 1452 fdc - ok
20:44:23.0465 1452 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:44:23.0528 1452 fdPHost - ok
20:44:23.0543 1452 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:44:23.0621 1452 FDResPub - ok
20:44:23.0652 1452 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:44:23.0668 1452 FileInfo - ok
20:44:23.0684 1452 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:44:23.0730 1452 Filetrace - ok
20:44:23.0746 1452 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:44:23.0762 1452 flpydisk - ok
20:44:23.0793 1452 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:44:23.0855 1452 FltMgr - ok
20:44:23.0902 1452 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
20:44:24.0011 1452 FontCache - ok
20:44:24.0089 1452 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:44:24.0105 1452 FontCache3.0.0.0 - ok
20:44:24.0167 1452 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:44:24.0183 1452 FsDepends - ok
20:44:24.0230 1452 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:44:24.0261 1452 Fs_Rec - ok
20:44:24.0308 1452 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:44:24.0354 1452 fvevol - ok
20:44:24.0370 1452 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:44:24.0386 1452 gagp30kx - ok
20:44:24.0448 1452 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:44:24.0542 1452 gpsvc - ok
20:44:24.0557 1452 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:44:24.0573 1452 hcw85cir - ok
20:44:24.0635 1452 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:44:24.0682 1452 HdAudAddService - ok
20:44:24.0729 1452 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:44:24.0760 1452 HDAudBus - ok
20:44:24.0791 1452 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:44:24.0822 1452 HECIx64 - ok
20:44:24.0838 1452 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:44:24.0869 1452 HidBatt - ok
20:44:24.0869 1452 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:44:24.0900 1452 HidBth - ok
20:44:24.0916 1452 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:44:24.0932 1452 HidIr - ok
20:44:24.0963 1452 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:44:25.0010 1452 hidserv - ok
20:44:25.0056 1452 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:44:25.0072 1452 HidUsb - ok
20:44:25.0103 1452 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:44:25.0166 1452 hkmsvc - ok
20:44:25.0181 1452 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:44:25.0212 1452 HomeGroupListener - ok
20:44:25.0228 1452 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:44:25.0275 1452 HomeGroupProvider - ok
20:44:25.0306 1452 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:44:25.0322 1452 HpSAMD - ok
20:44:25.0353 1452 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:44:25.0478 1452 HTTP - ok
20:44:25.0493 1452 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:44:25.0509 1452 hwpolicy - ok
20:44:25.0509 1452 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
20:44:25.0540 1452 i8042prt - ok
20:44:25.0602 1452 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:44:25.0634 1452 iaStorV - ok
20:44:25.0727 1452 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:44:25.0774 1452 idsvc - ok
20:44:25.0805 1452 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:44:25.0821 1452 iirsp - ok
20:44:25.0883 1452 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:44:25.0992 1452 IKEEXT - ok
20:44:26.0008 1452 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:44:26.0024 1452 intelide - ok
20:44:26.0039 1452 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:44:26.0070 1452 intelppm - ok
20:44:26.0102 1452 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:44:26.0164 1452 IPBusEnum - ok
20:44:26.0164 1452 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:44:26.0211 1452 IpFilterDriver - ok
20:44:26.0242 1452 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:44:26.0320 1452 iphlpsvc - ok
20:44:26.0336 1452 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:44:26.0351 1452 IPMIDRV - ok
20:44:26.0367 1452 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:44:26.0429 1452 IPNAT - ok
20:44:26.0445 1452 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:44:26.0476 1452 IRENUM - ok
20:44:26.0492 1452 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:44:26.0507 1452 isapnp - ok
20:44:26.0538 1452 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:44:26.0554 1452 iScsiPrt - ok
20:44:26.0570 1452 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:44:26.0585 1452 kbdclass - ok
20:44:26.0601 1452 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:44:26.0616 1452 kbdhid - ok
20:44:26.0663 1452 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:26.0694 1452 KeyIso - ok
20:44:26.0788 1452 KL1 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\kl1.sys
20:44:26.0819 1452 KL1 - ok
20:44:26.0835 1452 kl2 (d865dd8b0448e3f963d68c04c532858f) C:\Windows\system32\DRIVERS\kl2.sys
20:44:26.0850 1452 kl2 - ok
20:44:26.0913 1452 KLIF (c7d4f357c482dd37e2b05f34093b7b0c) C:\Windows\system32\DRIVERS\klif.sys
20:44:26.0944 1452 KLIF - ok
20:44:26.0960 1452 KLIM6 (89fb5a33d7171b6d84f5eb721d5055e1) C:\Windows\system32\DRIVERS\klim6.sys
20:44:26.0975 1452 KLIM6 - ok
20:44:26.0991 1452 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
20:44:26.0991 1452 klmouflt - ok
20:44:27.0038 1452 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:44:27.0053 1452 KSecDD - ok
20:44:27.0069 1452 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:44:27.0084 1452 KSecPkg - ok
20:44:27.0131 1452 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:44:27.0194 1452 ksthunk - ok
20:44:27.0225 1452 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:44:27.0287 1452 KtmRm - ok
20:44:27.0318 1452 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:44:27.0381 1452 LanmanServer - ok
20:44:27.0396 1452 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:44:27.0459 1452 LanmanWorkstation - ok
