| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: RUNDLL Fehlermeldung beim Starten des LaptopsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.08.2012, 14:18
| #31 |
 |  RUNDLL Fehlermeldung beim Starten des LaptopsCode:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2895085339-1990539965-2185832737-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-2895085339-1990539965-2185832737-1000\Software\Microsoft\Internet Explorer\SearchScopes\{97DD069A-7724-4CC8-B8B5-6EC0788226C5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97DD069A-7724-4CC8-B8B5-6EC0788226C5}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\searchplugins\icqplugin.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-2895085339-1990539965-2185832737-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Conime deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2895085339-1990539965-2185832737-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2895085339-1990539965-2185832737-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoLowDiskSpaceChecks deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ac288f8-8af4-11e1-ba59-002219fdd7fe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ac288f8-8af4-11e1-ba59-002219fdd7fe}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ac288f8-8af4-11e1-ba59-002219fdd7fe}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ac288f8-8af4-11e1-ba59-002219fdd7fe}\ not found.
File F:\LaunchU3.exe -a not found.
========== FILES ==========
C:\ProgramData\go_0molg.pad moved successfully.
C:\Users\Yannick\AppData\Roaming\ICQ Search folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Yannick
->Temp folder emptied: 642711891 bytes
->Temporary Internet Files folder emptied: 211495307 bytes
->Java cache emptied: 1429 bytes
->FireFox cache emptied: 306160313 bytes
->Flash cache emptied: 1953692 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3000832 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 218754432 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36048679 bytes
RecycleBin emptied: 20333666508 bytes
Total Files Cleaned = 20.746,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Yannick
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.59.1 log created on 08312012_150935
Files\Folders moved on Reboot...
C:\Users\Yannick\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
31.08.2012, 14:48
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | RUNDLL Fehlermeldung beim Starten des Laptops Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
31.08.2012, 16:49
| #33 |
| | RUNDLL Fehlermeldung beim Starten des LaptopsCode:
ATTFilter 17:46:09.0404 3720 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:46:09.0529 3720 ============================================================
17:46:09.0529 3720 Current date / time: 2012/08/31 17:46:09.0529
17:46:09.0529 3720 SystemInfo:
17:46:09.0529 3720
17:46:09.0529 3720 OS Version: 6.1.7601 ServicePack: 1.0
17:46:09.0529 3720 Product type: Workstation
17:46:09.0529 3720 ComputerName: YANNICK-PC
17:46:09.0529 3720 UserName: Yannick
17:46:09.0529 3720 Windows directory: C:\Windows
17:46:09.0529 3720 System windows directory: C:\Windows
17:46:09.0529 3720 Running under WOW64
17:46:09.0529 3720 Processor architecture: Intel x64
17:46:09.0529 3720 Number of processors: 2
17:46:09.0529 3720 Page size: 0x1000
17:46:09.0529 3720 Boot type: Normal boot
17:46:09.0529 3720 ============================================================
17:46:11.0120 3720 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:46:11.0136 3720 ============================================================
17:46:11.0136 3720 \Device\Harddisk0\DR0:
17:46:11.0136 3720 MBR partitions:
17:46:11.0136 3720 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
17:46:11.0136 3720 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
17:46:11.0136 3720 ============================================================
17:46:11.0151 3720 C: <-> \Device\Harddisk0\DR0\Partition2
17:46:11.0198 3720 D: <-> \Device\Harddisk0\DR0\Partition1
17:46:11.0198 3720 ============================================================
17:46:11.0198 3720 Initialize success
17:46:11.0198 3720 ============================================================
17:48:01.0771 1580 ============================================================
17:48:01.0771 1580 Scan started
17:48:01.0771 1580 Mode: Manual; SigCheck; TDLFS;
17:48:01.0771 1580 ============================================================
17:48:02.0255 1580 ================ Scan services =============================
17:48:02.0426 1580 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:48:02.0567 1580 1394ohci - ok
17:48:02.0613 1580 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:48:02.0645 1580 ACPI - ok
17:48:02.0676 1580 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:48:02.0738 1580 AcpiPmi - ok
17:48:02.0832 1580 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:48:02.0863 1580 AdobeARMservice - ok
17:48:03.0019 1580 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:48:03.0050 1580 AdobeFlashPlayerUpdateSvc - ok
17:48:03.0097 1580 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:48:03.0128 1580 adp94xx - ok
17:48:03.0159 1580 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:48:03.0191 1580 adpahci - ok
17:48:03.0222 1580 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:48:03.0237 1580 adpu320 - ok
17:48:03.0284 1580 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:48:03.0378 1580 AeLookupSvc - ok
17:48:03.0425 1580 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:48:03.0503 1580 AFD - ok
17:48:03.0549 1580 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:48:03.0581 1580 agp440 - ok
17:48:03.0596 1580 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:48:03.0627 1580 ALG - ok
17:48:03.0643 1580 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:48:03.0659 1580 aliide - ok
17:48:03.0690 1580 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:48:03.0705 1580 AMD External Events Utility - ok
17:48:03.0737 1580 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:48:03.0752 1580 amdide - ok
17:48:03.0783 1580 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:48:03.0830 1580 AmdK8 - ok
17:48:03.0846 1580 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:48:03.0908 1580 AmdPPM - ok
17:48:03.0939 1580 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:48:03.0955 1580 amdsata - ok
17:48:03.0955 1580 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:48:03.0986 1580 amdsbs - ok
17:48:04.0002 1580 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:48:04.0002 1580 amdxata - ok
17:48:04.0064 1580 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:48:04.0080 1580 AntiVirSchedulerService - ok
17:48:04.0111 1580 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:48:04.0127 1580 AntiVirService - ok
17:48:04.0158 1580 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:48:04.0236 1580 AppID - ok
17:48:04.0283 1580 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:48:04.0361 1580 AppIDSvc - ok
17:48:04.0376 1580 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:48:04.0439 1580 Appinfo - ok
17:48:04.0501 1580 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:48:04.0532 1580 Apple Mobile Device - ok
17:48:04.0579 1580 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:48:04.0610 1580 AppMgmt - ok
17:48:04.0657 1580 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:48:04.0704 1580 arc - ok
17:48:04.0719 1580 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:48:04.0751 1580 arcsas - ok
17:48:04.0813 1580 aspnet_state - ok
17:48:04.0829 1580 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:48:04.0907 1580 AsyncMac - ok
17:48:04.0938 1580 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:48:04.0938 1580 atapi - ok
17:48:05.0203 1580 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:48:05.0390 1580 atikmdag - ok
17:48:05.0453 1580 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:48:05.0562 1580 AudioEndpointBuilder - ok
17:48:05.0593 1580 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:48:05.0640 1580 AudioSrv - ok
17:48:05.0655 1580 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:48:05.0671 1580 avgntflt - ok
17:48:05.0718 1580 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:48:05.0733 1580 avipbb - ok
