| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dllWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.08.2012, 15:41
| #16 |
 |  TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll So Datei ist hochgeladen.  |
|
13.08.2012, 17:59
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
13.08.2012, 18:27
| #18 |
| | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dllCode:
ATTFilter 19:25:29.0024 7056 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:25:29.0281 7056 ============================================================
19:25:29.0281 7056 Current date / time: 2012/08/13 19:25:29.0281
19:25:29.0281 7056 SystemInfo:
19:25:29.0281 7056
19:25:29.0281 7056 OS Version: 6.1.7601 ServicePack: 1.0
19:25:29.0281 7056 Product type: Workstation
19:25:29.0281 7056 ComputerName: KIM-VAIO
19:25:29.0281 7056 UserName: Kim
19:25:29.0281 7056 Windows directory: C:\Windows
19:25:29.0281 7056 System windows directory: C:\Windows
19:25:29.0282 7056 Running under WOW64
19:25:29.0282 7056 Processor architecture: Intel x64
19:25:29.0282 7056 Number of processors: 8
19:25:29.0282 7056 Page size: 0x1000
19:25:29.0282 7056 Boot type: Normal boot
19:25:29.0282 7056 ============================================================
19:25:29.0582 7056 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:25:29.0586 7056 ============================================================
19:25:29.0586 7056 \Device\Harddisk0\DR0:
19:25:29.0586 7056 MBR partitions:
19:25:29.0586 7056 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x217F800, BlocksNum 0x32000
19:25:29.0586 7056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x21B1800, BlocksNum 0x486A62B0
19:25:29.0586 7056 ============================================================
19:25:29.0620 7056 C: <-> \Device\Harddisk0\DR0\Partition1
19:25:29.0620 7056 ============================================================
19:25:29.0620 7056 Initialize success
19:25:29.0620 7056 ============================================================
19:26:02.0230 0416 ============================================================
19:26:02.0230 0416 Scan started
19:26:02.0230 0416 Mode: Manual; SigCheck; TDLFS;
19:26:02.0230 0416 ============================================================
19:26:02.0891 0416 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:26:02.0964 0416 1394ohci - ok
19:26:03.0040 0416 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:26:03.0053 0416 ACDaemon - ok
19:26:03.0093 0416 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:26:03.0106 0416 ACPI - ok
19:26:03.0135 0416 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:26:03.0186 0416 AcpiPmi - ok
19:26:03.0274 0416 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
19:26:03.0282 0416 AdobeActiveFileMonitor9.0 - ok
19:26:03.0348 0416 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:26:03.0364 0416 adp94xx - ok
19:26:03.0412 0416 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:26:03.0425 0416 adpahci - ok
19:26:03.0445 0416 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:26:03.0456 0416 adpu320 - ok
19:26:03.0485 0416 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:26:03.0601 0416 AeLookupSvc - ok
19:26:03.0666 0416 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:26:03.0712 0416 AFD - ok
19:26:03.0739 0416 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:26:03.0748 0416 agp440 - ok
19:26:03.0781 0416 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:26:03.0828 0416 ALG - ok
19:26:03.0863 0416 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:26:03.0871 0416 aliide - ok
19:26:03.0890 0416 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:26:03.0898 0416 amdide - ok
19:26:03.0936 0416 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:26:03.0959 0416 AmdK8 - ok
19:26:03.0974 0416 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:26:04.0002 0416 AmdPPM - ok
19:26:04.0035 0416 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:26:04.0045 0416 amdsata - ok
19:26:04.0093 0416 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:26:04.0103 0416 amdsbs - ok
19:26:04.0115 0416 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:26:04.0123 0416 amdxata - ok
19:26:04.0203 0416 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:26:04.0211 0416 AntiVirSchedulerService - ok
19:26:04.0225 0416 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:26:04.0232 0416 AntiVirService - ok
19:26:04.0274 0416 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:26:04.0392 0416 AppID - ok
19:26:04.0423 0416 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:26:04.0462 0416 AppIDSvc - ok
19:26:04.0497 0416 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:26:04.0547 0416 Appinfo - ok
19:26:04.0587 0416 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:26:04.0596 0416 arc - ok
19:26:04.0628 0416 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:26:04.0637 0416 arcsas - ok