20:44:27.0521 1452 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:44:27.0584 1452 lltdio - ok
20:44:27.0615 1452 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:44:27.0693 1452 lltdsvc - ok
20:44:27.0708 1452 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:44:27.0755 1452 lmhosts - ok
20:44:27.0818 1452 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:44:27.0833 1452 LSI_FC - ok
20:44:27.0849 1452 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:44:27.0864 1452 LSI_SAS - ok
20:44:27.0880 1452 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:44:27.0896 1452 LSI_SAS2 - ok
20:44:27.0942 1452 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:44:27.0958 1452 LSI_SCSI - ok
20:44:27.0974 1452 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:44:28.0020 1452 luafv - ok
20:44:28.0098 1452 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
20:44:28.0130 1452 MBAMProtector - ok
20:44:28.0208 1452 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:28.0254 1452 MBAMService - ok
20:44:28.0301 1452 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:44:28.0348 1452 Mcx2Svc - ok
20:44:28.0395 1452 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:44:28.0410 1452 megasas - ok
20:44:28.0426 1452 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:44:28.0457 1452 MegaSR - ok
20:44:28.0488 1452 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:44:28.0535 1452 MMCSS - ok
20:44:28.0566 1452 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:44:28.0629 1452 Modem - ok
20:44:28.0644 1452 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:44:28.0676 1452 monitor - ok
20:44:28.0691 1452 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:44:28.0707 1452 mouclass - ok
20:44:28.0722 1452 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:44:28.0754 1452 mouhid - ok
20:44:28.0769 1452 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:44:28.0785 1452 mountmgr - ok
20:44:28.0816 1452 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:44:28.0832 1452 mpio - ok
20:44:28.0863 1452 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:44:28.0910 1452 mpsdrv - ok
20:44:28.0956 1452 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:44:29.0019 1452 MpsSvc - ok
20:44:29.0034 1452 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:44:29.0066 1452 MRxDAV - ok
20:44:29.0112 1452 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:44:29.0159 1452 mrxsmb - ok
20:44:29.0175 1452 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:44:29.0190 1452 mrxsmb10 - ok
20:44:29.0222 1452 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:44:29.0237 1452 mrxsmb20 - ok
20:44:29.0268 1452 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:44:29.0284 1452 msahci - ok
20:44:29.0284 1452 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:44:29.0300 1452 msdsm - ok
20:44:29.0331 1452 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:44:29.0362 1452 MSDTC - ok
20:44:29.0378 1452 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:44:29.0440 1452 Msfs - ok
20:44:29.0456 1452 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:44:29.0502 1452 mshidkmdf - ok
20:44:29.0518 1452 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:44:29.0534 1452 msisadrv - ok
20:44:29.0580 1452 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:44:29.0643 1452 MSiSCSI - ok
20:44:29.0658 1452 msiserver - ok
20:44:29.0690 1452 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:44:29.0752 1452 MSKSSRV - ok
20:44:29.0768 1452 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:44:29.0814 1452 MSPCLOCK - ok
20:44:29.0830 1452 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:44:29.0877 1452 MSPQM - ok
20:44:29.0892 1452 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:44:29.0924 1452 MsRPC - ok
20:44:29.0924 1452 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
20:44:29.0939 1452 mssmbios - ok
20:44:29.0955 1452 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:44:30.0002 1452 MSTEE - ok
20:44:30.0017 1452 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:44:30.0033 1452 MTConfig - ok
20:44:30.0048 1452 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:44:30.0048 1452 Mup - ok
20:44:30.0080 1452 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:44:30.0142 1452 napagent - ok
20:44:30.0173 1452 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:44:30.0204 1452 NativeWifiP - ok
20:44:30.0282 1452 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:44:30.0329 1452 NDIS - ok
20:44:30.0345 1452 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:44:30.0407 1452 NdisCap - ok
20:44:30.0423 1452 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:44:30.0454 1452 NdisTapi - ok
20:44:30.0470 1452 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:44:30.0516 1452 Ndisuio - ok
20:44:30.0532 1452 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:44:30.0579 1452 NdisWan - ok
20:44:30.0594 1452 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:44:30.0641 1452 NDProxy - ok
20:44:30.0657 1452 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:44:30.0719 1452 NetBIOS - ok
20:44:30.0735 1452 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:44:30.0782 1452 NetBT - ok
20:44:30.0828 1452 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:30.0860 1452 Netlogon - ok
20:44:30.0922 1452 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:44:31.0031 1452 Netman - ok
20:44:31.0047 1452 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:44:31.0109 1452 netprofm - ok
20:44:31.0187 1452 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:44:31.0203 1452 NetTcpPortSharing - ok
20:44:31.0296 1452 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:44:31.0312 1452 nfrd960 - ok
20:44:31.0359 1452 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:44:31.0437 1452 NlaSvc - ok
20:44:31.0452 1452 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:44:31.0484 1452 Npfs - ok