17:48:05.0733 1580 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:48:05.0749 1580 avkmgr - ok
17:48:05.0796 1580 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:48:05.0858 1580 AxInstSV - ok
17:48:05.0921 1580 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:48:05.0967 1580 b06bdrv - ok
17:48:06.0030 1580 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:48:06.0077 1580 b57nd60a - ok
17:48:06.0123 1580 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:48:06.0155 1580 BDESVC - ok
17:48:06.0186 1580 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:48:06.0264 1580 Beep - ok
17:48:06.0342 1580 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:48:06.0420 1580 BFE - ok
17:48:06.0435 1580 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:48:06.0513 1580 BITS - ok
17:48:06.0560 1580 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:48:06.0607 1580 blbdrive - ok
17:48:06.0685 1580 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:48:06.0732 1580 Bonjour Service - ok
17:48:06.0763 1580 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:48:06.0779 1580 bowser - ok
17:48:06.0825 1580 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:48:06.0872 1580 BrFiltLo - ok
17:48:06.0888 1580 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:48:06.0935 1580 BrFiltUp - ok
17:48:06.0966 1580 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:48:07.0013 1580 Browser - ok
17:48:07.0044 1580 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:48:07.0075 1580 Brserid - ok
17:48:07.0091 1580 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:48:07.0137 1580 BrSerWdm - ok
17:48:07.0169 1580 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:48:07.0231 1580 BrUsbMdm - ok
17:48:07.0247 1580 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:48:07.0262 1580 BrUsbSer - ok
17:48:07.0293 1580 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:48:07.0340 1580 BTHMODEM - ok
17:48:07.0403 1580 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:48:07.0465 1580 bthserv - ok
17:48:07.0481 1580 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:48:07.0512 1580 cdfs - ok
17:48:07.0559 1580 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:48:07.0605 1580 cdrom - ok
17:48:07.0652 1580 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:48:07.0683 1580 CertPropSvc - ok
17:48:07.0715 1580 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:48:07.0730 1580 circlass - ok
17:48:07.0777 1580 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:48:07.0808 1580 CLFS - ok
17:48:07.0839 1580 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:48:07.0855 1580 clr_optimization_v2.0.50727_32 - ok
17:48:07.0917 1580 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:48:07.0949 1580 clr_optimization_v2.0.50727_64 - ok
17:48:08.0011 1580 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:48:08.0042 1580 clr_optimization_v4.0.30319_32 - ok
17:48:08.0089 1580 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:48:08.0089 1580 clr_optimization_v4.0.30319_64 - ok
17:48:08.0136 1580 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:48:08.0151 1580 CmBatt - ok
17:48:08.0183 1580 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:48:08.0198 1580 cmdide - ok
17:48:08.0214 1580 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:48:08.0245 1580 CNG - ok
17:48:08.0261 1580 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:48:08.0276 1580 Compbatt - ok
17:48:08.0292 1580 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:48:08.0323 1580 CompositeBus - ok
17:48:08.0339 1580 COMSysApp - ok
17:48:08.0354 1580 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:48:08.0385 1580 crcdisk - ok
17:48:08.0432 1580 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:48:08.0495 1580 CryptSvc - ok
17:48:08.0526 1580 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:48:08.0557 1580 CSC - ok
17:48:08.0604 1580 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:48:08.0635 1580 CscService - ok
17:48:08.0682 1580 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:48:08.0744 1580 DcomLaunch - ok
17:48:08.0807 1580 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:48:08.0885 1580 defragsvc - ok
17:48:08.0916 1580 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:48:08.0978 1580 DfsC - ok
17:48:09.0041 1580 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:48:09.0072 1580 Dhcp - ok
17:48:09.0119 1580 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:48:09.0150 1580 discache - ok
17:48:09.0165 1580 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:48:09.0181 1580 Disk - ok
17:48:09.0197 1580 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:48:09.0228 1580 Dnscache - ok
17:48:09.0275 1580 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:48:09.0353 1580 dot3svc - ok
17:48:09.0399 1580 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:48:09.0462 1580 DPS - ok
17:48:09.0509 1580 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:48:09.0555 1580 drmkaud - ok
17:48:09.0618 1580 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:48:09.0649 1580 DXGKrnl - ok
17:48:09.0696 1580 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:48:09.0758 1580 EapHost - ok
17:48:09.0883 1580 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:48:10.0039 1580 ebdrv - ok
17:48:10.0086 1580 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:48:10.0133 1580 EFS - ok
17:48:10.0211 1580 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:48:10.0320 1580 ehRecvr - ok
17:48:10.0351 1580 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:48:10.0413 1580 ehSched - ok
17:48:10.0460 1580 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:48:10.0491 1580 elxstor - ok
17:48:10.0569 1580 [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
17:48:10.0616 1580 EPSON_EB_RPCV4_01 - ok
17:48:10.0632 1580 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
17:48:10.0694 1580 EPSON_PM_RPCV4_01 - ok
17:48:10.0725 1580 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:48:10.0741 1580 ErrDev - ok
17:48:10.0772 1580 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:48:10.0850 1580 EventSystem - ok
17:48:10.0897 1580 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:48:10.0959 1580 exfat - ok
17:48:10.0991 1580 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:48:11.0037 1580 fastfat - ok
17:48:11.0084 1580 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:48:11.0147 1580 Fax - ok
17:48:11.0178 1580 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:48:11.0193 1580 fdc - ok
17:48:11.0225 1580 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:48:11.0271 1580 fdPHost - ok
17:48:11.0287 1580 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:48:11.0381 1580 FDResPub - ok
17:48:11.0396 1580 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:48:11.0412 1580 FileInfo - ok
17:48:11.0443 1580 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:48:11.0474 1580 Filetrace - ok
17:48:11.0521 1580 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:48:11.0552 1580 flpydisk - ok
17:48:11.0568 1580 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:48:11.0599 1580 FltMgr - ok
17:48:11.0646 1580 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:48:11.0724 1580 FontCache - ok
17:48:11.0786 1580 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:48:11.0802 1580 FontCache3.0.0.0 - ok
17:48:11.0849 1580 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:48:11.0880 1580 FsDepends - ok
17:48:11.0895 1580 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:48:11.0911 1580 Fs_Rec - ok
17:48:11.0942 1580 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:48:11.0958 1580 fvevol - ok
17:48:11.0989 1580 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:48:12.0005 1580 gagp30kx - ok
17:48:12.0020 1580 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:48:12.0036 1580 GEARAspiWDM - ok
17:48:12.0067 1580 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:48:12.0145 1580 gpsvc - ok
17:48:12.0176 1580 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:48:12.0223 1580 hcw85cir - ok
17:48:12.0285 1580 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:48:12.0363 1580 HdAudAddService - ok
