| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Search.searchcompletion.com übernimmt Google SuchmaschineWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.08.2012, 12:48
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Search.searchcompletion.com übernimmt Google Suchmaschine Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.08.2012, 11:03
| #17 |
 | Search.searchcompletion.com übernimmt Google Suchmaschine Ok, hier das Log:
__________________Code:
ATTFilter 11:55:09.0077 5880 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:55:09.0186 5880 ============================================================
11:55:09.0186 5880 Current date / time: 2012/08/05 11:55:09.0186
11:55:09.0186 5880 SystemInfo:
11:55:09.0186 5880
11:55:09.0186 5880 OS Version: 6.0.6002 ServicePack: 2.0
11:55:09.0186 5880 Product type: Workstation
11:55:09.0186 5880 ComputerName: CLEMENS-PC
11:55:09.0186 5880 UserName: Clemens
11:55:09.0186 5880 Windows directory: C:\Windows
11:55:09.0186 5880 System windows directory: C:\Windows
11:55:09.0186 5880 Processor architecture: Intel x86
11:55:09.0186 5880 Number of processors: 2
11:55:09.0186 5880 Page size: 0x1000
11:55:09.0186 5880 Boot type: Normal boot
11:55:09.0186 5880 ============================================================
11:55:09.0654 5880 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:55:09.0654 5880 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:55:09.0654 5880 ============================================================
11:55:09.0654 5880 \Device\Harddisk0\DR0:
11:55:09.0654 5880 MBR partitions:
11:55:09.0654 5880 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x1202E000
11:55:09.0654 5880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1342E800, BlocksNum 0x11FFF800
11:55:09.0654 5880 \Device\Harddisk1\DR1:
11:55:09.0654 5880 MBR partitions:
11:55:09.0654 5880 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x74705981
11:55:09.0654 5880 ============================================================
11:55:09.0685 5880 C: <-> \Device\Harddisk0\DR0\Partition0
11:55:09.0732 5880 D: <-> \Device\Harddisk0\DR0\Partition1
11:55:09.0732 5880 G: <-> \Device\Harddisk1\DR1\Partition0
11:55:09.0732 5880 ============================================================
11:55:09.0732 5880 Initialize success
11:55:09.0732 5880 ============================================================
11:56:09.0323 4384 ============================================================
11:56:09.0323 4384 Scan started
11:56:09.0323 4384 Mode: Manual; SigCheck; TDLFS;
11:56:09.0323 4384 ============================================================
11:56:09.0791 4384 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
11:56:09.0962 4384 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
11:56:10.0149 4384 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:56:10.0181 4384 ACPI - ok
11:56:10.0290 4384 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:56:10.0305 4384 AdobeFlashPlayerUpdateSvc - ok
11:56:10.0383 4384 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:56:10.0415 4384 adp94xx - ok
11:56:10.0446 4384 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:56:10.0477 4384 adpahci - ok
11:56:10.0508 4384 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:56:10.0524 4384 adpu160m - ok
11:56:10.0539 4384 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:56:10.0571 4384 adpu320 - ok
11:56:10.0586 4384 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:56:10.0711 4384 AeLookupSvc - ok
11:56:10.0789 4384 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:56:10.0883 4384 AFD - ok
11:56:11.0007 4384 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
11:56:11.0117 4384 AgereSoftModem - ok
11:56:11.0163 4384 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:56:11.0195 4384 agp440 - ok
11:56:11.0210 4384 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:56:11.0241 4384 aic78xx - ok
11:56:11.0273 4384 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:56:11.0444 4384 ALG - ok
11:56:11.0444 4384 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:56:11.0475 4384 aliide - ok
11:56:11.0507 4384 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:56:11.0522 4384 amdagp - ok
11:56:11.0538 4384 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:56:11.0553 4384 amdide - ok
11:56:11.0569 4384 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:56:11.0631 4384 AmdK7 - ok
11:56:11.0647 4384 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:56:11.0725 4384 AmdK8 - ok
11:56:11.0834 4384 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:56:11.0850 4384 AntiVirSchedulerService - ok
11:56:11.0881 4384 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:56:11.0897 4384 AntiVirService - ok
11:56:11.0943 4384 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:56:12.0006 4384 Appinfo - ok
11:56:12.0099 4384 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:56:12.0115 4384 Apple Mobile Device - ok
11:56:12.0146 4384 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:56:12.0177 4384 arc - ok
11:56:12.0209 4384 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:56:12.0224 4384 arcsas - ok
11:56:12.0240 4384 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:56:12.0333 4384 AsyncMac - ok
11:56:12.0349 4384 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
11:56:12.0380 4384 atapi - ok
11:56:12.0505 4384 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
11:56:12.0614 4384 athr - ok
11:56:12.0677 4384 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
11:56:12.0708 4384 atksgt - ok
11:56:12.0786 4384 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:56:12.0833 4384 AudioEndpointBuilder - ok
11:56:12.0848 4384 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:56:12.0879 4384 Audiosrv - ok
11:56:12.0926 4384 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
11:56:12.0942 4384 avgntflt - ok
11:56:12.0989 4384 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
11:56:13.0004 4384 avipbb - ok
11:56:13.0035 4384 avkmgr (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS\avkmgr.sys
11:56:13.0051 4384 avkmgr - ok
11:56:13.0098 4384 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
11:56:13.0316 4384 bcm4sbxp - ok
11:56:13.0410 4384 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:56:13.0441 4384 BcmSqlStartupSvc - ok
11:56:13.0457 4384 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:56:13.0519 4384 Beep - ok
11:56:13.0597 4384 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:56:13.0675 4384 BFE - ok
11:56:13.0784 4384 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:56:13.0925 4384 BITS - ok
11:56:13.0956 4384 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:56:14.0049 4384 blbdrive - ok
11:56:14.0143 4384 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:56:14.0205 4384 Bonjour Service - ok
11:56:14.0237 4384 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:56:14.0315 4384 bowser - ok
11:56:14.0361 4384 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:56:14.0424 4384 BrFiltLo - ok
11:56:14.0455 4384 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:56:14.0517 4384 BrFiltUp - ok
11:56:14.0549 4384 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:56:14.0658 4384 Browser - ok
11:56:14.0689 4384 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:56:14.0814 4384 Brserid - ok
11:56:14.0861 4384 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:56:14.0954 4384 BrSerWdm - ok
11:56:14.0970 4384 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:56:15.0063 4384 BrUsbMdm - ok
11:56:15.0063 4384 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:56:15.0157 4384 BrUsbSer - ok
11:56:15.0188 4384 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys
11:56:15.0251 4384 BthEnum - ok
11:56:15.0282 4384 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:56:15.0375 4384 BTHMODEM - ok
11:56:15.0407 4384 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
11:56:15.0469 4384 BthPan - ok
11:56:15.0516 4384 BTHPORT (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys
11:56:15.0547 4384 BTHPORT - ok
11:56:15.0578 4384 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
11:56:15.0656 4384 BthServ - ok
11:56:15.0687 4384 BTHUSB (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys
11:56:15.0765 4384 BTHUSB - ok
11:56:15.0843 4384 btwaudio (3ea1a20dc0ca1ad23e7aa8c37a91bcd1) C:\Windows\system32\drivers\btwaudio.sys
11:56:15.0859 4384 btwaudio - ok
11:56:15.0890 4384 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
11:56:15.0921 4384 btwavdt - ok
11:56:15.0953 4384 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
11:56:15.0984 4384 btwrchid - ok
11:56:16.0031 4384 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:56:16.0109 4384 cdfs - ok
11:56:16.0155 4384 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:56:16.0233 4384 cdrom - ok
11:56:16.0280 4384 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:56:16.0343 4384 CertPropSvc - ok
11:56:16.0374 4384 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:56:16.0452 4384 circlass - ok
11:56:16.0499 4384 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:56:16.0545 4384 CLFS - ok
11:56:16.0623 4384 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:56:16.0655 4384 clr_optimization_v2.0.50727_32 - ok
11:56:16.0748 4384 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:56:16.0795 4384 clr_optimization_v4.0.30319_32 - ok
11:56:16.0826 4384 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:56:16.0904 4384 CmBatt - ok
11:56:16.0935 4384 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:56:16.0967 4384 cmdide - ok
11:56:16.0998 4384 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:56:16.0998 4384 Compbatt - ok
11:56:17.0013 4384 COMSysApp - ok
11:56:17.0076 4384 cpuz132 - ok
11:56:17.0076 4384 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:56:17.0107 4384 crcdisk - ok
11:56:17.0107 4384 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:56:17.0138 4384 Crusoe - ok
11:56:17.0185 4384 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
11:56:17.0247 4384 CryptSvc - ok
11:56:17.0325 4384 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:56:17.0450 4384 DcomLaunch - ok
11:56:17.0497 4384 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:56:17.0559 4384 DfsC - ok
11:56:17.0731 4384 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:56:17.0856 4384 DFSR - ok
11:56:17.0996 4384 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:56:18.0027 4384 Dhcp - ok
11:56:18.0090 4384 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:56:18.0121 4384 disk - ok
11:56:18.0152 4384 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:56:18.0215 4384 Dnscache - ok
11:56:18.0246 4384 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:56:18.0293 4384 dot3svc - ok