20:44:31.0515 1452 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:44:31.0562 1452 nsi - ok
20:44:31.0577 1452 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:44:31.0624 1452 nsiproxy - ok
20:44:31.0718 1452 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:44:31.0796 1452 Ntfs - ok
20:44:31.0827 1452 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:44:31.0874 1452 Null - ok
20:44:31.0905 1452 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:44:31.0936 1452 nvraid - ok
20:44:31.0998 1452 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:44:32.0030 1452 nvstor - ok
20:44:32.0076 1452 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:44:32.0108 1452 nv_agp - ok
20:44:32.0123 1452 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:44:32.0154 1452 ohci1394 - ok
20:44:32.0186 1452 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:44:32.0217 1452 p2pimsvc - ok
20:44:32.0248 1452 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:44:32.0279 1452 p2psvc - ok
20:44:32.0326 1452 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:44:32.0357 1452 Parport - ok
20:44:32.0373 1452 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:44:32.0388 1452 partmgr - ok
20:44:32.0404 1452 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:44:32.0435 1452 PcaSvc - ok
20:44:32.0451 1452 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:44:32.0466 1452 pci - ok
20:44:32.0482 1452 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:44:32.0498 1452 pciide - ok
20:44:32.0513 1452 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:44:32.0529 1452 pcmcia - ok
20:44:32.0544 1452 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:44:32.0560 1452 pcw - ok
20:44:32.0576 1452 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:44:32.0638 1452 PEAUTH - ok
20:44:32.0685 1452 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
20:44:32.0763 1452 PeerDistSvc - ok
20:44:32.0841 1452 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:44:32.0856 1452 PerfHost - ok
20:44:32.0966 1452 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:44:33.0075 1452 pla - ok
20:44:33.0153 1452 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:44:33.0215 1452 PlugPlay - ok
20:44:33.0246 1452 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:44:33.0278 1452 PNRPAutoReg - ok
20:44:33.0309 1452 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:44:33.0340 1452 PNRPsvc - ok
20:44:33.0371 1452 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:44:33.0449 1452 PolicyAgent - ok
20:44:33.0480 1452 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:44:33.0543 1452 Power - ok
20:44:33.0605 1452 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:44:33.0652 1452 PptpMiniport - ok
20:44:33.0668 1452 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:44:33.0699 1452 Processor - ok
20:44:33.0730 1452 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:44:33.0777 1452 ProfSvc - ok
20:44:33.0824 1452 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:33.0839 1452 ProtectedStorage - ok
20:44:33.0902 1452 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:44:33.0964 1452 Psched - ok
20:44:34.0042 1452 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:44:34.0136 1452 ql2300 - ok
20:44:34.0151 1452 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:44:34.0167 1452 ql40xx - ok
20:44:34.0198 1452 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:44:34.0229 1452 QWAVE - ok
20:44:34.0229 1452 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:44:34.0260 1452 QWAVEdrv - ok
20:44:34.0276 1452 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:44:34.0323 1452 RasAcd - ok
20:44:34.0370 1452 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:44:34.0416 1452 RasAgileVpn - ok
20:44:34.0448 1452 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:44:34.0510 1452 RasAuto - ok
20:44:34.0526 1452 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:44:34.0572 1452 Rasl2tp - ok
20:44:34.0604 1452 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:44:34.0650 1452 RasMan - ok
20:44:34.0666 1452 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:44:34.0728 1452 RasPppoe - ok
20:44:34.0728 1452 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:44:34.0791 1452 RasSstp - ok
20:44:34.0822 1452 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:44:34.0884 1452 rdbss - ok
20:44:34.0884 1452 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:44:34.0916 1452 rdpbus - ok
20:44:34.0916 1452 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:44:34.0962 1452 RDPCDD - ok
20:44:34.0994 1452 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:44:35.0009 1452 RDPDR - ok
20:44:35.0025 1452 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:44:35.0072 1452 RDPENCDD - ok
20:44:35.0087 1452 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:44:35.0134 1452 RDPREFMP - ok
20:44:35.0165 1452 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:44:35.0181 1452 RDPWD - ok
20:44:35.0212 1452 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:44:35.0228 1452 rdyboost - ok
20:44:35.0259 1452 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:44:35.0306 1452 RemoteAccess - ok
20:44:35.0337 1452 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:44:35.0399 1452 RemoteRegistry - ok
20:44:35.0446 1452 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:44:35.0493 1452 RFCOMM - ok
20:44:35.0524 1452 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:44:35.0586 1452 RpcEptMapper - ok
20:44:35.0602 1452 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:44:35.0649 1452 RpcLocator - ok
20:44:35.0680 1452 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:44:35.0742 1452 RpcSs - ok
20:44:35.0774 1452 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:44:35.0820 1452 rspndr - ok
20:44:35.0867 1452 RSUSBSTOR (502b316947ea887cddd325d4745eb7d0) C:\Windows\system32\Drivers\RtsUStor.sys