19:26:04.0681 0416 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:26:04.0687 0416 ArcSoftKsUFilter - ok
19:26:04.0748 0416 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:26:04.0764 0416 aspnet_state - ok
19:26:04.0774 0416 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:26:04.0815 0416 AsyncMac - ok
19:26:04.0855 0416 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:26:04.0863 0416 atapi - ok
19:26:04.0897 0416 AthBTPort (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys
19:26:04.0903 0416 AthBTPort - ok
19:26:04.0952 0416 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
19:26:04.0958 0416 ATHDFU - ok
19:26:04.0993 0416 Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
19:26:04.0999 0416 Atheros Bt&Wlan Coex Agent - ok
19:26:05.0019 0416 AtherosSvc (ebc3119394c9074a9cd87578a435050d) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:26:05.0025 0416 AtherosSvc - ok
19:26:05.0163 0416 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
19:26:05.0240 0416 athr - ok
19:26:05.0382 0416 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:26:05.0427 0416 AudioEndpointBuilder - ok
19:26:05.0432 0416 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:26:05.0463 0416 AudioSrv - ok
19:26:05.0537 0416 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:26:05.0545 0416 avgntflt - ok
19:26:05.0560 0416 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:26:05.0569 0416 avipbb - ok
19:26:05.0588 0416 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:26:05.0596 0416 avkmgr - ok
19:26:05.0624 0416 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:26:05.0659 0416 AxInstSV - ok
19:26:05.0721 0416 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:26:05.0753 0416 b06bdrv - ok
19:26:05.0792 0416 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:26:05.0820 0416 b57nd60a - ok
19:26:05.0934 0416 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:26:05.0944 0416 BBSvc - ok
19:26:05.0995 0416 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:26:06.0006 0416 BBUpdate - ok
19:26:06.0036 0416 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:26:06.0065 0416 BDESVC - ok
19:26:06.0089 0416 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:26:06.0136 0416 Beep - ok
19:26:06.0172 0416 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:26:06.0196 0416 blbdrive - ok
19:26:06.0230 0416 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:26:06.0265 0416 bowser - ok
19:26:06.0287 0416 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:26:06.0312 0416 BrFiltLo - ok
19:26:06.0327 0416 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:26:06.0338 0416 BrFiltUp - ok
19:26:06.0369 0416 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:26:06.0415 0416 Browser - ok
19:26:06.0451 0416 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:26:06.0492 0416 Brserid - ok
19:26:06.0514 0416 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:26:06.0535 0416 BrSerWdm - ok
19:26:06.0574 0416 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:26:06.0613 0416 BrUsbMdm - ok
19:26:06.0623 0416 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:26:06.0644 0416 BrUsbSer - ok
19:26:06.0696 0416 BTATH_A2DP (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys
19:26:06.0704 0416 BTATH_A2DP - ok
19:26:06.0723 0416 btath_avdt (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys
19:26:06.0730 0416 btath_avdt - ok
19:26:06.0771 0416 BTATH_BUS (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\drivers\btath_bus.sys
19:26:06.0776 0416 BTATH_BUS - ok
19:26:06.0806 0416 BTATH_HCRP (a441b800e04cf8443faf519207563abb) C:\Windows\system32\drivers\btath_hcrp.sys
19:26:06.0814 0416 BTATH_HCRP - ok
19:26:06.0829 0416 BTATH_LWFLT (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:26:06.0836 0416 BTATH_LWFLT - ok
19:26:06.0874 0416 BTATH_RCP (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\drivers\btath_rcp.sys
19:26:06.0883 0416 BTATH_RCP - ok
19:26:06.0940 0416 BtFilter (3632fa4c6b3ce9ec827690deac266d8c) C:\Windows\system32\DRIVERS\btfilter.sys
19:26:06.0950 0416 BtFilter - ok
19:26:06.0976 0416 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:26:07.0016 0416 BthEnum - ok
19:26:07.0052 0416 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:26:07.0072 0416 BTHMODEM - ok
19:26:07.0097 0416 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:26:07.0122 0416 BthPan - ok
19:26:07.0174 0416 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:26:07.0197 0416 BTHPORT - ok
19:26:07.0231 0416 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:26:07.0258 0416 bthserv - ok
19:26:07.0279 0416 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:26:07.0295 0416 BTHUSB - ok
19:26:07.0333 0416 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:26:07.0369 0416 cdfs - ok
19:26:07.0407 0416 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:26:07.0417 0416 cdrom - ok