17:48:12.0410 1580 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:48:12.0457 1580 HDAudBus - ok
17:48:12.0488 1580 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:48:12.0535 1580 HidBatt - ok
17:48:12.0566 1580 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:48:12.0613 1580 HidBth - ok
17:48:12.0660 1580 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:48:12.0722 1580 HidIr - ok
17:48:12.0738 1580 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:48:12.0785 1580 hidserv - ok
17:48:12.0831 1580 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:48:12.0863 1580 HidUsb - ok
17:48:12.0894 1580 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:48:12.0941 1580 hkmsvc - ok
17:48:12.0972 1580 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:48:13.0003 1580 HomeGroupListener - ok
17:48:13.0050 1580 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:48:13.0097 1580 HomeGroupProvider - ok
17:48:13.0143 1580 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:48:13.0175 1580 HpSAMD - ok
17:48:13.0221 1580 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:48:13.0315 1580 HTTP - ok
17:48:13.0362 1580 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:48:13.0393 1580 hwpolicy - ok
17:48:13.0424 1580 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:48:13.0440 1580 i8042prt - ok
17:48:13.0487 1580 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:48:13.0518 1580 iaStorV - ok
17:48:13.0549 1580 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:48:13.0549 1580 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:48:13.0549 1580 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:48:13.0627 1580 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:48:13.0689 1580 idsvc - ok
17:48:13.0721 1580 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:48:13.0736 1580 iirsp - ok
17:48:13.0783 1580 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:48:13.0892 1580 IKEEXT - ok
17:48:13.0939 1580 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:48:13.0939 1580 intelide - ok
17:48:13.0970 1580 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:48:13.0986 1580 intelppm - ok
17:48:14.0033 1580 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:48:14.0064 1580 IPBusEnum - ok
17:48:14.0079 1580 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:48:14.0157 1580 IpFilterDriver - ok
17:48:14.0189 1580 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:48:14.0251 1580 iphlpsvc - ok
17:48:14.0298 1580 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:48:14.0345 1580 IPMIDRV - ok
17:48:14.0376 1580 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:48:14.0438 1580 IPNAT - ok
17:48:14.0516 1580 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:48:14.0547 1580 iPod Service - ok
17:48:14.0563 1580 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:48:14.0610 1580 IRENUM - ok
17:48:14.0625 1580 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:48:14.0641 1580 isapnp - ok
17:48:14.0672 1580 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:48:14.0703 1580 iScsiPrt - ok
17:48:14.0750 1580 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
17:48:14.0813 1580 k57nd60a - ok
17:48:14.0844 1580 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:48:14.0859 1580 kbdclass - ok
17:48:14.0891 1580 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:48:14.0922 1580 kbdhid - ok
17:48:14.0937 1580 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:48:14.0953 1580 KeyIso - ok
17:48:14.0969 1580 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:48:14.0984 1580 KSecDD - ok
17:48:15.0015 1580 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:48:15.0031 1580 KSecPkg - ok
17:48:15.0047 1580 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:48:15.0093 1580 ksthunk - ok
17:48:15.0140 1580 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:48:15.0187 1580 KtmRm - ok
17:48:15.0234 1580 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:48:15.0327 1580 LanmanServer - ok
17:48:15.0374 1580 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:48:15.0452 1580 LanmanWorkstation - ok
17:48:15.0499 1580 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:48:15.0577 1580 lltdio - ok
17:48:15.0608 1580 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:48:15.0640 1580 lltdsvc - ok
17:48:15.0671 1580 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:48:15.0702 1580 lmhosts - ok
17:48:15.0733 1580 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:48:15.0749 1580 LSI_FC - ok
17:48:15.0764 1580 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:48:15.0811 1580 LSI_SAS - ok
17:48:15.0827 1580 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:48:15.0827 1580 LSI_SAS2 - ok
17:48:15.0842 1580 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:48:15.0858 1580 LSI_SCSI - ok
17:48:15.0889 1580 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:48:15.0967 1580 luafv - ok
17:48:16.0045 1580 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:48:16.0061 1580 MBAMProtector - ok
17:48:16.0108 1580 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:48:16.0123 1580 MBAMService - ok
17:48:16.0186 1580 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
17:48:16.0217 1580 McComponentHostService - ok
17:48:16.0342 1580 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:48:16.0388 1580 Mcx2Svc - ok
17:48:16.0435 1580 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:48:16.0466 1580 megasas - ok
17:48:16.0482 1580 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:48:16.0513 1580 MegaSR - ok
17:48:16.0560 1580 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:48:16.0591 1580 Microsoft Office Groove Audit Service - ok
17:48:16.0655 1580 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:48:16.0748 1580 MMCSS - ok
17:48:16.0764 1580 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:48:16.0811 1580 Modem - ok
17:48:16.0857 1580 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:48:16.0904 1580 monitor - ok
17:48:16.0935 1580 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:48:16.0951 1580 mouclass - ok
17:48:16.0967 1580 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:48:16.0998 1580 mouhid - ok
17:48:17.0013 1580 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:48:17.0029 1580 mountmgr - ok
17:48:17.0076 1580 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:48:17.0107 1580 MozillaMaintenance - ok
17:48:17.0138 1580 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:48:17.0154 1580 mpio - ok
17:48:17.0185 1580 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:48:17.0263 1580 mpsdrv - ok
17:48:17.0310 1580 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:48:17.0419 1580 MpsSvc - ok
17:48:17.0466 1580 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:48:17.0528 1580 MRxDAV - ok
17:48:17.0559 1580 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:48:17.0606 1580 mrxsmb - ok
17:48:17.0637 1580 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:48:17.0653 1580 mrxsmb10 - ok
17:48:17.0700 1580 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:48:17.0747 1580 mrxsmb20 - ok
17:48:17.0793 1580 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:48:17.0825 1580 msahci - ok
17:48:17.0840 1580 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:48:17.0856 1580 msdsm - ok
17:48:17.0871 1580 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:48:17.0903 1580 MSDTC - ok
17:48:17.0934 1580 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:48:17.0965 1580 Msfs - ok
17:48:17.0981 1580 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:48:18.0012 1580 mshidkmdf - ok
17:48:18.0027 1580 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:48:18.0043 1580 msisadrv - ok
17:48:18.0059 1580 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:48:18.0090 1580 MSiSCSI - ok
17:48:18.0105 1580 msiserver - ok
17:48:18.0121 1580 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:48:18.0230 1580 MSKSSRV - ok
17:48:18.0261 1580 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:48:18.0293 1580 MSPCLOCK - ok
17:48:18.0308 1580 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:48:18.0386 1580 MSPQM - ok
17:48:18.0417 1580 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:48:18.0433 1580 MsRPC - ok
17:48:18.0464 1580 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:48:18.0495 1580 mssmbios - ok