20:44:35.0883 1452 RSUSBSTOR - ok
20:44:35.0930 1452 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:44:35.0961 1452 RTL8167 - ok
20:44:36.0023 1452 RtsUIR - ok
20:44:36.0054 1452 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
20:44:36.0086 1452 s3cap - ok
20:44:36.0117 1452 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:36.0132 1452 SamSs - ok
20:44:36.0179 1452 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:44:36.0210 1452 sbp2port - ok
20:44:36.0242 1452 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:44:36.0288 1452 SCardSvr - ok
20:44:36.0304 1452 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:44:36.0351 1452 scfilter - ok
20:44:36.0398 1452 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:44:36.0476 1452 Schedule - ok
20:44:36.0507 1452 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:44:36.0554 1452 SCPolicySvc - ok
20:44:36.0585 1452 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:44:36.0600 1452 SDRSVC - ok
20:44:36.0647 1452 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:44:36.0710 1452 secdrv - ok
20:44:36.0725 1452 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:44:36.0772 1452 seclogon - ok
20:44:36.0788 1452 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:44:36.0834 1452 SENS - ok
20:44:36.0866 1452 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:44:36.0881 1452 SensrSvc - ok
20:44:36.0912 1452 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
20:44:36.0959 1452 Serenum - ok
20:44:36.0975 1452 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
20:44:37.0006 1452 Serial - ok
20:44:37.0022 1452 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:44:37.0053 1452 sermouse - ok
20:44:37.0084 1452 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:44:37.0162 1452 SessionEnv - ok
20:44:37.0162 1452 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:44:37.0193 1452 sffdisk - ok
20:44:37.0193 1452 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:44:37.0209 1452 sffp_mmc - ok
20:44:37.0224 1452 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:44:37.0256 1452 sffp_sd - ok
20:44:37.0256 1452 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:44:37.0287 1452 sfloppy - ok
20:44:37.0318 1452 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:44:37.0380 1452 SharedAccess - ok
20:44:37.0412 1452 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:44:37.0458 1452 ShellHWDetection - ok
20:44:37.0505 1452 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:44:37.0536 1452 SiSRaid2 - ok
20:44:37.0552 1452 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:44:37.0568 1452 SiSRaid4 - ok
20:44:37.0583 1452 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:44:37.0630 1452 Smb - ok
20:44:37.0692 1452 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:44:37.0724 1452 SNMPTRAP - ok
20:44:37.0755 1452 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:44:37.0770 1452 spldr - ok
20:44:37.0802 1452 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:44:37.0864 1452 Spooler - ok
20:44:37.0958 1452 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:44:38.0145 1452 sppsvc - ok
20:44:38.0161 1452 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:44:38.0207 1452 sppuinotify - ok
20:44:38.0270 1452 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:44:38.0348 1452 srv - ok
20:44:38.0379 1452 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:44:38.0426 1452 srv2 - ok
20:44:38.0441 1452 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:44:38.0473 1452 srvnet - ok
20:44:38.0504 1452 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:44:38.0566 1452 SSDPSRV - ok
20:44:38.0582 1452 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:44:38.0629 1452 SstpSvc - ok
20:44:38.0644 1452 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:44:38.0660 1452 stexstor - ok
20:44:38.0691 1452 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:44:38.0738 1452 stisvc - ok
20:44:38.0785 1452 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
20:44:38.0800 1452 storflt - ok
20:44:38.0831 1452 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
20:44:38.0863 1452 StorSvc - ok
20:44:38.0878 1452 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
20:44:38.0894 1452 storvsc - ok
20:44:38.0925 1452 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
20:44:38.0941 1452 swenum - ok
20:44:38.0956 1452 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:44:39.0065 1452 swprv - ok
20:44:39.0112 1452 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:44:39.0206 1452 SysMain - ok
20:44:39.0221 1452 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:44:39.0253 1452 TabletInputService - ok
20:44:39.0268 1452 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:44:39.0331 1452 TapiSrv - ok
20:44:39.0346 1452 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:44:39.0393 1452 TBS - ok
20:44:39.0502 1452 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:44:39.0596 1452 Tcpip - ok
20:44:39.0674 1452 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:44:39.0721 1452 TCPIP6 - ok
20:44:39.0767 1452 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:44:39.0845 1452 tcpipreg - ok
20:44:39.0845 1452 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:44:39.0877 1452 TDPIPE - ok
20:44:39.0892 1452 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:44:39.0923 1452 TDTCP - ok
20:44:39.0970 1452 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:44:40.0017 1452 tdx - ok
20:44:40.0017 1452 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
20:44:40.0033 1452 TermDD - ok
20:44:40.0079 1452 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:44:40.0157 1452 TermService - ok
20:44:40.0189 1452 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:44:40.0204 1452 Themes - ok
20:44:40.0235 1452 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:44:40.0282 1452 THREADORDER - ok