19:26:07.0446 0416 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:26:07.0492 0416 CertPropSvc - ok
19:26:07.0505 0416 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:26:07.0533 0416 circlass - ok
19:26:07.0573 0416 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:26:07.0587 0416 CLFS - ok
19:26:07.0644 0416 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:26:07.0652 0416 clr_optimization_v2.0.50727_32 - ok
19:26:07.0682 0416 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:26:07.0690 0416 clr_optimization_v2.0.50727_64 - ok
19:26:07.0729 0416 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:26:07.0756 0416 clr_optimization_v4.0.30319_32 - ok
19:26:07.0791 0416 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:26:07.0798 0416 clr_optimization_v4.0.30319_64 - ok
19:26:07.0830 0416 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:26:07.0852 0416 CmBatt - ok
19:26:07.0865 0416 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:26:07.0874 0416 cmdide - ok
19:26:07.0923 0416 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:26:07.0944 0416 CNG - ok
19:26:07.0947 0416 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:26:07.0956 0416 Compbatt - ok
19:26:07.0985 0416 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:26:08.0011 0416 CompositeBus - ok
19:26:08.0021 0416 COMSysApp - ok
19:26:08.0040 0416 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:26:08.0049 0416 crcdisk - ok
19:26:08.0106 0416 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:26:08.0128 0416 CryptSvc - ok
19:26:08.0239 0416 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:26:08.0258 0416 cvhsvc - ok
19:26:08.0356 0416 DCDhcpService (75e3c4bb1ed032310edcf5691a452b4b) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
19:26:08.0362 0416 DCDhcpService - ok
19:26:08.0418 0416 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:26:08.0463 0416 DcomLaunch - ok
19:26:08.0500 0416 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:26:08.0543 0416 defragsvc - ok
19:26:08.0595 0416 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:26:08.0646 0416 DfsC - ok
19:26:08.0697 0416 dg_ssudbus (113212d25d0c9bb8901a9833774da97f) C:\Windows\system32\DRIVERS\ssudbus.sys
19:26:08.0705 0416 dg_ssudbus - ok
19:26:08.0778 0416 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:26:08.0818 0416 Dhcp - ok
19:26:08.0839 0416 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:26:08.0886 0416 discache - ok
19:26:08.0925 0416 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:26:08.0933 0416 Disk - ok
19:26:08.0976 0416 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:26:09.0014 0416 Dnscache - ok
19:26:09.0054 0416 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:26:09.0108 0416 dot3svc - ok
19:26:09.0131 0416 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:26:09.0167 0416 DPS - ok
19:26:09.0198 0416 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:26:09.0218 0416 drmkaud - ok
19:26:09.0277 0416 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:26:09.0287 0416 dtsoftbus01 - ok
19:26:09.0340 0416 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:26:09.0363 0416 DXGKrnl - ok
19:26:09.0396 0416 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
19:26:09.0414 0416 e1yexpress - ok
19:26:09.0446 0416 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:26:09.0494 0416 EapHost - ok
19:26:09.0691 0416 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:26:09.0756 0416 ebdrv - ok
19:26:09.0874 0416 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:26:09.0906 0416 EFS - ok
19:26:09.0991 0416 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:26:10.0027 0416 ehRecvr - ok
19:26:10.0044 0416 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:26:10.0054 0416 ehSched - ok
19:26:10.0155 0416 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:26:10.0171 0416 elxstor - ok
19:26:10.0185 0416 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:26:10.0202 0416 ErrDev - ok
19:26:10.0260 0416 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:26:10.0304 0416 EventSystem - ok
19:26:10.0352 0416 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:26:10.0381 0416 exfat - ok
19:26:10.0408 0416 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:26:10.0450 0416 fastfat - ok
19:26:10.0497 0416 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:26:10.0532 0416 Fax - ok
19:26:10.0572 0416 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:26:10.0596 0416 fdc - ok
19:26:10.0618 0416 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:26:10.0654 0416 fdPHost - ok
19:26:10.0671 0416 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:26:10.0709 0416 FDResPub - ok
19:26:10.0735 0416 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:26:10.0744 0416 FileInfo - ok
19:26:10.0758 0416 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:26:10.0797 0416 Filetrace - ok