11:56:18.0339 4384 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:56:18.0386 4384 DPS - ok
11:56:18.0417 4384 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:56:18.0464 4384 drmkaud - ok
11:56:18.0527 4384 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:56:18.0573 4384 DXGKrnl - ok
11:56:18.0589 4384 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:56:18.0651 4384 E1G60 - ok
11:56:18.0683 4384 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:56:18.0729 4384 EapHost - ok
11:56:18.0776 4384 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:56:18.0807 4384 Ecache - ok
11:56:18.0885 4384 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
11:56:18.0948 4384 ehRecvr - ok
11:56:18.0979 4384 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
11:56:19.0057 4384 ehSched - ok
11:56:19.0057 4384 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
11:56:19.0119 4384 ehstart - ok
11:56:19.0197 4384 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:56:19.0244 4384 elxstor - ok
11:56:19.0322 4384 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:56:19.0416 4384 EMDMgmt - ok
11:56:19.0447 4384 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:56:19.0494 4384 ErrDev - ok
11:56:19.0541 4384 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:56:19.0603 4384 EventSystem - ok
11:56:19.0759 4384 EvtEng (2d41d7250f73272946de04ff7a19761e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:56:19.0853 4384 EvtEng ( UnsignedFile.Multi.Generic ) - warning
11:56:19.0853 4384 EvtEng - detected UnsignedFile.Multi.Generic (1)
11:56:19.0915 4384 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:56:20.0009 4384 exfat - ok
11:56:20.0118 4384 Fabs - ok
11:56:20.0165 4384 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:56:20.0211 4384 fastfat - ok
11:56:20.0243 4384 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:56:20.0305 4384 fdc - ok
11:56:20.0352 4384 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:56:20.0399 4384 fdPHost - ok
11:56:20.0399 4384 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:56:20.0508 4384 FDResPub - ok
11:56:20.0523 4384 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:56:20.0555 4384 FileInfo - ok
11:56:20.0555 4384 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:56:20.0617 4384 Filetrace - ok
11:56:20.0867 4384 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:56:21.0194 4384 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
11:56:21.0194 4384 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
11:56:21.0335 4384 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:56:21.0397 4384 flpydisk - ok
11:56:21.0459 4384 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:56:21.0522 4384 FltMgr - ok
11:56:21.0631 4384 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
11:56:21.0756 4384 FontCache - ok
11:56:21.0818 4384 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:56:21.0849 4384 FontCache3.0.0.0 - ok
11:56:21.0865 4384 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
11:56:21.0943 4384 Fs_Rec - ok
11:56:21.0974 4384 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:56:22.0021 4384 gagp30kx - ok
11:56:22.0052 4384 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:56:22.0083 4384 GEARAspiWDM - ok
11:56:22.0161 4384 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:56:22.0255 4384 gpsvc - ok
11:56:22.0395 4384 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:56:22.0427 4384 gupdate - ok
11:56:22.0442 4384 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:56:22.0473 4384 gupdatem - ok
11:56:22.0520 4384 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:56:22.0598 4384 HdAudAddService - ok
11:56:22.0661 4384 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:56:22.0739 4384 HDAudBus - ok
11:56:22.0754 4384 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:56:22.0801 4384 HidBth - ok
11:56:22.0817 4384 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:56:22.0895 4384 HidIr - ok
11:56:22.0926 4384 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
11:56:22.0957 4384 hidserv - ok
11:56:22.0973 4384 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:56:23.0019 4384 HidUsb - ok
11:56:23.0051 4384 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:56:23.0082 4384 hkmsvc - ok
11:56:23.0097 4384 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:56:23.0129 4384 HpCISSs - ok
11:56:23.0175 4384 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:56:23.0269 4384 HTTP - ok
11:56:23.0300 4384 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:56:23.0316 4384 i2omp - ok
11:56:23.0347 4384 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:56:23.0394 4384 i8042prt - ok
11:56:23.0503 4384 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:56:23.0706 4384 ialm - ok
11:56:23.0862 4384 iaStor (abfebc5f846c71afebd7f8f6ba740c03) C:\Windows\system32\DRIVERS\iaStor.sys
11:56:23.0877 4384 iaStor - ok
11:56:23.0924 4384 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:56:23.0955 4384 iaStorV - ok
11:56:24.0080 4384 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:56:24.0111 4384 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:56:24.0111 4384 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:56:24.0236 4384 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:56:24.0314 4384 idsvc - ok
11:56:24.0361 4384 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:56:24.0392 4384 iirsp - ok
11:56:24.0455 4384 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:56:24.0533 4384 IKEEXT - ok
11:56:24.0751 4384 IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
11:56:24.0938 4384 IntcAzAudAddService - ok
11:56:25.0079 4384 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:56:25.0125 4384 intelide - ok
11:56:25.0157 4384 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:56:25.0235 4384 intelppm - ok
11:56:25.0281 4384 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:56:25.0359 4384 IPBusEnum - ok
11:56:25.0375 4384 Scan interrupted by user!
11:56:25.0375 4384 Scan interrupted by user!
11:56:25.0375 4384 Scan interrupted by user!
11:56:25.0375 4384 ============================================================
11:56:25.0375 4384 Scan finished
11:56:25.0375 4384 ============================================================
11:56:25.0406 4968 Detected object count: 3
11:56:25.0406 4968 Actual detected object count: 3
11:56:31.0832 4968 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
11:56:31.0832 4968 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:56:31.0832 4968 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
11:56:31.0832 4968 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:56:31.0832 4968 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:56:31.0832 4968 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:57:11.0487 2952 ============================================================
11:57:11.0487 2952 Scan started
11:57:11.0487 2952 Mode: Manual; SigCheck; TDLFS;
11:57:11.0487 2952 ============================================================
11:57:11.0893 2952 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
11:57:11.0971 2952 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
11:57:12.0049 2952 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:57:12.0096 2952 ACPI - ok
11:57:12.0205 2952 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:57:12.0236 2952 AdobeFlashPlayerUpdateSvc - ok
11:57:12.0299 2952 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:57:12.0345 2952 adp94xx - ok
11:57:12.0377 2952 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:57:12.0423 2952 adpahci - ok
11:57:12.0455 2952 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:57:12.0486 2952 adpu160m - ok
11:57:12.0517 2952 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:57:12.0548 2952 adpu320 - ok
11:57:12.0579 2952 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:57:12.0595 2952 AeLookupSvc - ok
11:57:12.0657 2952 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:57:12.0673 2952 AFD - ok
11:57:12.0782 2952 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
11:57:12.0845 2952 AgereSoftModem - ok
11:57:12.0860 2952 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:57:12.0876 2952 agp440 - ok
11:57:12.0876 2952 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:57:12.0891 2952 aic78xx - ok
11:57:12.0907 2952 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:57:12.0938 2952 ALG - ok
11:57:12.0954 2952 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:57:12.0969 2952 aliide - ok
11:57:12.0969 2952 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:57:12.0985 2952 amdagp - ok
11:57:13.0001 2952 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:57:13.0016 2952 amdide - ok
11:57:13.0032 2952 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:57:13.0047 2952 AmdK7 - ok
11:57:13.0063 2952 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:57:13.0094 2952 AmdK8 - ok
11:57:13.0188 2952 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:57:13.0203 2952 AntiVirSchedulerService - ok
11:57:13.0219 2952 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:57:13.0235 2952 AntiVirService - ok
11:57:13.0266 2952 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:57:13.0281 2952 Appinfo - ok
11:57:13.0359 2952 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:57:13.0359 2952 Apple Mobile Device - ok
11:57:13.0406 2952 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:57:13.0422 2952 arc - ok
11:57:13.0437 2952 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:57:13.0453 2952 arcsas - ok
11:57:13.0469 2952 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:57:13.0500 2952 AsyncMac - ok
11:57:13.0515 2952 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
11:57:13.0531 2952 atapi - ok
11:57:13.0609 2952 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
11:57:13.0671 2952 athr - ok
11:57:13.0718 2952 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
11:57:13.0734 2952 atksgt - ok
11:57:13.0781 2952 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:57:13.0812 2952 AudioEndpointBuilder - ok
11:57:13.0827 2952 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:57:13.0859 2952 Audiosrv - ok
11:57:13.0905 2952 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
11:57:13.0921 2952 avgntflt - ok
11:57:13.0952 2952 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
11:57:13.0983 2952 avipbb - ok
11:57:13.0999 2952 avkmgr (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS\avkmgr.sys
11:57:14.0015 2952 avkmgr - ok
11:57:14.0046 2952 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
11:57:14.0108 2952 bcm4sbxp - ok
11:57:14.0186 2952 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:57:14.0217 2952 BcmSqlStartupSvc - ok
11:57:14.0233 2952 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:57:14.0264 2952 Beep - ok