20:44:40.0313 1452 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:44:40.0376 1452 TrkWks - ok
20:44:40.0423 1452 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:44:40.0469 1452 TrustedInstaller - ok
20:44:40.0516 1452 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:44:40.0594 1452 tssecsrv - ok
20:44:40.0625 1452 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:44:40.0657 1452 TsUsbFlt - ok
20:44:40.0657 1452 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
20:44:40.0688 1452 TsUsbGD - ok
20:44:40.0719 1452 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:44:40.0766 1452 tunnel - ok
20:44:40.0797 1452 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:44:40.0813 1452 uagp35 - ok
20:44:40.0828 1452 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:44:40.0875 1452 udfs - ok
20:44:40.0906 1452 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:44:40.0922 1452 UI0Detect - ok
20:44:40.0984 1452 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:44:41.0015 1452 uliagpkx - ok
20:44:41.0015 1452 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:44:41.0047 1452 umbus - ok
20:44:41.0078 1452 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:44:41.0093 1452 UmPass - ok
20:44:41.0125 1452 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
20:44:41.0156 1452 UmRdpService - ok
20:44:41.0187 1452 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:44:41.0249 1452 upnphost - ok
20:44:41.0296 1452 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:44:41.0343 1452 usbccgp - ok
20:44:41.0359 1452 USBCCID - ok
20:44:41.0405 1452 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:44:41.0421 1452 usbcir - ok
20:44:41.0452 1452 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
20:44:41.0468 1452 usbehci - ok
20:44:41.0515 1452 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:44:41.0577 1452 usbhub - ok
20:44:41.0608 1452 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:44:41.0639 1452 usbohci - ok
20:44:41.0671 1452 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
20:44:41.0702 1452 usbprint - ok
20:44:41.0749 1452 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
20:44:41.0780 1452 USBSTOR - ok
20:44:41.0811 1452 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:44:41.0842 1452 usbuhci - ok
20:44:41.0889 1452 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
20:44:41.0936 1452 usbvideo - ok
20:44:41.0951 1452 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:44:42.0014 1452 UxSms - ok
20:44:42.0076 1452 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:44:42.0107 1452 VaultSvc - ok
20:44:42.0154 1452 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:44:42.0185 1452 vdrvroot - ok
20:44:42.0217 1452 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:44:42.0279 1452 vds - ok
20:44:42.0326 1452 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:44:42.0357 1452 vga - ok
20:44:42.0373 1452 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:44:42.0419 1452 VgaSave - ok
20:44:42.0435 1452 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:44:42.0451 1452 vhdmp - ok
20:44:42.0466 1452 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:44:42.0482 1452 viaide - ok
20:44:42.0513 1452 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
20:44:42.0529 1452 vmbus - ok
20:44:42.0544 1452 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
20:44:42.0560 1452 VMBusHID - ok
20:44:42.0575 1452 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:44:42.0607 1452 volmgr - ok
20:44:42.0622 1452 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:44:42.0669 1452 volmgrx - ok
20:44:42.0685 1452 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:44:42.0747 1452 volsnap - ok
20:44:42.0763 1452 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:44:42.0778 1452 vsmraid - ok
20:44:42.0841 1452 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:44:42.0950 1452 VSS - ok
20:44:42.0950 1452 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:44:42.0981 1452 vwifibus - ok
20:44:42.0981 1452 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:44:43.0012 1452 vwififlt - ok
20:44:43.0059 1452 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:44:43.0121 1452 W32Time - ok
20:44:43.0137 1452 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:44:43.0168 1452 WacomPen - ok
20:44:43.0199 1452 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:44:43.0246 1452 WANARP - ok
20:44:43.0262 1452 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:44:43.0293 1452 Wanarpv6 - ok
20:44:43.0355 1452 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:44:43.0449 1452 wbengine - ok
20:44:43.0465 1452 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:44:43.0496 1452 WbioSrvc - ok
20:44:43.0511 1452 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:44:43.0558 1452 wcncsvc - ok
20:44:43.0574 1452 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:44:43.0589 1452 WcsPlugInService - ok
20:44:43.0636 1452 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:44:43.0652 1452 Wd - ok
20:44:43.0683 1452 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:44:43.0699 1452 Wdf01000 - ok
20:44:43.0714 1452 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:44:43.0761 1452 WdiServiceHost - ok
20:44:43.0761 1452 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:44:43.0777 1452 WdiSystemHost - ok
20:44:43.0808 1452 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:44:43.0855 1452 WebClient - ok
20:44:43.0870 1452 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:44:43.0933 1452 Wecsvc - ok
20:44:43.0948 1452 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:44:43.0995 1452 wercplsupport - ok
20:44:44.0042 1452 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:44:44.0104 1452 WerSvc - ok
20:44:44.0135 1452 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:44:44.0198 1452 WfpLwf - ok