17:48:18.0542 1580 MSSQL$MYMOVIES - ok
17:48:18.0589 1580 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
17:48:18.0620 1580 MSSQLServerADHelper - ok
17:48:18.0651 1580 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:48:18.0714 1580 MSTEE - ok
17:48:18.0729 1580 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:48:18.0745 1580 MTConfig - ok
17:48:18.0776 1580 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:48:18.0776 1580 Mup - ok
17:48:18.0807 1580 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:48:18.0870 1580 napagent - ok
17:48:18.0917 1580 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:48:18.0948 1580 NativeWifiP - ok
17:48:19.0010 1580 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:48:19.0057 1580 NDIS - ok
17:48:19.0104 1580 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:48:19.0135 1580 NdisCap - ok
17:48:19.0151 1580 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:48:19.0229 1580 NdisTapi - ok
17:48:19.0275 1580 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:48:19.0369 1580 Ndisuio - ok
17:48:19.0400 1580 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:48:19.0478 1580 NdisWan - ok
17:48:19.0509 1580 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:48:19.0556 1580 NDProxy - ok
17:48:19.0587 1580 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:48:19.0665 1580 NetBIOS - ok
17:48:19.0697 1580 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:48:19.0806 1580 NetBT - ok
17:48:19.0821 1580 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:48:19.0837 1580 Netlogon - ok
17:48:19.0884 1580 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:48:19.0962 1580 Netman - ok
17:48:19.0993 1580 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:48:20.0055 1580 netprofm - ok
17:48:20.0102 1580 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:48:20.0133 1580 NetTcpPortSharing - ok
17:48:20.0289 1580 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
17:48:20.0461 1580 netw5v64 - ok
17:48:20.0492 1580 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:48:20.0508 1580 nfrd960 - ok
17:48:20.0523 1580 NIApplicationWebServer64 - ok
17:48:20.0555 1580 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:48:20.0617 1580 NlaSvc - ok
17:48:20.0648 1580 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:48:20.0679 1580 Npfs - ok
17:48:20.0711 1580 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:48:20.0804 1580 nsi - ok
17:48:20.0835 1580 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:48:20.0929 1580 nsiproxy - ok
17:48:21.0007 1580 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:48:21.0069 1580 Ntfs - ok
17:48:21.0085 1580 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:48:21.0147 1580 Null - ok
17:48:21.0210 1580 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:48:21.0241 1580 nvraid - ok
17:48:21.0257 1580 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:48:21.0272 1580 nvstor - ok
17:48:21.0303 1580 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:48:21.0319 1580 nv_agp - ok
17:48:21.0397 1580 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:48:21.0413 1580 odserv - ok
17:48:21.0459 1580 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:48:21.0491 1580 ohci1394 - ok
17:48:21.0537 1580 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:48:21.0553 1580 ose - ok
17:48:21.0584 1580 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:48:21.0615 1580 p2pimsvc - ok
17:48:21.0631 1580 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:48:21.0662 1580 p2psvc - ok
17:48:21.0678 1580 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:48:21.0693 1580 Parport - ok
17:48:21.0725 1580 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:48:21.0740 1580 partmgr - ok
17:48:21.0756 1580 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:48:21.0818 1580 PcaSvc - ok
17:48:21.0834 1580 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:48:21.0849 1580 pci - ok
17:48:21.0881 1580 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:48:21.0881 1580 pciide - ok
17:48:21.0912 1580 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:48:21.0927 1580 pcmcia - ok
17:48:21.0959 1580 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:48:21.0974 1580 pcw - ok
17:48:21.0990 1580 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:48:22.0052 1580 PEAUTH - ok
17:48:22.0099 1580 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:48:22.0177 1580 PeerDistSvc - ok
17:48:22.0271 1580 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:48:22.0302 1580 PerfHost - ok
17:48:22.0380 1580 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:48:22.0505 1580 pla - ok
17:48:22.0551 1580 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:48:22.0567 1580 PlugPlay - ok
17:48:22.0583 1580 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:48:22.0614 1580 PNRPAutoReg - ok
17:48:22.0645 1580 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:48:22.0661 1580 PNRPsvc - ok
17:48:22.0692 1580 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:48:22.0754 1580 PolicyAgent - ok
17:48:22.0785 1580 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:48:22.0879 1580 Power - ok
17:48:22.0926 1580 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:48:23.0004 1580 PptpMiniport - ok
17:48:23.0035 1580 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:48:23.0066 1580 Processor - ok
17:48:23.0129 1580 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:48:23.0160 1580 ProfSvc - ok
17:48:23.0191 1580 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:48:23.0207 1580 ProtectedStorage - ok
17:48:23.0253 1580 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:48:23.0331 1580 Psched - ok
17:48:23.0409 1580 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:48:23.0503 1580 ql2300 - ok
17:48:23.0519 1580 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:48:23.0534 1580 ql40xx - ok
17:48:23.0550 1580 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:48:23.0612 1580 QWAVE - ok
17:48:23.0628 1580 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:48:23.0659 1580 QWAVEdrv - ok
17:48:23.0690 1580 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:48:23.0721 1580 RasAcd - ok
17:48:23.0753 1580 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:48:23.0815 1580 RasAgileVpn - ok
17:48:23.0846 1580 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:48:23.0877 1580 RasAuto - ok
17:48:23.0909 1580 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:48:23.0971 1580 Rasl2tp - ok
17:48:24.0002 1580 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:48:24.0049 1580 RasMan - ok
17:48:24.0080 1580 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:48:24.0158 1580 RasPppoe - ok
17:48:24.0189 1580 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:48:24.0267 1580 RasSstp - ok
17:48:24.0314 1580 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:48:24.0392 1580 rdbss - ok
17:48:24.0408 1580 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:48:24.0455 1580 rdpbus - ok
17:48:24.0486 1580 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:48:24.0564 1580 RDPCDD - ok
17:48:24.0595 1580 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:48:24.0642 1580 RDPDR - ok
17:48:24.0657 1580 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:48:24.0704 1580 RDPENCDD - ok
17:48:24.0751 1580 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:48:24.0798 1580 RDPREFMP - ok
17:48:24.0829 1580 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:48:24.0860 1580 RDPWD - ok
17:48:24.0891 1580 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:48:24.0938 1580 rdyboost - ok
17:48:24.0954 1580 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:48:25.0016 1580 RemoteAccess - ok
17:48:25.0047 1580 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:48:25.0094 1580 RemoteRegistry - ok
17:48:25.0141 1580 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
17:48:25.0203 1580 rimmptsk - ok
17:48:25.0250 1580 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
17:48:25.0281 1580 rimsptsk - ok
17:48:25.0313 1580 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
17:48:25.0313 1580 rismxdp - ok
17:48:25.0344 1580 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:48:25.0406 1580 RpcEptMapper - ok