11:57:14.0327 2952 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:57:14.0358 2952 BFE - ok
11:57:14.0451 2952 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:57:14.0498 2952 BITS - ok
11:57:14.0529 2952 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:57:14.0561 2952 blbdrive - ok
11:57:14.0639 2952 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:57:14.0654 2952 Bonjour Service - ok
11:57:14.0701 2952 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:57:14.0717 2952 bowser - ok
11:57:14.0732 2952 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:57:14.0763 2952 BrFiltLo - ok
11:57:14.0779 2952 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:57:14.0810 2952 BrFiltUp - ok
11:57:14.0841 2952 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:57:14.0873 2952 Browser - ok
11:57:14.0904 2952 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:57:14.0966 2952 Brserid - ok
11:57:14.0982 2952 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:57:15.0029 2952 BrSerWdm - ok
11:57:15.0029 2952 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:57:15.0075 2952 BrUsbMdm - ok
11:57:15.0075 2952 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:57:15.0122 2952 BrUsbSer - ok
11:57:15.0153 2952 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys
11:57:15.0169 2952 BthEnum - ok
11:57:15.0185 2952 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:57:15.0231 2952 BTHMODEM - ok
11:57:15.0247 2952 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
11:57:15.0278 2952 BthPan - ok
11:57:15.0325 2952 BTHPORT (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys
11:57:15.0341 2952 BTHPORT - ok
11:57:15.0372 2952 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
11:57:15.0387 2952 BthServ - ok
11:57:15.0403 2952 BTHUSB (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys
11:57:15.0419 2952 BTHUSB - ok
11:57:15.0465 2952 btwaudio (3ea1a20dc0ca1ad23e7aa8c37a91bcd1) C:\Windows\system32\drivers\btwaudio.sys
11:57:15.0481 2952 btwaudio - ok
11:57:15.0497 2952 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
11:57:15.0497 2952 btwavdt - ok
11:57:15.0512 2952 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
11:57:15.0528 2952 btwrchid - ok
11:57:15.0559 2952 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:57:15.0590 2952 cdfs - ok
11:57:15.0606 2952 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:57:15.0637 2952 cdrom - ok
11:57:15.0668 2952 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:57:15.0699 2952 CertPropSvc - ok
11:57:15.0715 2952 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:57:15.0746 2952 circlass - ok
11:57:15.0793 2952 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:57:15.0809 2952 CLFS - ok
11:57:15.0887 2952 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:57:15.0902 2952 clr_optimization_v2.0.50727_32 - ok
11:57:15.0965 2952 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:57:15.0980 2952 clr_optimization_v4.0.30319_32 - ok
11:57:16.0011 2952 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:57:16.0043 2952 CmBatt - ok
11:57:16.0074 2952 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:57:16.0089 2952 cmdide - ok
11:57:16.0105 2952 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:57:16.0121 2952 Compbatt - ok
11:57:16.0121 2952 COMSysApp - ok
11:57:16.0167 2952 cpuz132 - ok
11:57:16.0183 2952 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:57:16.0199 2952 crcdisk - ok
11:57:16.0214 2952 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:57:16.0261 2952 Crusoe - ok
11:57:16.0308 2952 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
11:57:16.0323 2952 CryptSvc - ok
11:57:16.0401 2952 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:57:16.0433 2952 DcomLaunch - ok
11:57:16.0479 2952 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:57:16.0511 2952 DfsC - ok
11:57:16.0698 2952 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:57:16.0869 2952 DFSR - ok
11:57:17.0010 2952 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:57:17.0057 2952 Dhcp - ok
11:57:17.0103 2952 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:57:17.0135 2952 disk - ok
11:57:17.0197 2952 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:57:17.0244 2952 Dnscache - ok
11:57:17.0275 2952 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:57:17.0322 2952 dot3svc - ok
11:57:17.0369 2952 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:57:17.0384 2952 DPS - ok
11:57:17.0415 2952 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:57:17.0431 2952 drmkaud - ok
11:57:17.0493 2952 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:57:17.0509 2952 DXGKrnl - ok
11:57:17.0540 2952 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:57:17.0571 2952 E1G60 - ok
11:57:17.0587 2952 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:57:17.0603 2952 EapHost - ok
11:57:17.0618 2952 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:57:17.0649 2952 Ecache - ok
11:57:17.0712 2952 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
11:57:17.0727 2952 ehRecvr - ok
11:57:17.0743 2952 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
11:57:17.0759 2952 ehSched - ok
11:57:17.0790 2952 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
11:57:17.0790 2952 ehstart - ok
11:57:17.0821 2952 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:57:17.0837 2952 elxstor - ok
11:57:17.0899 2952 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:57:17.0946 2952 EMDMgmt - ok
11:57:17.0993 2952 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:57:18.0008 2952 ErrDev - ok
11:57:18.0071 2952 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:57:18.0086 2952 EventSystem - ok
11:57:18.0211 2952 EvtEng (2d41d7250f73272946de04ff7a19761e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:57:18.0242 2952 EvtEng ( UnsignedFile.Multi.Generic ) - warning
11:57:18.0242 2952 EvtEng - detected UnsignedFile.Multi.Generic (1)
11:57:18.0289 2952 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:57:18.0305 2952 exfat - ok
11:57:18.0383 2952 Fabs - ok
11:57:18.0414 2952 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:57:18.0445 2952 fastfat - ok
11:57:18.0461 2952 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:57:18.0507 2952 fdc - ok
11:57:18.0539 2952 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:57:18.0570 2952 fdPHost - ok
11:57:18.0585 2952 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:57:18.0663 2952 FDResPub - ok
11:57:18.0679 2952 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:57:18.0695 2952 FileInfo - ok
11:57:18.0695 2952 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:57:18.0726 2952 Filetrace - ok
11:57:18.0897 2952 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:57:19.0007 2952 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
11:57:19.0007 2952 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
11:57:19.0116 2952 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:57:19.0147 2952 flpydisk - ok
11:57:19.0194 2952 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:57:19.0209 2952 FltMgr - ok
11:57:19.0303 2952 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
11:57:19.0334 2952 FontCache - ok
11:57:19.0397 2952 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:57:19.0412 2952 FontCache3.0.0.0 - ok
11:57:19.0428 2952 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
11:57:19.0459 2952 Fs_Rec - ok
11:57:19.0475 2952 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:57:19.0506 2952 gagp30kx - ok
11:57:19.0537 2952 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:57:19.0553 2952 GEARAspiWDM - ok
11:57:19.0615 2952 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:57:19.0662 2952 gpsvc - ok
11:57:19.0755 2952 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:57:19.0771 2952 gupdate - ok
11:57:19.0771 2952 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:57:19.0802 2952 gupdatem - ok
11:57:19.0833 2952 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:57:19.0896 2952 HdAudAddService - ok
11:57:19.0958 2952 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:57:20.0021 2952 HDAudBus - ok
11:57:20.0052 2952 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:57:20.0099 2952 HidBth - ok
11:57:20.0114 2952 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:57:20.0161 2952 HidIr - ok
11:57:20.0192 2952 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
11:57:20.0192 2952 hidserv - ok
11:57:20.0223 2952 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:57:20.0255 2952 HidUsb - ok
11:57:20.0286 2952 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:57:20.0301 2952 hkmsvc - ok
11:57:20.0317 2952 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:57:20.0333 2952 HpCISSs - ok
11:57:20.0379 2952 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:57:20.0411 2952 HTTP - ok
11:57:20.0426 2952 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:57:20.0442 2952 i2omp - ok
11:57:20.0473 2952 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:57:20.0504 2952 i8042prt - ok
11:57:20.0613 2952 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:57:20.0723 2952 ialm - ok
11:57:20.0879 2952 iaStor (abfebc5f846c71afebd7f8f6ba740c03) C:\Windows\system32\DRIVERS\iaStor.sys
11:57:20.0910 2952 iaStor - ok
11:57:20.0941 2952 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:57:20.0972 2952 iaStorV - ok
11:57:21.0081 2952 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:57:21.0097 2952 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:57:21.0097 2952 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:57:21.0222 2952 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:57:21.0315 2952 idsvc - ok
11:57:21.0331 2952 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:57:21.0362 2952 iirsp - ok
11:57:21.0440 2952 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:57:21.0503 2952 IKEEXT - ok
11:57:21.0705 2952 IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
11:57:21.0846 2952 IntcAzAudAddService - ok
11:57:21.0986 2952 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:57:22.0017 2952 intelide - ok
11:57:22.0033 2952 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:57:22.0095 2952 intelppm - ok
11:57:22.0127 2952 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:57:22.0173 2952 IPBusEnum - ok
11:57:22.0189 2952 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:57:22.0236 2952 IpFilterDriver - ok
11:57:22.0283 2952 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
11:57:22.0314 2952 iphlpsvc - ok
11:57:22.0314 2952 IpInIp - ok
11:57:22.0329 2952 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
11:57:22.0376 2952 IPMIDRV - ok
11:57:22.0392 2952 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:57:22.0439 2952 IPNAT - ok