20:44:44.0213 1452 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:44:44.0229 1452 WIMMount - ok
20:44:44.0245 1452 WinDefend - ok
20:44:44.0245 1452 WinHttpAutoProxySvc - ok
20:44:44.0291 1452 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:44:44.0354 1452 Winmgmt - ok
20:44:44.0416 1452 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:44:44.0541 1452 WinRM - ok
20:44:44.0588 1452 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:44:44.0650 1452 Wlansvc - ok
20:44:44.0697 1452 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
20:44:44.0697 1452 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
20:44:44.0697 1452 wltrysvc - detected UnsignedFile.Multi.Generic (1)
20:44:44.0775 1452 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:44:44.0806 1452 WmiAcpi - ok
20:44:44.0869 1452 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:44:44.0915 1452 wmiApSrv - ok
20:44:44.0931 1452 WMPNetworkSvc - ok
20:44:44.0978 1452 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:44:44.0993 1452 WPCSvc - ok
20:44:44.0993 1452 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:44:45.0025 1452 WPDBusEnum - ok
20:44:45.0056 1452 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:44:45.0103 1452 ws2ifsl - ok
20:44:45.0118 1452 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:44:45.0149 1452 wscsvc - ok
20:44:45.0165 1452 WSearch - ok
20:44:45.0227 1452 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:44:45.0368 1452 wuauserv - ok
20:44:45.0415 1452 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:44:45.0493 1452 WudfPf - ok
20:44:45.0539 1452 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:44:45.0602 1452 WUDFRd - ok
20:44:45.0633 1452 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:44:45.0680 1452 wudfsvc - ok
20:44:45.0711 1452 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:44:45.0742 1452 WwanSvc - ok
20:44:45.0758 1452 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:44:45.0976 1452 \Device\Harddisk0\DR0 - ok
20:44:45.0976 1452 Boot (0x1200) (9bc890cb4f756e7132a376d0cc7ac125) \Device\Harddisk0\DR0\Partition0
20:44:45.0976 1452 \Device\Harddisk0\DR0\Partition0 - ok
20:44:46.0007 1452 Boot (0x1200) (6dbbdcda7c6225c3f651c2ab1a41fb06) \Device\Harddisk0\DR0\Partition1
20:44:46.0007 1452 \Device\Harddisk0\DR0\Partition1 - ok
20:44:46.0023 1452 Boot (0x1200) (2a22fdf99654774b8bfbaa319e6b7806) \Device\Harddisk0\DR0\Partition2
20:44:46.0023 1452 \Device\Harddisk0\DR0\Partition2 - ok
20:44:46.0023 1452 ============================================================
20:44:46.0023 1452 Scan finished
20:44:46.0023 1452 ============================================================
20:44:46.0039 0948 Detected object count: 1
20:44:46.0039 0948 Actual detected object count: 1
20:45:05.0195 0948 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:45:05.0195 0948 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.04.2012, 11:09
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internetbrowser (Keine Rückmeldung) Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
20.04.2012, 18:44
| #19 |
| | Internetbrowser (Keine Rückmeldung)Code:
ATTFilter ComboFix 12-04-20.03 - Janine 20.04.2012 18:24:45.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3957.2857 [GMT 2:00]
ausgeführt von:: c:\users\Janine\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Janine\AppData\Local\Temp\{9CBAD9A4-98DC-4ECB-9884-DA3B8DA8F50E}\fpb.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-20 bis 2012-04-20 ))))))))))))))))))))))))))))))
.
.
2012-04-20 16:29 . 2012-04-20 16:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-20 16:13 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9C12CDC-862F-45A5-A0AC-2B62D88B2266}\mpengine.dll
2012-04-19 16:21 . 2012-04-19 16:21 -------- d-----w- C:\_OTL
2012-04-17 15:42 . 2012-04-17 15:42 -------- d-----w- c:\program files (x86)\ESET
2012-04-16 18:21 . 2012-04-16 18:21 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-04-15 20:58 . 2012-04-15 20:58 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-15 20:58 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-15 19:44 . 2012-04-15 19:44 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2012-04-15 19:44 . 2012-04-15 19:44 -------- d-----w- c:\windows\system32\wbem\en-US
2012-04-15 09:48 . 2012-04-15 09:48 8766112 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-13 17:11 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-13 17:11 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-13 17:11 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-13 17:10 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-13 17:10 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-13 17:10 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-13 17:10 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-13 17:10 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-13 17:10 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-13 17:10 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-13 13:11 . 2012-04-13 13:11 -------- d-----w- c:\programdata\Malwarebytes
2012-04-13 12:37 . 2012-04-20 16:06 -------- d-----w- c:\programdata\Kaspersky Lab
2012-04-13 12:37 . 2012-04-13 12:37 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2012-04-13 12:11 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-04-13 12:10 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-04-13 12:10 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-04-11 10:37 . 2012-04-11 10:37 -------- d-----w- c:\programdata\Creative
2012-04-11 10:31 . 2009-06-15 11:06 172704 ----a-w- c:\windows\system32\drivers\CtClsFlt.sys
2012-04-11 10:31 . 2009-05-28 08:49 224768 ----a-w- c:\windows\system32\drivers\CtAudDrv.sys
2012-04-11 10:31 . 2012-04-11 10:31 -------- d-----w- c:\program files (x86)\Creative Live! Cam
2012-04-11 10:17 . 2012-04-11 10:32 74 --sh--r- c:\windows\CT4CET.bin
2012-04-11 10:17 . 2012-04-11 10:17 -------- d-----w- c:\program files (x86)\Common Files\Reallusion