17:48:25.0422 1580 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:48:25.0453 1580 RpcLocator - ok
17:48:25.0484 1580 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:48:25.0531 1580 RpcSs - ok
17:48:25.0562 1580 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:48:25.0609 1580 rspndr - ok
17:48:25.0625 1580 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:48:25.0640 1580 s3cap - ok
17:48:25.0671 1580 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:48:25.0687 1580 SamSs - ok
17:48:25.0703 1580 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:48:25.0703 1580 sbp2port - ok
17:48:25.0749 1580 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:48:25.0812 1580 SCardSvr - ok
17:48:25.0843 1580 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:48:25.0905 1580 scfilter - ok
17:48:25.0968 1580 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:48:26.0077 1580 Schedule - ok
17:48:26.0108 1580 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:48:26.0139 1580 SCPolicySvc - ok
17:48:26.0155 1580 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:48:26.0186 1580 sdbus - ok
17:48:26.0217 1580 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:48:26.0233 1580 SDRSVC - ok
17:48:26.0264 1580 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:48:26.0373 1580 secdrv - ok
17:48:26.0467 1580 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:48:26.0529 1580 seclogon - ok
17:48:26.0545 1580 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:48:26.0607 1580 SENS - ok
17:48:26.0623 1580 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:48:26.0670 1580 SensrSvc - ok
17:48:26.0701 1580 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:48:26.0732 1580 Serenum - ok
17:48:26.0779 1580 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:48:26.0810 1580 Serial - ok
17:48:26.0841 1580 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:48:26.0857 1580 sermouse - ok
17:48:26.0904 1580 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:48:26.0982 1580 SessionEnv - ok
17:48:27.0013 1580 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:48:27.0044 1580 sffdisk - ok
17:48:27.0075 1580 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:48:27.0122 1580 sffp_mmc - ok
17:48:27.0138 1580 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:48:27.0185 1580 sffp_sd - ok
17:48:27.0216 1580 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:48:27.0278 1580 sfloppy - ok
17:48:27.0309 1580 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:48:27.0372 1580 SharedAccess - ok
17:48:27.0419 1580 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:48:27.0497 1580 ShellHWDetection - ok
17:48:27.0543 1580 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:48:27.0575 1580 SiSRaid2 - ok
17:48:27.0606 1580 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:48:27.0621 1580 SiSRaid4 - ok
17:48:27.0684 1580 [ 579BA0A911FF5EA70CB604CD3B744B0A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:48:27.0715 1580 SkypeUpdate - ok
17:48:27.0746 1580 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:48:27.0809 1580 Smb - ok
17:48:27.0840 1580 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:48:27.0887 1580 SNMPTRAP - ok
17:48:27.0918 1580 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:48:27.0933 1580 spldr - ok
17:48:27.0965 1580 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:48:27.0996 1580 Spooler - ok
17:48:28.0089 1580 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:48:28.0167 1580 sppsvc - ok
17:48:28.0214 1580 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:48:28.0277 1580 sppuinotify - ok
17:48:28.0323 1580 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:48:28.0339 1580 SQLBrowser - ok
17:48:28.0386 1580 [ D63FC56C7C3F9B576BC25F617E3F7963 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:48:28.0417 1580 SQLWriter - ok
17:48:28.0448 1580 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:48:28.0495 1580 srv - ok
17:48:28.0542 1580 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:48:28.0589 1580 srv2 - ok
17:48:28.0620 1580 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:48:28.0682 1580 srvnet - ok
17:48:28.0729 1580 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:48:28.0791 1580 SSDPSRV - ok
17:48:28.0823 1580 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:48:28.0854 1580 SstpSvc - ok
17:48:28.0869 1580 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:48:28.0885 1580 stexstor - ok
17:48:28.0932 1580 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:48:29.0010 1580 stisvc - ok
17:48:29.0041 1580 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:48:29.0041 1580 storflt - ok
17:48:29.0072 1580 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:48:29.0135 1580 StorSvc - ok
17:48:29.0150 1580 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:48:29.0166 1580 storvsc - ok
17:48:29.0197 1580 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:48:29.0213 1580 swenum - ok
17:48:29.0244 1580 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:48:29.0322 1580 swprv - ok
17:48:29.0369 1580 [ 79A93EC9D224B1F43C0E2F023D61DCA3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:48:29.0384 1580 SynTP - ok
17:48:29.0462 1580 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:48:29.0556 1580 SysMain - ok
17:48:29.0587 1580 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:48:29.0618 1580 TabletInputService - ok
17:48:29.0634 1580 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:48:29.0696 1580 TapiSrv - ok
17:48:29.0727 1580 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:48:29.0790 1580 TBS - ok
17:48:29.0883 1580 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:48:29.0977 1580 Tcpip - ok
17:48:30.0039 1580 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:48:30.0071 1580 TCPIP6 - ok
17:48:30.0102 1580 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:48:30.0180 1580 tcpipreg - ok
17:48:30.0211 1580 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:48:30.0227 1580 TDPIPE - ok
17:48:30.0242 1580 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:48:30.0289 1580 TDTCP - ok
17:48:30.0336 1580 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:48:30.0383 1580 tdx - ok
17:48:30.0414 1580 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:48:30.0414 1580 TermDD - ok
17:48:30.0445 1580 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:48:30.0507 1580 TermService - ok
17:48:30.0539 1580 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll
17:48:30.0570 1580 Themes ( UnsignedFile.Multi.Generic ) - warning
17:48:30.0570 1580 Themes - detected UnsignedFile.Multi.Generic (1)
17:48:30.0617 1580 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:48:30.0679 1580 THREADORDER - ok
17:48:30.0726 1580 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:48:30.0819 1580 TrkWks - ok
17:48:30.0882 1580 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:48:30.0975 1580 TrustedInstaller - ok
17:48:31.0007 1580 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:48:31.0038 1580 tssecsrv - ok
17:48:31.0069 1580 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:48:31.0116 1580 TsUsbFlt - ok
17:48:31.0178 1580 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:48:31.0256 1580 tunnel - ok
17:48:31.0303 1580 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:48:31.0334 1580 uagp35 - ok
17:48:31.0381 1580 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:48:31.0490 1580 udfs - ok
17:48:31.0521 1580 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:48:31.0568 1580 UI0Detect - ok
17:48:31.0584 1580 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:48:31.0631 1580 uliagpkx - ok
17:48:31.0662 1580 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:48:31.0709 1580 umbus - ok
17:48:31.0755 1580 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:48:31.0818 1580 UmPass - ok
17:48:31.0865 1580 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:48:31.0927 1580 UmRdpService - ok
17:48:31.0974 1580 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:48:32.0052 1580 upnphost - ok
17:48:32.0099 1580 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:48:32.0099 1580 USBAAPL64 - ok
17:48:32.0130 1580 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:48:32.0192 1580 usbccgp - ok