11:57:22.0548 2952 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
11:57:22.0579 2952 iPod Service - ok
11:57:22.0610 2952 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:57:22.0657 2952 IRENUM - ok
11:57:22.0688 2952 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
11:57:22.0704 2952 isapnp - ok
11:57:22.0735 2952 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:57:22.0766 2952 iScsiPrt - ok
11:57:22.0782 2952 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:57:22.0797 2952 iteatapi - ok
11:57:22.0813 2952 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:57:22.0829 2952 iteraid - ok
11:57:22.0844 2952 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:57:22.0860 2952 kbdclass - ok
11:57:22.0875 2952 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:57:22.0922 2952 kbdhid - ok
11:57:22.0953 2952 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:57:23.0016 2952 KeyIso - ok
11:57:23.0047 2952 KMDFMEMIO (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys
11:57:23.0094 2952 KMDFMEMIO - ok
11:57:23.0141 2952 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
11:57:23.0187 2952 KSecDD - ok
11:57:23.0234 2952 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:57:23.0328 2952 KtmRm - ok
11:57:23.0359 2952 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
11:57:23.0421 2952 LanmanServer - ok
11:57:23.0468 2952 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
11:57:23.0499 2952 LanmanWorkstation - ok
11:57:23.0609 2952 LightScribeService (c215e09622118383b236dd56c2065183) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:57:23.0655 2952 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:57:23.0655 2952 LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:57:23.0687 2952 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
11:57:23.0718 2952 lirsgt - ok
11:57:23.0749 2952 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:57:23.0811 2952 lltdio - ok
11:57:23.0843 2952 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:57:23.0889 2952 lltdsvc - ok
11:57:23.0905 2952 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:57:23.0983 2952 lmhosts - ok
11:57:24.0014 2952 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
11:57:24.0030 2952 LSI_FC - ok
11:57:24.0045 2952 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
11:57:24.0061 2952 LSI_SAS - ok
11:57:24.0077 2952 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
11:57:24.0092 2952 LSI_SCSI - ok
11:57:24.0108 2952 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:57:24.0155 2952 luafv - ok
11:57:24.0170 2952 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
11:57:24.0186 2952 MBAMProtector - ok
11:57:24.0264 2952 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:57:24.0295 2952 MBAMService - ok
11:57:24.0311 2952 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
11:57:24.0326 2952 Mcx2Svc - ok
11:57:24.0404 2952 mdf16 - ok
11:57:24.0435 2952 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
11:57:24.0451 2952 megasas - ok
11:57:24.0498 2952 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
11:57:24.0513 2952 MegaSR - ok
11:57:24.0623 2952 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
11:57:24.0638 2952 Microsoft Office Groove Audit Service - ok
11:57:24.0669 2952 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:57:24.0716 2952 MMCSS - ok
11:57:24.0732 2952 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:57:24.0794 2952 Modem - ok
11:57:24.0825 2952 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:57:24.0872 2952 monitor - ok
11:57:24.0888 2952 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:57:24.0919 2952 mouclass - ok
11:57:24.0935 2952 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:57:24.0997 2952 mouhid - ok
11:57:25.0013 2952 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:57:25.0028 2952 MountMgr - ok
11:57:25.0091 2952 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:57:25.0106 2952 MozillaMaintenance - ok
11:57:25.0137 2952 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
11:57:25.0169 2952 mpio - ok
11:57:25.0184 2952 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:57:25.0231 2952 mpsdrv - ok
11:57:25.0278 2952 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
11:57:25.0356 2952 MpsSvc - ok
11:57:25.0371 2952 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:57:25.0403 2952 Mraid35x - ok
11:57:25.0449 2952 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:57:25.0512 2952 MRxDAV - ok
11:57:25.0543 2952 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:57:25.0574 2952 mrxsmb - ok
11:57:25.0621 2952 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:57:25.0668 2952 mrxsmb10 - ok
11:57:25.0683 2952 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:57:25.0715 2952 mrxsmb20 - ok
11:57:25.0746 2952 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
11:57:25.0761 2952 msahci - ok
11:57:25.0793 2952 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
11:57:25.0808 2952 msdsm - ok
11:57:25.0839 2952 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:57:25.0902 2952 MSDTC - ok
11:57:25.0933 2952 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:57:25.0980 2952 Msfs - ok
11:57:26.0011 2952 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:57:26.0042 2952 msisadrv - ok
11:57:26.0073 2952 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:57:26.0136 2952 MSiSCSI - ok
11:57:26.0136 2952 msiserver - ok
11:57:26.0167 2952 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:57:26.0198 2952 MSKSSRV - ok
11:57:26.0214 2952 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:57:26.0276 2952 MSPCLOCK - ok
11:57:26.0276 2952 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:57:26.0323 2952 MSPQM - ok
11:57:26.0370 2952 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:57:26.0401 2952 MsRPC - ok
11:57:26.0432 2952 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:57:26.0448 2952 mssmbios - ok
11:57:26.0557 2952 MSSQL$MSSMLBIZ - ok
11:57:26.0619 2952 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:57:26.0619 2952 MSSQLServerADHelper - ok
11:57:26.0635 2952 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:57:26.0682 2952 MSTEE - ok
11:57:26.0713 2952 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:57:26.0729 2952 Mup - ok
11:57:26.0775 2952 mvd23 - ok
11:57:26.0822 2952 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
11:57:26.0853 2952 napagent - ok
11:57:26.0916 2952 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:57:26.0963 2952 NativeWifiP - ok
11:57:27.0025 2952 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:57:27.0056 2952 NDIS - ok
11:57:27.0087 2952 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:57:27.0134 2952 NdisTapi - ok
11:57:27.0150 2952 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:57:27.0181 2952 Ndisuio - ok
11:57:27.0228 2952 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:57:27.0290 2952 NdisWan - ok
11:57:27.0321 2952 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:57:27.0368 2952 NDProxy - ok
11:57:27.0384 2952 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:57:27.0415 2952 NetBIOS - ok
11:57:27.0462 2952 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:57:27.0477 2952 netbt - ok
11:57:27.0493 2952 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:57:27.0509 2952 Netlogon - ok
11:57:27.0540 2952 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:57:27.0587 2952 Netman - ok
11:57:27.0618 2952 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:57:27.0649 2952 netprofm - ok
11:57:27.0727 2952 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:57:27.0727 2952 NetTcpPortSharing - ok
11:57:27.0914 2952 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
11:57:28.0008 2952 NETw3v32 - ok
11:57:28.0117 2952 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:57:28.0133 2952 nfrd960 - ok
11:57:28.0179 2952 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:57:28.0242 2952 NlaSvc - ok
11:57:28.0289 2952 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:57:28.0335 2952 Npfs - ok
11:57:28.0335 2952 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:57:28.0398 2952 nsi - ok
11:57:28.0429 2952 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:57:28.0476 2952 nsiproxy - ok
11:57:28.0601 2952 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:57:28.0710 2952 Ntfs - ok
11:57:28.0741 2952 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:57:28.0835 2952 ntrigdigi - ok
11:57:28.0850 2952 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:57:28.0866 2952 Null - ok
11:57:28.0897 2952 NVHDA (a103162c62c336c2cb3c5e1e2773d17b) C:\Windows\system32\drivers\nvhda32v.sys
11:57:28.0913 2952 NVHDA - ok
11:57:29.0427 2952 nvlddmkm (c526b4a24ef951ef219c3bfa1534b152) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:57:29.0864 2952 nvlddmkm - ok
11:57:30.0005 2952 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
11:57:30.0020 2952 nvraid - ok
11:57:30.0036 2952 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
11:57:30.0067 2952 nvstor - ok
11:57:30.0114 2952 nvsvc (df6315ce4ff30f706abf3802d7749e70) C:\Windows\system32\nvvsvc.exe
11:57:30.0145 2952 nvsvc - ok
11:57:30.0161 2952 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
11:57:30.0176 2952 nv_agp - ok
11:57:30.0192 2952 NwlnkFlt - ok
11:57:30.0207 2952 NwlnkFwd - ok
11:57:30.0301 2952 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:57:30.0332 2952 odserv - ok
11:57:30.0363 2952 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
11:57:30.0410 2952 ohci1394 - ok
11:57:30.0473 2952 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:57:30.0488 2952 ose - ok
11:57:30.0566 2952 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:57:30.0675 2952 p2pimsvc - ok
11:57:30.0691 2952 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:57:30.0722 2952 p2psvc - ok
11:57:30.0769 2952 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:57:30.0847 2952 Parport - ok
11:57:30.0878 2952 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
11:57:30.0909 2952 partmgr - ok
11:57:30.0925 2952 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:57:31.0003 2952 Parvdm - ok
11:57:31.0034 2952 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:57:31.0081 2952 PcaSvc - ok
11:57:31.0128 2952 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:57:31.0143 2952 pci - ok
11:57:31.0159 2952 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
11:57:31.0190 2952 pciide - ok
11:57:31.0221 2952 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
11:57:31.0237 2952 pcmcia - ok
11:57:31.0315 2952 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:57:31.0424 2952 PEAUTH - ok
11:57:31.0565 2952 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:57:31.0689 2952 pla - ok
11:57:31.0830 2952 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