19:26:10.0833 0416 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:26:10.0843 0416 flpydisk - ok
19:26:10.0880 0416 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:26:10.0893 0416 FltMgr - ok
19:26:10.0957 0416 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:26:11.0004 0416 FontCache - ok
19:26:11.0064 0416 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:26:11.0071 0416 FontCache3.0.0.0 - ok
19:26:11.0102 0416 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:26:11.0111 0416 FsDepends - ok
19:26:11.0137 0416 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:26:11.0145 0416 Fs_Rec - ok
19:26:11.0178 0416 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:26:11.0192 0416 fvevol - ok
19:26:11.0216 0416 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:26:11.0225 0416 gagp30kx - ok
19:26:11.0273 0416 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:26:11.0308 0416 gpsvc - ok
19:26:11.0329 0416 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:26:11.0362 0416 hcw85cir - ok
19:26:11.0425 0416 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:26:11.0455 0416 HdAudAddService - ok
19:26:11.0492 0416 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:26:11.0510 0416 HDAudBus - ok
19:26:11.0527 0416 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:26:11.0550 0416 HidBatt - ok
19:26:11.0572 0416 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:26:11.0599 0416 HidBth - ok
19:26:11.0635 0416 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:26:11.0646 0416 HidIr - ok
19:26:11.0674 0416 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:26:11.0702 0416 hidserv - ok
19:26:11.0736 0416 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:26:11.0746 0416 HidUsb - ok
19:26:11.0757 0416 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:26:11.0797 0416 hkmsvc - ok
19:26:11.0822 0416 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:26:11.0845 0416 HomeGroupListener - ok
19:26:11.0869 0416 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:26:11.0891 0416 HomeGroupProvider - ok
19:26:11.0922 0416 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:26:11.0931 0416 HpSAMD - ok
19:26:11.0980 0416 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:26:12.0033 0416 HTTP - ok
19:26:12.0058 0416 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:26:12.0066 0416 hwpolicy - ok
19:26:12.0093 0416 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:26:12.0103 0416 i8042prt - ok
19:26:12.0122 0416 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
19:26:12.0133 0416 iaStor - ok
19:26:12.0196 0416 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:26:12.0202 0416 IAStorDataMgrSvc - ok
19:26:12.0245 0416 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:26:12.0259 0416 iaStorV - ok
19:26:12.0384 0416 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:26:12.0404 0416 idsvc - ok
19:26:12.0428 0416 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:26:12.0436 0416 iirsp - ok
19:26:12.0521 0416 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:26:12.0565 0416 IKEEXT - ok
19:26:12.0740 0416 IntcAzAudAddService (2cc2f7c5990bb76767038f4b16d17a56) C:\Windows\system32\drivers\RTKVHD64.sys
19:26:12.0789 0416 IntcAzAudAddService - ok
19:26:12.0910 0416 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:26:12.0918 0416 intelide - ok
19:26:12.0948 0416 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
19:26:12.0966 0416 intelppm - ok
19:26:12.0998 0416 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:26:13.0044 0416 IPBusEnum - ok
19:26:13.0074 0416 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:13.0101 0416 IpFilterDriver - ok
19:26:13.0136 0416 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:26:13.0147 0416 IPMIDRV - ok
19:26:13.0178 0416 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:26:13.0218 0416 IPNAT - ok
19:26:13.0243 0416 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:26:13.0265 0416 IRENUM - ok
19:26:13.0296 0416 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:26:13.0304 0416 isapnp - ok
19:26:13.0338 0416 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:26:13.0350 0416 iScsiPrt - ok
19:26:13.0406 0416 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
19:26:13.0413 0416 IviRegMgr - ok
19:26:13.0450 0416 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:26:13.0458 0416 kbdclass - ok
19:26:13.0471 0416 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:26:13.0493 0416 kbdhid - ok
19:26:13.0524 0416 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:13.0532 0416 KeyIso - ok
19:26:13.0546 0416 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:26:13.0555 0416 KSecDD - ok
19:26:13.0573 0416 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:26:13.0583 0416 KSecPkg - ok
19:26:13.0592 0416 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:26:13.0633 0416 ksthunk - ok