17:48:32.0255 1580 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:48:32.0286 1580 usbcir - ok
17:48:32.0301 1580 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:48:32.0333 1580 usbehci - ok
17:48:32.0379 1580 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:48:32.0442 1580 usbhub - ok
17:48:32.0457 1580 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:48:32.0489 1580 usbohci - ok
17:48:32.0535 1580 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:48:32.0582 1580 usbprint - ok
17:48:32.0629 1580 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:48:32.0645 1580 usbscan - ok
17:48:32.0660 1580 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:48:32.0707 1580 USBSTOR - ok
17:48:32.0738 1580 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:48:32.0769 1580 usbuhci - ok
17:48:32.0816 1580 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:48:32.0863 1580 usbvideo - ok
17:48:32.0879 1580 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:48:32.0957 1580 UxSms - ok
17:48:32.0988 1580 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:48:33.0003 1580 VaultSvc - ok
17:48:33.0019 1580 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:48:33.0035 1580 vdrvroot - ok
17:48:33.0066 1580 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:48:33.0128 1580 vds - ok
17:48:33.0175 1580 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:48:33.0175 1580 vga - ok
17:48:33.0206 1580 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:48:33.0284 1580 VgaSave - ok
17:48:33.0331 1580 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:48:33.0362 1580 vhdmp - ok
17:48:33.0378 1580 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:48:33.0393 1580 viaide - ok
17:48:33.0409 1580 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:48:33.0425 1580 vmbus - ok
17:48:33.0456 1580 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:48:33.0471 1580 VMBusHID - ok
17:48:33.0503 1580 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:48:33.0518 1580 volmgr - ok
17:48:33.0534 1580 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:48:33.0549 1580 volmgrx - ok
17:48:33.0581 1580 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:48:33.0596 1580 volsnap - ok
17:48:33.0627 1580 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:48:33.0643 1580 vsmraid - ok
17:48:33.0705 1580 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:48:33.0815 1580 VSS - ok
17:48:33.0846 1580 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:48:33.0893 1580 vwifibus - ok
17:48:33.0939 1580 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:48:33.0986 1580 W32Time - ok
17:48:34.0002 1580 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:48:34.0049 1580 WacomPen - ok
17:48:34.0111 1580 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:48:34.0189 1580 WANARP - ok
17:48:34.0205 1580 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:48:34.0236 1580 Wanarpv6 - ok
17:48:34.0314 1580 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:48:34.0392 1580 wbengine - ok
17:48:34.0439 1580 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:48:34.0470 1580 WbioSrvc - ok
17:48:34.0517 1580 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:48:34.0532 1580 wcncsvc - ok
17:48:34.0548 1580 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:48:34.0563 1580 WcsPlugInService - ok
17:48:34.0579 1580 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:48:34.0595 1580 Wd - ok
17:48:34.0626 1580 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:48:34.0641 1580 Wdf01000 - ok
17:48:34.0657 1580 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:48:34.0688 1580 WdiServiceHost - ok
17:48:34.0688 1580 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:48:34.0719 1580 WdiSystemHost - ok
17:48:34.0751 1580 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:48:34.0813 1580 WebClient - ok
17:48:34.0844 1580 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:48:34.0922 1580 Wecsvc - ok
17:48:34.0938 1580 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:48:35.0016 1580 wercplsupport - ok
17:48:35.0031 1580 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:48:35.0078 1580 WerSvc - ok
17:48:35.0094 1580 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:48:35.0141 1580 WfpLwf - ok
17:48:35.0156 1580 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:48:35.0156 1580 WIMMount - ok
17:48:35.0172 1580 WinDefend - ok
17:48:35.0187 1580 WinHttpAutoProxySvc - ok
17:48:35.0234 1580 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:48:35.0343 1580 Winmgmt - ok
17:48:35.0421 1580 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:48:35.0562 1580 WinRM - ok
17:48:35.0609 1580 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:48:35.0655 1580 WinUsb - ok
17:48:35.0702 1580 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:48:35.0765 1580 Wlansvc - ok
17:48:35.0796 1580 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:48:35.0843 1580 WmiAcpi - ok
17:48:35.0889 1580 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:48:35.0921 1580 wmiApSrv - ok
17:48:35.0952 1580 WMPNetworkSvc - ok
17:48:35.0983 1580 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:48:36.0014 1580 WPCSvc - ok
17:48:36.0030 1580 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:48:36.0045 1580 WPDBusEnum - ok
17:48:36.0077 1580 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:48:36.0139 1580 ws2ifsl - ok
17:48:36.0155 1580 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:48:36.0186 1580 wscsvc - ok
17:48:36.0186 1580 WSearch - ok
17:48:36.0279 1580 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:48:36.0373 1580 wuauserv - ok
17:48:36.0404 1580 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:48:36.0435 1580 WudfPf - ok
17:48:36.0467 1580 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:48:36.0545 1580 WUDFRd - ok
17:48:36.0591 1580 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:48:36.0623 1580 wudfsvc - ok
17:48:36.0732 1580 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:48:36.0794 1580 WwanSvc - ok
17:48:36.0810 1580 ================ Scan global ===============================
17:48:36.0841 1580 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:48:36.0857 1580 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:48:36.0872 1580 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:48:36.0903 1580 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:48:36.0935 1580 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:48:36.0935 1580 [Global] - ok
17:48:36.0950 1580 ================ Scan MBR ==================================
17:48:36.0966 1580 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:48:37.0387 1580 \Device\Harddisk0\DR0 - ok
17:48:37.0387 1580 ================ Scan VBR ==================================
17:48:37.0418 1580 [ AEFA43C8CFAE3143C881D54167C82811 ] \Device\Harddisk0\DR0\Partition1
17:48:37.0418 1580 \Device\Harddisk0\DR0\Partition1 - ok
17:48:37.0434 1580 [ 25FFC9D080A50515C91332B983D1D409 ] \Device\Harddisk0\DR0\Partition2
17:48:37.0434 1580 \Device\Harddisk0\DR0\Partition2 - ok
17:48:37.0434 1580 ============================================================
17:48:37.0434 1580 Scan finished
17:48:37.0434 1580 ============================================================
17:48:37.0449 4620 Detected object count: 2
17:48:37.0449 4620 Actual detected object count: 2
17:48:48.0775 4620 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:48.0775 4620 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:48:48.0775 4620 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
17:48:48.0775 4620 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
31.08.2012, 19:48
| #34 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RUNDLL Fehlermeldung beim Starten des Laptops Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.09.2012, 23:15
| #35 |
| | RUNDLL Fehlermeldung beim Starten des Laptops Combofix Logfile: Code:
ATTFilter ComboFix 12-09-01.01 - Yannick 02.09.2012 23:51:24.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4091.2836 [GMT 2:00]
ausgeführt von:: c:\users\Yannick\Desktop\ComboFix.exe
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
D:\Autorun.inf
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-02 bis 2012-09-02 ))))))))))))))))))))))))))))))
.