11:57:31.0908 2952 PlugPlay - ok
11:57:31.0986 2952 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:57:32.0064 2952 PNRPAutoReg - ok
11:57:32.0079 2952 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:57:32.0142 2952 PNRPsvc - ok
11:57:32.0220 2952 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
11:57:32.0298 2952 PolicyAgent - ok
11:57:32.0360 2952 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:57:32.0438 2952 PptpMiniport - ok
11:57:32.0469 2952 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
11:57:32.0547 2952 Processor - ok
11:57:32.0594 2952 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
11:57:32.0672 2952 ProfSvc - ok
11:57:32.0703 2952 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:57:32.0750 2952 ProtectedStorage - ok
11:57:32.0781 2952 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:57:32.0844 2952 PSched - ok
11:57:32.0969 2952 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
11:57:33.0062 2952 ql2300 - ok
11:57:33.0093 2952 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:57:33.0125 2952 ql40xx - ok
11:57:33.0171 2952 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:57:33.0218 2952 QWAVE - ok
11:57:33.0249 2952 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:57:33.0296 2952 QWAVEdrv - ok
11:57:33.0327 2952 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:57:33.0359 2952 RasAcd - ok
11:57:33.0390 2952 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:57:33.0421 2952 RasAuto - ok
11:57:33.0437 2952 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:57:33.0483 2952 Rasl2tp - ok
11:57:33.0546 2952 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
11:57:33.0577 2952 RasMan - ok
11:57:33.0624 2952 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:57:33.0655 2952 RasPppoe - ok
11:57:33.0686 2952 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:57:33.0717 2952 RasSstp - ok
11:57:33.0764 2952 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:57:33.0811 2952 rdbss - ok
11:57:33.0842 2952 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:57:33.0889 2952 RDPCDD - ok
11:57:33.0936 2952 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
11:57:33.0967 2952 rdpdr - ok
11:57:33.0967 2952 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:57:34.0014 2952 RDPENCDD - ok
11:57:34.0061 2952 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
11:57:34.0107 2952 RDPWD - ok
11:57:34.0217 2952 RegSrvc (ed8c9f16e10c1e4c4c5d16cd04966e24) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:57:34.0279 2952 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
11:57:34.0279 2952 RegSrvc - detected UnsignedFile.Multi.Generic (1)
11:57:34.0326 2952 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:57:34.0388 2952 RemoteAccess - ok
11:57:34.0419 2952 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
11:57:34.0466 2952 RemoteRegistry - ok
11:57:34.0497 2952 RFCOMM (10536b0ad6f416fc7f1149977c28ccdc) C:\Windows\system32\DRIVERS\rfcomm.sys
11:57:34.0560 2952 RFCOMM - ok
11:57:34.0638 2952 RichVideo (4d05898896ec49cf663dda61041ab096) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
11:57:34.0669 2952 RichVideo - ok
11:57:34.0700 2952 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:57:34.0778 2952 RpcLocator - ok
11:57:34.0841 2952 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:57:34.0919 2952 RpcSs - ok
11:57:34.0950 2952 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:57:35.0028 2952 rspndr - ok
11:57:35.0059 2952 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys
11:57:35.0090 2952 s0016bus - ok
11:57:35.0121 2952 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys
11:57:35.0137 2952 s0016mdfl - ok
11:57:35.0184 2952 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys
11:57:35.0199 2952 s0016mdm - ok
11:57:35.0231 2952 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\Windows\system32\DRIVERS\s0016mgmt.sys
11:57:35.0246 2952 s0016mgmt - ok
11:57:35.0293 2952 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\Windows\system32\DRIVERS\s0016nd5.sys
11:57:35.0324 2952 s0016nd5 - ok
11:57:35.0387 2952 s0016obex (36792935847143e4a3cda0dc87248487) C:\Windows\system32\DRIVERS\s0016obex.sys
11:57:35.0387 2952 s0016obex - ok
11:57:35.0433 2952 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\Windows\system32\DRIVERS\s0016unic.sys
11:57:35.0433 2952 s0016unic - ok
11:57:35.0465 2952 s816bus (8c156e6b568aa927eb5deadeb870bdd2) C:\Windows\system32\DRIVERS\s816bus.sys
11:57:35.0480 2952 s816bus - ok
11:57:35.0511 2952 s816mdfl (d4ed429953a2b8b09c702805813a26c8) C:\Windows\system32\DRIVERS\s816mdfl.sys
11:57:35.0511 2952 s816mdfl - ok
11:57:35.0527 2952 s816mdm (94306f371a6ff8b690bea81157111b3b) C:\Windows\system32\DRIVERS\s816mdm.sys
11:57:35.0543 2952 s816mdm - ok
11:57:35.0558 2952 s816mgmt (fafdd00abad1b6029bf7f4067764ab41) C:\Windows\system32\DRIVERS\s816mgmt.sys
11:57:35.0574 2952 s816mgmt - ok
11:57:35.0589 2952 s816nd5 (fd0d1e39cb22558d79bff59b66a5874a) C:\Windows\system32\DRIVERS\s816nd5.sys
11:57:35.0589 2952 s816nd5 - ok
11:57:35.0621 2952 s816obex (8eacd5e46764463e75f171d9bf305348) C:\Windows\system32\DRIVERS\s816obex.sys
11:57:35.0621 2952 s816obex - ok
11:57:35.0652 2952 s816unic (e2090b041b935430abc8e184b7d6cd75) C:\Windows\system32\DRIVERS\s816unic.sys
11:57:35.0652 2952 s816unic - ok
11:57:35.0683 2952 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:57:35.0699 2952 SamSs - ok
11:57:35.0714 2952 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:57:35.0730 2952 sbp2port - ok
11:57:35.0777 2952 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
11:57:35.0792 2952 SCardSvr - ok
11:57:35.0855 2952 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
11:57:35.0933 2952 Schedule - ok
11:57:35.0964 2952 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:57:35.0995 2952 SCPolicySvc - ok
11:57:36.0026 2952 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
11:57:36.0073 2952 sdbus - ok
11:57:36.0120 2952 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:57:36.0182 2952 SDRSVC - ok
11:57:36.0198 2952 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:57:36.0276 2952 secdrv - ok
11:57:36.0291 2952 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:57:36.0354 2952 seclogon - ok
11:57:36.0385 2952 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
11:57:36.0463 2952 seehcri - ok
11:57:36.0479 2952 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
11:57:36.0541 2952 SENS - ok
11:57:36.0557 2952 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:57:36.0650 2952 Serenum - ok
11:57:36.0666 2952 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:57:36.0744 2952 Serial - ok
11:57:36.0759 2952 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:57:36.0806 2952 sermouse - ok
11:57:36.0822 2952 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:57:36.0853 2952 SessionEnv - ok
11:57:36.0869 2952 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
11:57:36.0915 2952 sffdisk - ok
11:57:36.0931 2952 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
11:57:36.0962 2952 sffp_mmc - ok
11:57:36.0993 2952 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
11:57:37.0025 2952 sffp_sd - ok
11:57:37.0040 2952 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:57:37.0087 2952 sfloppy - ok
11:57:37.0134 2952 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:57:37.0149 2952 SharedAccess - ok
11:57:37.0196 2952 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
11:57:37.0243 2952 ShellHWDetection - ok
11:57:37.0259 2952 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
11:57:37.0274 2952 sisagp - ok
11:57:37.0290 2952 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
11:57:37.0305 2952 SiSRaid2 - ok
11:57:37.0321 2952 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
11:57:37.0352 2952 SiSRaid4 - ok
11:57:37.0446 2952 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files\Skype\Updater\Updater.exe
11:57:37.0461 2952 SkypeUpdate - ok
11:57:37.0711 2952 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
11:57:37.0867 2952 slsvc - ok
11:57:37.0992 2952 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
11:57:38.0039 2952 SLUINotify - ok
11:57:38.0101 2952 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:57:38.0163 2952 Smb - ok
11:57:38.0210 2952 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:57:38.0241 2952 SNMPTRAP - ok
11:57:38.0288 2952 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:57:38.0319 2952 spldr - ok
11:57:38.0351 2952 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
11:57:38.0429 2952 Spooler - ok
11:57:38.0538 2952 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:57:38.0569 2952 SQLBrowser - ok
11:57:38.0600 2952 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:57:38.0631 2952 SQLWriter - ok
11:57:38.0694 2952 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:57:38.0756 2952 srv - ok
11:57:38.0803 2952 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:57:38.0865 2952 srv2 - ok
11:57:38.0897 2952 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:57:38.0943 2952 srvnet - ok
11:57:38.0990 2952 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:57:39.0053 2952 SSDPSRV - ok
11:57:39.0115 2952 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
11:57:39.0131 2952 ssmdrv - ok
11:57:39.0177 2952 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:57:39.0224 2952 SstpSvc - ok
11:57:39.0302 2952 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
11:57:39.0380 2952 stisvc - ok
11:57:39.0427 2952 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:57:39.0458 2952 swenum - ok
11:57:39.0505 2952 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
11:57:39.0583 2952 swprv - ok
11:57:39.0614 2952 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:57:39.0645 2952 Symc8xx - ok
11:57:39.0661 2952 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:57:39.0692 2952 Sym_hi - ok
11:57:39.0708 2952 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:57:39.0739 2952 Sym_u3 - ok
11:57:39.0786 2952 SynTP (451e8037e2eb6da6bdf0a66f65d1810b) C:\Windows\system32\DRIVERS\SynTP.sys
11:57:39.0801 2952 SynTP - ok
11:57:39.0864 2952 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
11:57:39.0926 2952 SysMain - ok
11:57:40.0035 2952 SZDrvSvc (53cd82185248b0549ee55321a7b03f3b) C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
11:57:40.0035 2952 SZDrvSvc ( UnsignedFile.Multi.Generic ) - warning
11:57:40.0035 2952 SZDrvSvc - detected UnsignedFile.Multi.Generic (1)
11:57:40.0067 2952 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:57:40.0098 2952 TabletInputService - ok
11:57:40.0160 2952 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
11:57:40.0207 2952 TapiSrv - ok
11:57:40.0223 2952 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:57:40.0269 2952 TBS - ok