19:26:13.0688 0416 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:26:13.0719 0416 KtmRm - ok
19:26:13.0769 0416 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:26:13.0806 0416 LanmanServer - ok
19:26:13.0831 0416 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:26:13.0867 0416 LanmanWorkstation - ok
19:26:13.0892 0416 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:26:13.0930 0416 lltdio - ok
19:26:13.0982 0416 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:26:14.0025 0416 lltdsvc - ok
19:26:14.0039 0416 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:26:14.0079 0416 lmhosts - ok
19:26:14.0179 0416 LMS (1584deeae5aa0e3fb045f3d0eac585ea) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:26:14.0188 0416 LMS - ok
19:26:14.0231 0416 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:26:14.0240 0416 LSI_FC - ok
19:26:14.0258 0416 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:26:14.0267 0416 LSI_SAS - ok
19:26:14.0287 0416 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:26:14.0295 0416 LSI_SAS2 - ok
19:26:14.0315 0416 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:26:14.0325 0416 LSI_SCSI - ok
19:26:14.0351 0416 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:26:14.0394 0416 luafv - ok
19:26:14.0431 0416 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
19:26:14.0438 0416 MBAMProtector - ok
19:26:14.0499 0416 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:26:14.0513 0416 MBAMService - ok
19:26:14.0546 0416 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:26:14.0569 0416 Mcx2Svc - ok
19:26:14.0594 0416 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:26:14.0603 0416 megasas - ok
19:26:14.0640 0416 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:26:14.0652 0416 MegaSR - ok
19:26:14.0690 0416 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
19:26:14.0697 0416 MEIx64 - ok
19:26:14.0715 0416 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:26:14.0750 0416 MMCSS - ok
19:26:14.0763 0416 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:26:14.0803 0416 Modem - ok
19:26:14.0821 0416 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:26:14.0846 0416 monitor - ok
19:26:14.0894 0416 MotioninJoyXFilter (5fec1ff5bb9a1fa5c9cf4544d19d6d5d) C:\Windows\system32\DRIVERS\MijXfilt.sys
19:26:14.0902 0416 MotioninJoyXFilter - ok
19:26:14.0954 0416 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:26:14.0963 0416 mouclass - ok
19:26:14.0995 0416 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:26:15.0018 0416 mouhid - ok
19:26:15.0061 0416 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:26:15.0070 0416 mountmgr - ok
19:26:15.0148 0416 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:26:15.0157 0416 MozillaMaintenance - ok
19:26:15.0183 0416 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:26:15.0193 0416 mpio - ok
19:26:15.0209 0416 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:26:15.0237 0416 mpsdrv - ok
19:26:15.0261 0416 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:26:15.0284 0416 MRxDAV - ok
19:26:15.0314 0416 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:26:15.0350 0416 mrxsmb - ok
19:26:15.0385 0416 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:26:15.0397 0416 mrxsmb10 - ok
19:26:15.0404 0416 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:26:15.0413 0416 mrxsmb20 - ok
19:26:15.0434 0416 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:26:15.0443 0416 msahci - ok
19:26:15.0475 0416 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:26:15.0485 0416 msdsm - ok
19:26:15.0514 0416 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:26:15.0537 0416 MSDTC - ok
19:26:15.0553 0416 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:26:15.0587 0416 Msfs - ok
19:26:15.0613 0416 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:26:15.0646 0416 mshidkmdf - ok
19:26:15.0659 0416 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:26:15.0667 0416 msisadrv - ok
19:26:15.0700 0416 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:26:15.0743 0416 MSiSCSI - ok
19:26:15.0745 0416 msiserver - ok
19:26:15.0779 0416 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:26:15.0812 0416 MSKSSRV - ok
19:26:15.0827 0416 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:15.0869 0416 MSPCLOCK - ok
19:26:15.0882 0416 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:26:15.0923 0416 MSPQM - ok
19:26:15.0958 0416 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:26:15.0971 0416 MsRPC - ok
19:26:15.0995 0416 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:26:16.0003 0416 mssmbios - ok
19:26:16.0043 0416 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:26:16.0078 0416 MSTEE - ok
19:26:16.0100 0416 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:26:16.0123 0416 MTConfig - ok
19:26:16.0145 0416 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:26:16.0154 0416 Mup - ok