.
2012-09-02 21:56 . 2012-09-02 21:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-31 13:09 . 2012-08-31 13:09 -------- d-----w- C:\_OTL
2012-08-31 09:24 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BCEDD37-AE9A-4E1E-90F8-018E9ECB960F}\mpengine.dll
2012-08-30 20:59 . 2012-08-30 20:59 -------- d-----w- c:\windows\Internet Logs
2012-08-30 19:59 . 2012-08-30 19:59 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-08-30 12:21 . 2012-08-30 12:25 -------- d-----w- c:\program files (x86)\Kodak
2012-08-30 12:12 . 2012-08-30 12:26 -------- d-----w- c:\programdata\Kodak
2012-08-30 12:12 . 2010-09-02 13:31 232960 ----a-w- c:\windows\system32\Spool\prtprocs\x64\EKIJ5000PPR.dll
2012-08-30 12:11 . 2012-08-30 12:11 -------- d-----w- c:\windows\system32\kodak
2012-08-29 15:25 . 2012-08-29 15:25 -------- d-----w- c:\program files\WinRAR
2012-08-25 07:42 . 2012-08-23 09:18 405152 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-08-25 07:42 . 2012-08-25 07:42 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-08-25 07:42 . 2012-08-25 07:42 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-08-25 07:42 . 2012-08-25 07:43 -------- d-----w- c:\users\Yannick\AppData\Roaming\DVDVideoSoft
2012-08-15 08:46 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 08:46 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 08:46 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 08:46 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 08:46 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 08:46 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 08:46 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 08:46 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 08:46 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 08:46 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 08:46 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 08:45 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 22:27 . 2012-02-24 09:43 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-15 13:49 . 2012-04-17 05:10 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 13:49 . 2012-02-23 23:39 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-13 14:31 . 2012-07-13 14:32 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-07-13 14:31 . 2012-03-07 19:39 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-03 11:46 . 2012-07-13 11:30 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-22 07:35 . 2012-04-18 09:09 165232 ---ha-w- c:\users\Yannick\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2012-06-09 05:43 . 2012-07-11 15:51 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 15:51 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 15:51 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 15:51 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 15:51 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 15:51 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 15:51 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-05-03 17355912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
Real Desktop.lnk - c:\program files (x86)\Real Desktop\Real Desktop.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Refresh.lnk - c:\windows\iOS Skin Pack\Tools\Refresh.cmd [N/A]
RocketDock.lnk - c:\windows\iOS Skin Pack\RocketDock\RocketDock.exe [N/A]
UberIcon.lnk - c:\windows\iOS Skin Pack\UberIcon\UberIcon.exe [N/A]
YzShadow.lnk - c:\windows\iOS Skin Pack\YzShadow\YzShadow.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-05-03 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-30 114144]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 13:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-10-31 1657128]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2010-09-02 2045440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: Free YouTube to MP3 Converter - c:\users\Yannick\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\8ey0mg2e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-03 00:02:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-02 22:02
.
Vor Suchlauf: 16 Verzeichnis(se), 224.298.057.728 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 223.788.392.448 Bytes frei
.
- - End Of File - - 97388E5E00B7ECA52568E1E8F6A66B6A
|
|
03.09.2012, 19:55
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RUNDLL Fehlermeldung beim Starten des Laptops Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ --> RUNDLL Fehlermeldung beim Starten des Laptops |
|
03.09.2012, 20:57
| #37 |
| | RUNDLL Fehlermeldung beim Starten des Laptops also bei der Ausführung von GMER kam zweimal folgendes: "GMER hasn´t found any system modification", es wurde kein Inhalt in der Log-Datei angezeigt. hier der Inhalt von OSAM OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:55:22 on 03.09.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 15.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_33.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_271.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll "ICQ7.7" - "ICQ, LLC." - C:\Program Files (x86)\ICQ7.7\ICQ.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Yannick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) "Real Desktop.lnk" - ? - C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Real Desktop.lnk (Shortcut exists | File not found) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (Shortcut exists | File exists) "Refresh.lnk" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Refresh.lnk (Shortcut exists | File not found) "RocketDock.lnk" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk (Shortcut exists | File not found) "UberIcon.lnk" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UberIcon.lnk (Shortcut exists | File not found) "YzShadow.lnk" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk (Shortcut exists | File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "pdfcmon" - "pdfforge GbR" - C:\Windows\system32\pdfcmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@%SystemRoot%\System32\themeservice.dll,-8192" (Themes) - "Microsoft Corporation" - C:\Windows\system32\themeservice.dll "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - ? - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (File not found) "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "SQL Server (MYMOVIES)" (MSSQL$MYMOVIES) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe "SQL Server Browser" (SQLBrowser) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe "SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] so, und hier das von aswMBR Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-03 21:58:40
-----------------------------
21:58:40.894 OS Version: Windows x64 6.1.7601 Service Pack 1
21:58:40.894 Number of processors: 2 586 0x170A
21:58:40.894 ComputerName: YANNICK-PC UserName: Yannick
21:58:47.259 Initialize success
21:59:43.447 AVAST engine defs: 12090300
21:59:59.905 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:59:59.905 Disk 0 Vendor: ST9500325AS 0003DEM1 Size: 476940MB BusType: 11
21:59:59.936 Disk 0 MBR read successfully
21:59:59.936 Disk 0 MBR scan
21:59:59.952 Disk 0 Windows 7 default MBR code
21:59:59.952 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
21:59:59.983 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 80325
21:59:59.999 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 461899 MB offset 30800325
22:00:00.030 Disk 0 scanning C:\Windows\system32\drivers
22:00:14.585 Service scanning
22:00:41.464 Modules scanning
22:00:41.479 Disk 0 trace - called modules:
22:00:41.510 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:00:42.025 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c29060]
22:00:42.041 3 CLASSPNP.SYS[fffff88001b9143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80046b1680]
22:00:59.123 AVAST engine scan C:\Windows
22:01:03.335 AVAST engine scan C:\Windows\system32
22:04:48.649 AVAST engine scan C:\Windows\system32\drivers
22:05:05.482 AVAST engine scan C:\Users\Yannick
22:14:29.080 AVAST engine scan C:\ProgramData
22:15:37.708 Scan finished successfully
22:15:52.871 Disk 0 MBR has been saved successfully to "C:\Users\Yannick\Desktop\MBR.dat"
22:15:52.871 The log file has been saved successfully to "C:\Users\Yannick\Desktop\aswMBR.txt"
Geändert von Pimo (03.09.2012 um 21:17 Uhr) |
|
03.09.2012, 21:23
| #38 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RUNDLL Fehlermeldung beim Starten des Laptops Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.09.2012, 05:22
| #39 |
| | RUNDLL Fehlermeldung beim Starten des Laptops Malwarebytes Log Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.09.03.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Yannick :: YANNICK-PC [Administrator] Schutz: Aktiviert 03.09.2012 22:26:00 mbam-log-2012-09-03 (22-26-00).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 351967 Laufzeit: 1 Stunde(n), 4 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/04/2012 at 06:20 AM