11:57:40.0363 2952 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
11:57:40.0425 2952 Tcpip - ok
11:57:40.0441 2952 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
11:57:40.0488 2952 Tcpip6 - ok
11:57:40.0550 2952 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:57:40.0613 2952 tcpipreg - ok
11:57:40.0691 2952 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:57:40.0753 2952 TDPIPE - ok
11:57:40.0769 2952 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:57:40.0815 2952 TDTCP - ok
11:57:40.0862 2952 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:57:40.0893 2952 tdx - ok
11:57:40.0925 2952 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:57:40.0940 2952 TermDD - ok
11:57:41.0003 2952 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
11:57:41.0034 2952 TermService - ok
11:57:41.0081 2952 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
11:57:41.0096 2952 Themes - ok
11:57:41.0127 2952 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:57:41.0159 2952 THREADORDER - ok
11:57:41.0205 2952 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:57:41.0252 2952 TrkWks - ok
11:57:41.0299 2952 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
11:57:41.0315 2952 TrustedInstaller - ok
11:57:41.0361 2952 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:57:41.0393 2952 tssecsrv - ok
11:57:41.0424 2952 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:57:41.0439 2952 tunmp - ok
11:57:41.0486 2952 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:57:41.0517 2952 tunnel - ok
11:57:41.0533 2952 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
11:57:41.0549 2952 uagp35 - ok
11:57:41.0611 2952 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:57:41.0642 2952 udfs - ok
11:57:41.0689 2952 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:57:41.0736 2952 UI0Detect - ok
11:57:41.0783 2952 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
11:57:41.0798 2952 uliagpkx - ok
11:57:41.0829 2952 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
11:57:41.0845 2952 uliahci - ok
11:57:41.0876 2952 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:57:41.0892 2952 UlSata - ok
11:57:41.0923 2952 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:57:41.0939 2952 ulsata2 - ok
11:57:42.0048 2952 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:57:42.0095 2952 umbus - ok
11:57:42.0251 2952 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:57:42.0313 2952 upnphost - ok
11:57:42.0360 2952 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:57:42.0407 2952 usbccgp - ok
11:57:42.0422 2952 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:57:42.0485 2952 usbcir - ok
11:57:42.0609 2952 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:57:42.0672 2952 usbehci - ok
11:57:42.0703 2952 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:57:42.0750 2952 usbhub - ok
11:57:42.0765 2952 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:57:42.0828 2952 usbohci - ok
11:57:42.0859 2952 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:57:42.0875 2952 usbprint - ok
11:57:42.0906 2952 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:57:42.0937 2952 usbscan - ok
11:57:42.0953 2952 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:57:42.0984 2952 USBSTOR - ok
11:57:43.0031 2952 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:57:43.0046 2952 usbuhci - ok
11:57:43.0077 2952 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:57:43.0109 2952 usbvideo - ok
11:57:43.0187 2952 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
11:57:43.0249 2952 UxSms - ok
11:57:43.0327 2952 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
11:57:43.0405 2952 vds - ok
11:57:43.0452 2952 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:57:43.0499 2952 vga - ok
11:57:43.0514 2952 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:57:43.0577 2952 VgaSave - ok
11:57:43.0608 2952 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
11:57:43.0623 2952 viaagp - ok
11:57:43.0655 2952 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
11:57:43.0686 2952 ViaC7 - ok
11:57:43.0701 2952 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
11:57:43.0717 2952 viaide - ok
11:57:43.0826 2952 VMC302 (c30a79cfee47f1a9633f403c5ace872f) C:\Windows\system32\Drivers\VMC302.sys
11:57:43.0857 2952 VMC302 - ok
11:57:43.0873 2952 VMC326 - ok
11:57:43.0904 2952 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:57:43.0920 2952 volmgr - ok
11:57:43.0982 2952 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:57:44.0013 2952 volmgrx - ok
11:57:44.0060 2952 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:57:44.0091 2952 volsnap - ok
11:57:44.0107 2952 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
11:57:44.0138 2952 vsmraid - ok
11:57:44.0263 2952 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
11:57:44.0372 2952 VSS - ok
11:57:44.0435 2952 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
11:57:44.0591 2952 W32Time - ok
11:57:44.0731 2952 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:57:44.0793 2952 WacomPen - ok
11:57:44.0825 2952 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:57:44.0840 2952 Wanarp - ok
11:57:44.0840 2952 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:57:44.0871 2952 Wanarpv6 - ok
11:57:44.0918 2952 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
11:57:44.0965 2952 wcncsvc - ok
11:57:44.0996 2952 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:57:45.0012 2952 WcsPlugInService - ok
11:57:45.0043 2952 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
11:57:45.0059 2952 Wd - ok
11:57:45.0105 2952 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:57:45.0152 2952 Wdf01000 - ok
11:57:45.0230 2952 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:57:45.0293 2952 WdiServiceHost - ok
11:57:45.0293 2952 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:57:45.0339 2952 WdiSystemHost - ok
11:57:45.0449 2952 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
11:57:45.0480 2952 WebClient - ok
11:57:45.0527 2952 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:57:45.0573 2952 Wecsvc - ok
11:57:45.0605 2952 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:57:45.0651 2952 wercplsupport - ok
11:57:45.0698 2952 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
11:57:45.0745 2952 WerSvc - ok
11:57:45.0901 2952 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:57:45.0932 2952 WinDefend - ok
11:57:45.0948 2952 WinHttpAutoProxySvc - ok
11:57:46.0010 2952 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
11:57:46.0057 2952 Winmgmt - ok
11:57:46.0244 2952 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:57:46.0353 2952 WinRM - ok
11:57:46.0431 2952 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
11:57:46.0572 2952 Wlansvc - ok
11:57:46.0868 2952 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:57:46.0977 2952 wlidsvc - ok
11:57:47.0165 2952 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
11:57:47.0180 2952 WmiAcpi - ok
11:57:47.0336 2952 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
11:57:47.0383 2952 wmiApSrv - ok
11:57:47.0539 2952 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:57:47.0648 2952 WMPNetworkSvc - ok
11:57:47.0679 2952 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
11:57:47.0757 2952 WPCSvc - ok
11:57:47.0789 2952 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
11:57:47.0867 2952 WPDBusEnum - ok
11:57:48.0023 2952 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:57:48.0038 2952 WpdUsb - ok
11:57:48.0413 2952 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:57:48.0475 2952 WPFFontCache_v0400 - ok
11:57:48.0522 2952 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:57:48.0615 2952 ws2ifsl - ok
11:57:48.0662 2952 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
11:57:48.0756 2952 wscsvc - ok
11:57:48.0756 2952 WSearch - ok
11:57:49.0021 2952 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
11:57:49.0177 2952 wuauserv - ok
11:57:49.0863 2952 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:57:49.0973 2952 WUDFRd - ok
11:57:50.0066 2952 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:57:50.0160 2952 wudfsvc - ok
11:57:50.0238 2952 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
11:57:50.0394 2952 yukonwlh - ok
11:57:50.0456 2952 MBR (0x1B8) (61a349592c4728853f4a90ff78f7628e) \Device\Harddisk0\DR0
11:57:51.0283 2952 \Device\Harddisk0\DR0 - ok
11:57:51.0283 2952 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk1\DR1
11:57:52.0157 2952 \Device\Harddisk1\DR1 - ok
11:57:52.0188 2952 Boot (0x1200) (5d77ec23d5b9726d32bbdd410c52a16f) \Device\Harddisk0\DR0\Partition0
11:57:52.0188 2952 \Device\Harddisk0\DR0\Partition0 - ok
11:57:52.0500 2952 Boot (0x1200) (8bdb7b4ea0226889323b8d2a05025a78) \Device\Harddisk0\DR0\Partition1
11:57:52.0500 2952 \Device\Harddisk0\DR0\Partition1 - ok
11:57:52.0515 2952 Boot (0x1200) (0248d30cf0c1999d54dee2a8792ad245) \Device\Harddisk1\DR1\Partition0
11:57:52.0515 2952 \Device\Harddisk1\DR1\Partition0 - ok
11:57:52.0515 2952 ============================================================
11:57:52.0515 2952 Scan finished
11:57:52.0515 2952 ============================================================
11:57:52.0531 5336 Detected object count: 6
11:57:52.0531 5336 Actual detected object count: 6
11:58:32.0170 5336 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0170 5336 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:32.0170 5336 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0170 5336 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:32.0170 5336 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0170 5336 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:32.0185 5336 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0185 5336 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:32.0185 5336 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0185 5336 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:58:32.0185 5336 SZDrvSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0185 5336 SZDrvSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
05.08.2012, 15:45
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Search.searchcompletion.com übernimmt Google Suchmaschine Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
11.08.2012, 05:33
| #19 |
| | Search.searchcompletion.com übernimmt Google Suchmaschine Hier die Logdatei: Combofix Logfile: Code:
ATTFilter ComboFix 12-08-09.01 - Clemens 11.08.2012 0:07.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3066.1543 [GMT 2:00]
ausgeführt von:: c:\users\Clemens\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\windows\unin0407.exe
D:\Documents.lnk
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-10 bis 2012-08-10 ))))))))))))))))))))))))))))))
.
.