2012-04-11 10:17 . 2012-04-11 10:31 -------- d-----w- c:\program files (x86)\Creative
2012-04-11 10:16 . 2012-04-11 10:32 -------- d-----w- c:\program files (x86)\Dell Webcam
2012-04-11 10:16 . 2012-04-11 10:16 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2012-04-01 17:44 . 2012-04-01 17:44 -------- d-----w- c:\program files (x86)\Cisco
2012-04-01 17:38 . 2012-04-01 16:47 -------- d-----w- c:\windows\Panther
2012-04-01 17:32 . 2012-04-01 17:32 -------- d-----w- c:\windows\system32\appmgmt
2012-04-01 17:08 . 2009-07-17 07:06 1114624 ----a-w- c:\windows\system32\BCMLogon.dll
2012-04-01 17:08 . 2009-07-17 07:06 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-04-01 17:04 . 2012-04-11 10:17 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2012-04-01 17:04 . 2012-04-01 17:04 -------- d-----w- c:\program files (x86)\Realtek
2012-04-01 17:04 . 2009-07-17 09:14 220672 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2012-04-01 17:04 . 2009-06-22 09:52 351744 ----a-w- c:\windows\system32\RtsUStor.dll
2012-04-01 17:04 . 2009-02-02 16:27 7347200 ----a-w- c:\windows\system32\RTSUSTORicon.dll
2012-04-01 17:04 . 2012-04-01 17:04 -------- d-----w- C:\dell
2012-04-01 17:03 . 2012-04-01 17:03 -------- d-----w- c:\windows\SysWow64\vmm32
2012-04-01 17:02 . 2012-04-17 20:31 -------- d-sh--w- c:\windows\Installer
2012-04-01 17:01 . 2012-04-15 09:48 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-01 17:01 . 2012-04-15 09:48 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-01 17:01 . 2012-04-01 17:01 -------- d-----w- c:\windows\SysWow64\Macromed
2012-04-01 17:00 . 2012-04-01 17:00 -------- d-----w- c:\windows\system32\Macromed
2012-04-01 16:57 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-01 16:57 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-01 16:57 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-01 16:57 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-04-01 16:57 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-04-01 16:57 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-01 16:57 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-04-01 16:42 . 2012-04-01 16:42 0 ----a-w- c:\windows\ativpsrm.bin
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 253088]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 09:48]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://web.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-20 18:31:42
ComboFix-quarantined-files.txt 2012-04-20 16:31
.
Vor Suchlauf: 8 Verzeichnis(se), 396.858.322.944 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 396.490.907.648 Bytes frei
.
- - End Of File - - 1397D89F6C1F70F04CB4C7EF33F498AD
|
|
20.04.2012, 20:44
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internetbrowser (Keine Rückmeldung) Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.04.2012, 16:21
| #21 |
| | Internetbrowser (Keine Rückmeldung)Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-21 17:15:32
-----------------------------
17:15:32.642 OS Version: Windows x64 6.1.7601 Service Pack 1
17:15:32.642 Number of processors: 4 586 0x2502
17:15:32.642 ComputerName: JANINE-PC UserName: Janine
17:15:34.716 Initialize success
17:15:42.361 AVAST engine defs: 12042100
17:16:12.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:16:12.703 Disk 0 Vendor: WDC_WD5000BEVT-75ZAT0 01.01A01 Size: 476940MB BusType: 11
17:16:12.734 Disk 0 MBR read successfully
17:16:12.734 Disk 0 MBR scan
17:16:12.749 Disk 0 Windows 7 default MBR code
17:16:12.749 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
17:16:12.765 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10000 MB offset 206848
17:16:12.781 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 60000 MB offset 20686848
17:16:12.796 Disk 0 Partition - 00 0F Extended LBA 406838 MB offset 143566848
17:16:12.812 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 406837 MB offset 143568896
17:16:12.843 Disk 0 scanning C:\Windows\system32\drivers
17:16:20.331 Service scanning
17:16:40.923 Modules scanning
17:16:41.422 Disk 0 trace - called modules:
17:16:41.453 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:16:41.469 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bf3060]
17:16:41.469 3 CLASSPNP.SYS[fffff880021b143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80049c4680]
17:16:41.485 Scan finished successfully
17:17:04.245 Disk 0 MBR has been saved successfully to "C:\Users\Janine\Desktop\MBR.dat"
17:17:04.261 The log file has been saved successfully to "C:\Users\Janine\Desktop\aswMBR.txt"
|
|
21.04.2012, 17:10
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internetbrowser (Keine Rückmeldung) Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.04.2012, 15:14
| #23 |
| | Internetbrowser (Keine Rückmeldung)Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.04.21.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Janine :: JANINE-PC [Administrator] Schutz: Aktiviert 22.04.2012 15:47:22 mbam-log-2012-04-22 (15-47-22).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 288364 Laufzeit: 22 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 04/22/2012 at 05:05 PM
Application Version : 5.0.1146
Core Rules Database Version : 8493
Trace Rules Database Version: 6305
Scan type : Complete Scan
Total Scan Time : 00:41:15
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 584
Memory threats detected : 0
Registry items scanned : 63179
Registry threats detected : 0
File items scanned : 104394
File threats detected : 147
Adware.Tracking Cookie