Application Version : 5.5.1012
Core Rules Database Version : 9168
Trace Rules Database Version: 6980
Scan type : Complete Scan
Total Scan Time : 02:24:20
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 620
Memory threats detected : 0
Registry items scanned : 67125
Registry threats detected : 0
File items scanned : 172624
File threats detected : 246
Adware.Tracking Cookie
.mediaplex.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.eaeacom.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.moviepilot.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.bwr-media.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.bwr-media.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.bwr-media.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4wmd5ieo.stats.esomniture.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.hardsextube.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.alotporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.alotporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
alotporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.sonyeurope.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.movies-insighter.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.movies-insighter.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
s3.trafficmaxx.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.porntubevidz.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.porntubevidz.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
tracking.bruegelmann.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlyaocjgcp.stats.esomniture.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
hellporno.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.hellporno.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.hellporno.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
stats.shimanoweb.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wckociazwep.stats.esomniture.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
af.2.cqcounter.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.pornerbros.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
media-dealer.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.gfssex.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.gfssex.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.komtrack.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
tracking.fahrrad.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.teenchoiceawards.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.teenchoiceawards.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.teenchoiceawards.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.judgeporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.judgeporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.judgeporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.pornolala.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.pornolala.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.amateur-hardcore-sex-blog.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.maxis.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.pornerbros.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.pornerbros.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.pornerbros.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.pornerbros.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.hdporn.in [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.hdporn.in [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.pornmd.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.pornmd.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.teencategories.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.teencategories.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
maxadulttube.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
h2porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.h2porn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.mediacom.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.mediacom.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.warnerbrosads.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.warnerbros.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.premiumtv.122.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.daimlerag.122.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.stepstone.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.bike-discount.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.bike-discount.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.bike-discount.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.shop.mediamarkt.ch [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.shop.mediamarkt.ch [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.comstats.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.youporn.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.youporn.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.krollontrack.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.krollontrack.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.krollontrack.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.pornmaxim.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.pornmaxim.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.pornmaxim.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.moviepilot.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.tracking.3gnet.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.www.traffictrack.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.kaspersky.122.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.comstats.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.comstats.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.comstats.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.mediamarkt.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.mediamarkt.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
data.mediamarkt.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
data.mediamarkt.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
data.mediamarkt.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\YANNICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8EY0MG2E.DEFAULT\COOKIES.SQLITE ]
|
|
04.09.2012, 14:54
| #40 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RUNDLL Fehlermeldung beim Starten des Laptops Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2012, 17:08
| #41 |
| | RUNDLL Fehlermeldung beim Starten des Laptops Bisher läuft mein Laptop sehr gut, habe sogar das Gefühl, dass alles etwas schneller läuft: Neustart, Browser etc. *thumbsup* Wie sieht das mit den ganzen Programmen aus, kann ich diese "normal" deinstallieren oder sollte ich die erstmal drauflassen? z.B.: SUPERAntispyware, eset, adwcleaner, tdsskiller, combofix, otl und Malwarebytes. Gut was zusammen gekommen  Kannst du mir sonst noch Programme empfehlen? z.B. einen guten Allgemeinschutz für den Rechner, gerne auch kostenpflichtig? Ich wollte mich für deine Hilfe hier sehr bedanken, ihr leistet tolle Arbeit!! eine kleine Aufmerksamkeit gab es per Spende!! Gruß |
|
06.09.2012, 20:19
| #42 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RUNDLL Fehlermeldung beim Starten des Laptops Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.09.2012, 20:27
| #43 |
| | RUNDLL Fehlermeldung beim Starten des Laptops Hey, ich nochmal ^^ Wollte vorhin was ausdrucken und bevor der Drucker überhaupt reagierte kam eine ähnliche Meldung, wie im folgenden Link zu sehen: hxxp://i67.servimg.com/u/f67/14/87/02/18/0181_p10.jpg Mein Lappi wurde relativ fix neugestartet, so dass ich mich lediglich an die ersten 2-3 Sätze erinnern kann. EDIT: Der Link wird nicht korrekt angezeigt, statt hxxp logischerweise http |
|
10.09.2012, 16:02
| #44 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | RUNDLL Fehlermeldung beim Starten des Laptops Bekommst du jetzt bei jedem Drucken einen Bluescreen?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.09.2012, 21:12
| #45 |
| | RUNDLL Fehlermeldung beim Starten des Laptops Nein, das war bisher das erste Mal bei einem Druckauftrag. |
|
| Themen zu RUNDLL Fehlermeldung beim Starten des Laptops |
| anti-malware, beachten, beim starten, ctfmon.lnk, dinge, dll, eingefangen, fehlermeldung, fehlermeldung beim starten, forum, gefangen, gen, hallo zusammen, heuristiks/extra, heuristiks/shuriken, infizierte, laptop, laptops, lösung, malwarebytes, problem, pup.bundleinstaller.bi, rundll, scan, schnell, start, starte, starten, suche, zusammen |
Linear-Darstellung