2012-08-03 20:41 . 2012-08-03 20:41 -------- d-----w- C:\_OTL
2012-08-03 20:14 . 2012-08-03 20:14 -------- d-----w- c:\users\Clemens\AppData\Roaming\Canneverbe Limited
2012-08-03 20:14 . 2012-08-03 20:14 -------- d-----w- c:\programdata\Canneverbe Limited
2012-08-03 20:14 . 2012-08-03 20:14 -------- d-----w- c:\program files\CDBurnerXP
2012-07-24 17:42 . 2012-07-24 17:42 -------- d-----w- c:\program files\Microsoft
2012-07-24 17:05 . 2012-07-24 17:05 -------- d-----w- c:\users\Clemens\AppData\Roaming\Malwarebytes
2012-07-24 17:05 . 2012-07-24 17:05 -------- d-----w- c:\programdata\Malwarebytes
2012-07-24 17:05 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-24 17:05 . 2012-07-26 10:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-13 21:03 . 2010-10-24 04:06 598528 ----a-w- c:\windows\system32\ztv7z.dll
2012-07-13 21:03 . 2010-10-24 04:06 178176 ----a-w- c:\windows\system32\ztvunrar39.dll
2012-07-13 21:03 . 2006-05-25 12:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2012-07-13 21:03 . 2005-08-25 22:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2012-07-13 21:03 . 2006-06-19 10:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2012-07-13 21:03 . 2003-02-02 17:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2012-07-13 21:03 . 2002-03-05 22:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2012-07-13 21:03 . 2012-07-13 21:04 -------- d-----w- c:\program files\Trojan Remover
2012-07-13 21:03 . 2012-07-13 21:03 -------- d-----w- c:\users\Clemens\AppData\Roaming\Simply Super Software
2012-07-13 21:03 . 2012-07-13 21:03 -------- d-----w- c:\programdata\Simply Super Software
2012-07-13 20:26 . 2012-07-13 20:26 -------- d-----w- c:\program files\ESET
2012-07-12 05:03 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 09:44 . 2012-04-17 20:51 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-03 09:44 . 2011-07-12 14:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-18 16:04 . 2012-02-09 12:49 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-06-22 14:32 . 2012-07-10 17:59 405144 ----a-w- c:\windows\system32\Newtonsoft.Json.Net20.dll
2012-06-05 16:47 . 2012-07-11 14:18 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 16:47 . 2012-07-11 14:18 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:26 . 2012-07-11 14:18 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 22:19 . 2012-06-19 16:15 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 16:15 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 16:14 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 16:14 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-19 16:15 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-19 16:15 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-19 16:14 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-19 16:14 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-19 16:14 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 00:04 . 2012-07-11 14:18 278528 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 00:03 . 2012-07-11 14:18 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-31 10:25 . 2011-07-26 04:56 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-13 18:34 . 2012-02-09 12:49 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-13 18:34 . 2012-02-09 12:49 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-06-14 22:19 . 2012-07-13 20:11 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-03 17417392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-26 13548064]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-26 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2012-07-13 1240848]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Clemens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 08:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 09:44]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-01 19:58]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-01 19:58]
.
2009-12-28 c:\windows\Tasks\Install_NSS.job
- c:\program files\DivX\Symantec\scstubinstaller.exe [2009-11-14 00:49]
.
2012-08-10 c:\windows\Tasks\SupBackGroundTask.job
- c:\program files\Samsung\Samsung Update Plus\SUPBackGround.exe [2008-10-27 12:26]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\Clemens\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Clemens\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Clemens\AppData\Roaming\Mozilla\Firefox\Profiles\djaak315.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-FUSSBALL MANAGER 2002 - c:\windows\unin0407.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-FIFA 12 REAL PERFORMANCE OPTIMIZER V. 1.0 BY DOCTOR+ PRODUCTIONS - c:\program files\EA Sports\FIFA 12\Uninstal_RPO.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-11 00:34
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-08-11 00:37:13
ComboFix-quarantined-files.txt 2012-08-10 22:37
.
Vor Suchlauf: 7 Verzeichnis(se), 83.179.651.072 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 82.244.694.016 Bytes frei
.
- - End Of File - - 0E6EB922D3BA0D4142FAE9EE10AB7E49
gruß clemens |
|
11.08.2012, 17:58
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Search.searchcompletion.com übernimmt Google SuchmaschineCode:
ATTFilter FIFA 12 REAL PERFORMANCE OPTIMIZER V. 1.0 BY DOCTOR+ PRODUCTIONS
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.08.2012, 08:14
| #21 |
| | Search.searchcompletion.com übernimmt Google Suchmaschine Sorry war im Urlaub. Keine Ahnung. Hab ich mal runter geladen weil des Spiel net ruckelfrei lief. Das müsste aber virenfrei gewesen sein... |
|
17.08.2012, 20:04
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Search.searchcompletion.com übernimmt Google Suchmaschine Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.08.2012, 21:18
| #23 |
| | Search.searchcompletion.com übernimmt Google Suchmaschine OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 22:14:59 on 20.08.2012 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 13.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "SupBackGroundTask.job" - ? - C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe (File found, but it contains no detailed information) [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "iproset.cpl" - "Intel(R) Corporation" - C:\Windows\system32\iproset.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL "PROSet Tools" - "Intel(R) Corporation" - C:\Windows\System32\iPROSet.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\Clemens\AppData\Local\Temp\catchme.sys (File not found) "cpuz132" (cpuz132) - ? - C:\Users\Clemens\AppData\Local\Temp\cpuz132\cpuz132_x32.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "mdf16" (mdf16) - ? - C:\Users\Clemens\AppData\Local\Temp\mdf16.sys (File not found) "mvd23" (mvd23) - ? - C:\Users\Clemens\AppData\Local\Temp\mvd23.sys (File not found) "Sony Ericsson Device 0016 driver (WDM)" (s0016bus) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016bus.sys "Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)" (s0016nd5) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016nd5.sys "Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)" (s0016unic) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016unic.sys "Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)" (s0016mgmt) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016mgmt.sys "Sony Ericsson Device 0016 USB WMC Modem Driver" (s0016mdm) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016mdm.sys "Sony Ericsson Device 0016 USB WMC Modem Filter" (s0016mdfl) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016mdfl.sys "Sony Ericsson Device 0016 USB WMC OBEX Interface" (s0016obex) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016obex.sys "Sony Ericsson Device 816 driver (WDM)" (s816bus) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816bus.sys "Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS)" (s816nd5) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816nd5.sys "Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM)" (s816unic) - "MCCI" - C:\Windows\System32\DRIVERS\s816unic.sys "Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM)" (s816mgmt) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816mgmt.sys "Sony Ericsson Device 816 USB WMC Modem Driver" (s816mdm) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816mdm.sys "Sony Ericsson Device 816 USB WMC Modem Filter" (s816mdfl) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816mdfl.sys "Sony Ericsson Device 816 USB WMC OBEX Interface" (s816obex) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816obex.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "uxtiafoc" (uxtiafoc) - ? - C:\Users\Clemens\AppData\Local\Temp\uxtiafoc.sys (Hidden registry entry, rootkit activity | File not found) "Vimicro Camera Service VMC326" (VMC326) - ? - C:\Windows\System32\Drivers\VMC326.sys (File not found) [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {79BC0345-1015-11D2-A299-006008312725} "///FAST project settings" - ? - C:\Program Files\Pinnacle\VideoSpin\Programs\BlueShellExt.dll (File not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson Datei-Manager" - ? - (File not found | COM-object registry key not found) {6F5C0F40-1419-4DC8-8D2F-D5EC5FCF07AB} "Sprint.ExplorerIntegration.9" - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Integration\SprintIntegration.dll {52B87208-9CCF-42C9-B88E-069281105805} "Trojan Remover Shell Extension" - "Simply Super Software" - C:\PROGRA~1\TROJAN~1\Trshlex.dll {DBD8E168-244D-448C-9922-25508950D1DC} "Ulead UDF Driver" - ? - (File not found | COM-object registry key not found) {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_3_300_271.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} "ClsidExtension" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - ? - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll {9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - ? - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (File not found) {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} "Google Gears Helper" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Shortcut exists | File exists) "desktop.ini" - ? - C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "TrojanScanner" - "Simply Super Software" - C:\Program Files\Trojan Remover\Trjscan.exe /boot [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "EPSON SX125 Series 32MonitorBE" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\E_FLBGGE.DLL "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "ABBYY FineReader 9.0 Sprint Licensing Service" (ABBYY.Licensing.FineReader.Sprint.9.0) - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Intel® PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe "Intel® PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe "iPod Service" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Samsung Drive Manager Service" (SZDrvSvc) - "Clarus, Inc." - C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe "SQL Server (MSSMLBIZ)" (MSSQL$MSSMLBIZ) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe "SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe "SQL Server-Browser" (SQLBrowser) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe "SQL Server-Startdienst für Business Contact Manager" (BcmSqlStartupSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] gmer log: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-08-20 22:17:33
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0
Running: mymnwch0.exe; Driver: C:\Users\Clemens\AppData\Local\Temp\uxtiafoc.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-20 22:21:29
-----------------------------
22:21:29.836 OS Version: Windows 6.0.6002 Service Pack 2
22:21:29.836 Number of processors: 2 586 0xF0D
22:21:29.852 ComputerName: CLEMENS-PC UserName: Clemens