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\janine@adx.chip[1].txt [ /adx.chip ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\janine@atdmt[2].txt [ /atdmt ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\janine@revsci[2].txt [ /revsci ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\WWHBS867.txt [ /apmebf.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\BMXERV4K.txt [ /zanox.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\FGXG2YL8.txt [ /ad.ad-srv.net ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\4YXZPDV7.txt [ /im.banner.t-online.de ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\A4404X4Z.txt [ /track.adform.net ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\NXB7RH62.txt [ /adform.net ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\O87IPBIG.txt [ /adfarm1.adition.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\JCICMLEN.txt [ /mediaplex.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\EC6R8D98.txt [ /serving-sys.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\OZ6A2QG1.txt [ /media.gan-online.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\I6UUZUAT.txt [ /doubleclick.net ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\47HQPE0Q.txt [ /tradedoubler.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\8RFBYMPL.txt [ /ad.yieldmanager.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\0ZWR8IVT.txt [ /ad.zanox.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\KXV0NJEC.txt [ /adviva.net ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\KWSVWL06.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\2RFOGSPB.txt [ /ad.dyntracker.de ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\9JU19E9Q.txt [ /invitemedia.com ]
C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Cookies\V61Q6O8W.txt [ /specificclick.net ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4SO4IM43.txt [ Cookie:janine@webmasterplan.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\EOFKWIWO.txt [ Cookie:janine@tracking.mobile.de/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MU0BOO40.txt [ Cookie:janine@apmebf.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NO2BF2FY.txt [ Cookie:janine@xiti.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6IW4KEVO.txt [ Cookie:janine@im.banner.t-online.de/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QXC75NE7.txt [ Cookie:janine@media.gan-online.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7A4F89JG.txt [ Cookie:janine@doubleclick.net/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QD027LYD.txt [ Cookie:janine@tradedoubler.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0PLHDYAG.txt [ Cookie:janine@ad3.adfarm1.adition.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\G5BX0QDU.txt [ Cookie:janine@accounts.google.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\EEVIQYYR.txt [ Cookie:janine@ad.yieldmanager.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\41LC4SLD.txt [ Cookie:janine@ad.zanox.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\0N7TB375.txt [ Cookie:janine@adviva.net/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SDS5FAKA.txt [ Cookie:janine@fl01.ct2.comclick.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1AS07INZ.txt [ Cookie:janine@ad2.adfarm1.adition.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\MBH3620X.txt [ Cookie:janine@invitemedia.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H7SNMP4B.txt [ Cookie:janine@kontera.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VV41DVDL.txt [ Cookie:janine@ad1.adfarm1.adition.com/ ]
C:\USERS\JANINE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RD9P4H3H.txt [ Cookie:janine@microsoftinternetexplorer.112.2o7.net/ ]
C:\USERS\JANINE\Cookies\WWHBS867.txt [ Cookie:janine@apmebf.com/ ]
C:\USERS\JANINE\Cookies\4YXZPDV7.txt [ Cookie:janine@im.banner.t-online.de/ ]
C:\USERS\JANINE\Cookies\A4404X4Z.txt [ Cookie:janine@track.adform.net/ ]
C:\USERS\JANINE\Cookies\NXB7RH62.txt [ Cookie:janine@adform.net/ ]
C:\USERS\JANINE\Cookies\OZ6A2QG1.txt [ Cookie:janine@media.gan-online.com/ ]
C:\USERS\JANINE\Cookies\I6UUZUAT.txt [ Cookie:janine@doubleclick.net/ ]
C:\USERS\JANINE\Cookies\janine@adx.chip[1].txt [ Cookie:janine@adx.chip.de/ ]
C:\USERS\JANINE\Cookies\47HQPE0Q.txt [ Cookie:janine@tradedoubler.com/ ]
C:\USERS\JANINE\Cookies\8RFBYMPL.txt [ Cookie:janine@ad.yieldmanager.com/ ]
C:\USERS\JANINE\Cookies\0ZWR8IVT.txt [ Cookie:janine@ad.zanox.com/ ]
C:\USERS\JANINE\Cookies\KXV0NJEC.txt [ Cookie:janine@adviva.net/ ]
C:\USERS\JANINE\Cookies\KWSVWL06.txt [ Cookie:janine@ad2.adfarm1.adition.com/ ]
C:\USERS\JANINE\Cookies\9JU19E9Q.txt [ Cookie:janine@invitemedia.com/ ]
C:\USERS\JANINE\Cookies\janine@revsci[2].txt [ Cookie:janine@revsci.net/ ]
C:\USERS\JANINE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JANINE@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
C:\USERS\JANINE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JANINE@C.ATDMT[2].TXT [ /C.ATDMT ]
C:\USERS\JANINE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JANINE@ATDMT[1].TXT [ /ATDMT ]
.serving-sys.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.kaspersky.122.2o7.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\JANINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H6WEQKEB.DEFAULT\COOKIES.SQLITE ]
Geändert von NiniQ (22.04.2012 um 16:09 Uhr) |
|
22.04.2012, 19:52
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internetbrowser (Keine Rückmeldung) Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.04.2012, 20:46
| #25 |
| | Internetbrowser (Keine Rückmeldung) Ja, super! Läuft wie am Schnürchen! Vielen Dank!!!!!  Die ganzen Anti-Malware-Programme kann ich nun wieder deinstallieren, oder? |
|
23.04.2012, 21:28
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internetbrowser (Keine Rückmeldung) Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Adobe - Andere Version des Adobe Flash Player installieren Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Internetbrowser (Keine Rückmeldung) |
| adobe flash player, browser, cdrom, cpu, defender, explorer, festplatte, flash player, generic, kaspersky, keine rückmeldung, neu, problem, programme, realtek, security, svchost.exe, task-manager, temp, usb 2.0, webcam, windows, windows media player, wireless, wmp |
Linear-Darstellung