22:22:17.328 Initialize success
22:24:40.639 AVAST engine defs: 12082000
22:25:15.905 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:25:15.905 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
22:25:15.983 Disk 0 MBR read successfully
22:25:15.983 Disk 0 MBR scan
22:25:15.983 Disk 0 unknown MBR code
22:25:15.998 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
22:25:16.030 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 147548 MB offset 20973568
22:25:16.061 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 147455 MB offset 323151872
22:25:16.076 Disk 0 scanning sectors +625139712
22:25:16.154 Disk 0 scanning C:\Windows\system32\drivers
22:25:27.602 Service scanning
22:25:54.694 Modules scanning
22:25:59.482 Disk 0 trace - called modules:
22:25:59.513 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:25:59.513 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ca7ac8]
22:25:59.513 3 CLASSPNP.SYS[8b6a58b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85c43028]
22:26:00.886 AVAST engine scan C:\Windows
22:26:05.347 AVAST engine scan C:\Windows\system32
22:29:42.283 AVAST engine scan C:\Windows\system32\drivers
22:29:56.398 AVAST engine scan C:\Users\Clemens
22:33:40.056 AVAST engine scan C:\ProgramData
22:35:55.156 Scan finished successfully
22:37:30.344 Disk 0 MBR has been saved successfully to "C:\Users\Clemens\Desktop\MBR.dat"
22:37:30.344 The log file has been saved successfully to "C:\Users\Clemens\Desktop\aswMBR.txt"
|
|
21.08.2012, 12:41
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Search.searchcompletion.com übernimmt Google Suchmaschine Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.08.2012, 10:34
| #25 |
| | Search.searchcompletion.com übernimmt Google Suchmaschine Hab den Fix und im Anschluss nochmal einen Scan durchgeführt. Hier die Logdatei: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-28 10:30:17
-----------------------------
10:30:17.216 OS Version: Windows 6.0.6002 Service Pack 2
10:30:17.216 Number of processors: 2 586 0xF0D
10:30:17.216 ComputerName: CLEMENS-PC UserName: Clemens
10:30:18.355 Initialize success
10:30:28.698 AVAST engine defs: 12082700
10:30:54.001 The log file has been saved successfully to "C:\Users\Clemens\Desktop\aswMBR2.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-28 10:30:17
-----------------------------
10:30:17.216 OS Version: Windows 6.0.6002 Service Pack 2
10:30:17.216 Number of processors: 2 586 0xF0D
10:30:17.216 ComputerName: CLEMENS-PC UserName: Clemens
10:30:18.355 Initialize success
10:30:28.698 AVAST engine defs: 12082700
10:30:54.001 The log file has been saved successfully to "C:\Users\Clemens\Desktop\aswMBR2.txt"
10:31:24.099 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:31:24.099 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
10:31:24.114 Disk 0 MBR read successfully
10:31:24.114 Disk 0 MBR scan
10:31:24.114 Disk 0 Windows VISTA default MBR code
10:31:24.130 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
10:31:24.146 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 147548 MB offset 20973568
10:31:24.161 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 147455 MB offset 323151872
10:31:24.177 Disk 0 scanning sectors +625139712
10:31:24.302 Disk 0 scanning C:\Windows\system32\drivers
10:32:17.572 Service scanning
10:34:19.579 Modules scanning
10:34:52.573 Disk 0 trace - called modules:
10:34:52.698 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:34:52.698 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86c275f8]
10:34:52.698 3 CLASSPNP.SYS[8b6a88b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85c07028]
10:35:02.588 AVAST engine scan C:\Windows
10:35:17.096 AVAST engine scan C:\Windows\system32
10:43:39.849 AVAST engine scan C:\Windows\system32\drivers
10:44:16.119 AVAST engine scan C:\Users\Clemens
11:03:05.403 AVAST engine scan C:\ProgramData
11:06:19.124 Scan finished successfully
11:29:30.644 Disk 0 MBR has been saved successfully to "C:\Users\Clemens\Desktop\MBR.dat"
11:29:30.660 The log file has been saved successfully to "C:\Users\Clemens\Desktop\aswMBR2.txt"
Gruß Clemens |
|
30.08.2012, 19:05
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Search.searchcompletion.com übernimmt Google Suchmaschine Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.08.2012, 17:56
| #27 |
| | Search.searchcompletion.com übernimmt Google SuchmaschineCode:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.31.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Clemens :: CLEMENS-PC [Administrator] Schutz: Aktiviert 31.08.2012 11:41:12 mbam-log-2012-08-31 (11-41-12).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 408884 Laufzeit: 2 Stunde(n), 58 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/31/2012 at 06:51 PM
Application Version : 5.5.1012
Core Rules Database Version : 9158
Trace Rules Database Version: 6970
Scan type : Complete Scan
Total Scan Time : 04:09:31
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 839
Memory threats detected : 0
Registry items scanned : 37005
Registry threats detected : 0
File items scanned : 186224
File threats detected : 127
Adware.Tracking Cookie
C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\NQ2GXI2P.txt [ /mediaplex.com ]
C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\KQWIVIKU.txt [ /doubleclick.net ]
C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\BKO1KXCS.txt [ /atdmt.com ]
C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\POFA9GIK.txt [ /apmebf.com ]
C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\A8SZ723C.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\9Y652VEW.txt [ /ad.zanox.com ]
C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\OGHUGUDC.txt [ /adfarm1.adition.com ]
C:\USERS\CLEMENS\Cookies\NQ2GXI2P.txt [ Cookie:clemens@mediaplex.com/ ]
C:\USERS\CLEMENS\Cookies\KQWIVIKU.txt [ Cookie:clemens@doubleclick.net/ ]
C:\USERS\CLEMENS\Cookies\BKO1KXCS.txt [ Cookie:clemens@atdmt.com/ ]
C:\USERS\CLEMENS\Cookies\POFA9GIK.txt [ Cookie:clemens@apmebf.com/ ]
C:\USERS\CLEMENS\Cookies\A8SZ723C.txt [ Cookie:clemens@ad1.adfarm1.adition.com/ ]
C:\USERS\CLEMENS\Cookies\9Y652VEW.txt [ Cookie:clemens@ad.zanox.com/ ]
C:\USERS\CLEMENS\Cookies\OGHUGUDC.txt [ Cookie:clemens@adfarm1.adition.com/ ]
.doubleclick.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xm.xtendmedia.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.effiliation.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bluestreak.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rotator.adjuggler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rotator.adjuggler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rotator.adjuggler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adsrv.admediate.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adsrv.admediate.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adsrv.admediate.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.mlsat02.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rts.pgmediaserve.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rts.pgmediaserve.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rts.pgmediaserve.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
rts.pgmediaserve.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bc.youporn.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
files.youporn.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
ia.media-imdb.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
media.mtvnservices.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
media1.break.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
mediadb.kicker.de [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
objects.tremormedia.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
secure-us.imrworldwide.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
static.youporn.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
www.ardmediathek.de [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
www.naiadsystems.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@FASTCLICK[1].TXT [ /FASTCLICK ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@APMEBF[1].TXT [ /APMEBF ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@TRAFFICTRACK[1].TXT [ /TRAFFICTRACK ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@COLLECTIVE-MEDIA[2].TXT [ /COLLECTIVE-MEDIA ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@IM.BANNER.T-ONLINE[1].TXT [ /IM.BANNER.T-ONLINE ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ADS.CREATIVE-SERVING[1].TXT [ /ADS.CREATIVE-SERVING ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ADVIVA[1].TXT [ /ADVIVA ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ZANOX-AFFILIATE[1].TXT [ /ZANOX-AFFILIATE ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@REVSCI[2].TXT [ /REVSCI ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ZANOX[1].TXT [ /ZANOX ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@2O7[2].TXT [ /2O7 ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@AD2.ADFARM1.ADITION[2].TXT [ /AD2.ADFARM1.ADITION ]
D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
.ice.112.2o7.net [ D:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ D:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ D:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
secure-uk.imrworldwide.com [ C:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D244CGX7 ]
.imrworldwide.com [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
.premiumtv.122.2o7.net [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
.skydeutschland.122.2o7.net [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
Trojan.VXGame-Variant/D
D:\USERS\CLEMENS\DOCUMENTS\SEMINAR TRAUNSTEIN\MATHEMATIK\STOFF\5. KLASSE\4.GEOMETRISCHE GRUNDFORMEN UND GEOMETRISCHE GRUNDBEGRIFFE\PC PROGRAMM KöRPER\SETUP.EXE
C:\USERS\CLEMENS\DOCUMENTS\SEMINAR TRAUNSTEIN\MATHEMATIK\STOFF\5. KLASSE\4.GEOMETRISCHE GRUNDFORMEN UND GEOMETRISCHE GRUNDBEGRIFFE\PC PROGRAMM KöRPER\SETUP.EXE
Trojan.Agent/Gen-FakeAV
C:\PROGRAM FILES\WINRAR\DEFAULT.SFX
Geändert von heisinho (31.08.2012 um 18:09 Uhr) |
|
31.08.2012, 20:18
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Search.searchcompletion.com übernimmt Google Suchmaschine Sieht ok aus, da wurden nur Cookies gefunden, der angebliche Fund bei WinRAR ist ein Fehalarm, die anderen zwei Funde sind auch Fehlalarme. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.09.2012, 15:58
| #29 |
| | Search.searchcompletion.com übernimmt Google Suchmaschine VIELEN DANK! Mein System ist wohl wieder in Ordnung! Danke auch für deine Tipps. Jetzt hätte ich noch ein paar Fragen. Welches der ganzen installierten Programme zur Virenabwehr etc. sollte ich denn dauerhaft auf meinem Rechner lassen bzw. aktualisieren? Mein WIndows-Sicherheitscenter zeigt mir an, dass keine Antivirussoftware auf dem Rechner ist, obwohl Avira installiert und aktiviert ist!? Warum? Würdest du mir als Computerlaien zu linux ubuntu o.ä. raten? Gruß Clemens |
|
11.09.2012, 21:35
| #30 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Search.searchcompletion.com übernimmt Google SuchmaschineZitat:
 Mehr dazu hier => Linux ist nicht Windows Lies diesen langen Artikel aber später, erstmal solltest du dich um die Updates kümmern und Deinstallation unserer Tools kümmern. Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Search.searchcompletion.com übernimmt Google Suchmaschine |
| .com, antivir, avira, bho, black, bonjour, converter, desktop, dringend, error, excel, firefox, flash player, google, google earth, home, iexplore.exe, install.exe, logfile, microsoft office 2003, mp3, office 2007, plug-in, problem, realtek, safer networking, searchscopes, security, sketchup, software, suchmaschine, super, trojaner, videospin, vista |
Linear-Darstellung