19:26:16.0220 0416 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:26:16.0269 0416 napagent - ok
19:26:16.0315 0416 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:26:16.0344 0416 NativeWifiP - ok
19:26:16.0445 0416 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:26:16.0466 0416 NDIS - ok
19:26:16.0490 0416 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:16.0517 0416 NdisCap - ok
19:26:16.0540 0416 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:16.0567 0416 NdisTapi - ok
19:26:16.0589 0416 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:16.0629 0416 Ndisuio - ok
19:26:16.0642 0416 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:16.0679 0416 NdisWan - ok
19:26:16.0699 0416 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:26:16.0725 0416 NDProxy - ok
19:26:16.0728 0416 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:26:16.0769 0416 NetBIOS - ok
19:26:16.0797 0416 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:26:16.0826 0416 NetBT - ok
19:26:16.0856 0416 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:16.0864 0416 Netlogon - ok
19:26:16.0905 0416 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:26:16.0946 0416 Netman - ok
19:26:17.0017 0416 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:17.0025 0416 NetMsmqActivator - ok
19:26:17.0028 0416 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:17.0035 0416 NetPipeActivator - ok
19:26:17.0065 0416 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:26:17.0109 0416 netprofm - ok
19:26:17.0111 0416 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:17.0119 0416 NetTcpActivator - ok
19:26:17.0121 0416 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:17.0129 0416 NetTcpPortSharing - ok
19:26:17.0176 0416 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:26:17.0185 0416 nfrd960 - ok
19:26:17.0238 0416 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:26:17.0278 0416 NlaSvc - ok
19:26:17.0321 0416 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:26:17.0348 0416 Npfs - ok
19:26:17.0357 0416 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:26:17.0398 0416 nsi - ok
19:26:17.0411 0416 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:26:17.0439 0416 nsiproxy - ok
19:26:17.0520 0416 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:26:17.0553 0416 Ntfs - ok
19:26:17.0655 0416 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:26:17.0693 0416 Null - ok
19:26:17.0726 0416 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\drivers\nusb3hub.sys
19:26:17.0749 0416 nusb3hub - ok
19:26:17.0777 0416 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\drivers\nusb3xhc.sys
19:26:17.0800 0416 nusb3xhc - ok
19:26:17.0828 0416 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
19:26:17.0837 0416 NVHDA - ok
19:26:18.0342 0416 nvlddmkm (a8151a773ce78233375445d41b77e85e) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:26:18.0629 0416 nvlddmkm - ok
19:26:18.0805 0416 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:26:18.0815 0416 nvraid - ok
19:26:18.0833 0416 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:26:18.0842 0416 nvstor - ok
19:26:18.0904 0416 NVSvc (b10cca77064c6171846e1cf0d7155af3) C:\Windows\system32\nvvsvc.exe
19:26:18.0925 0416 NVSvc - ok
19:26:18.0967 0416 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:26:18.0976 0416 nv_agp - ok
19:26:19.0002 0416 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:26:19.0028 0416 ohci1394 - ok
19:26:19.0105 0416 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:26:19.0113 0416 ose - ok
19:26:19.0346 0416 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:26:19.0432 0416 osppsvc - ok
19:26:19.0555 0416 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:26:19.0587 0416 p2pimsvc - ok
19:26:19.0623 0416 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:26:19.0636 0416 p2psvc - ok
19:26:19.0666 0416 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:26:19.0682 0416 Parport - ok
19:26:19.0711 0416 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:26:19.0720 0416 partmgr - ok
19:26:19.0742 0416 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:26:19.0769 0416 PcaSvc - ok
19:26:19.0789 0416 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:26:19.0799 0416 pci - ok
19:26:19.0814 0416 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:26:19.0821 0416 pciide - ok
19:26:19.0851 0416 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:26:19.0862 0416 pcmcia - ok
19:26:19.0866 0416 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:26:19.0874 0416 pcw - ok
19:26:19.0916 0416 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:26:19.0961 0416 PEAUTH - ok
19:26:20.0052 0416 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:26:20.0071 0416 PerfHost - ok
19:26:20.0195 0416 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:26:20.0254 0416 pla - ok
19:26:20.0316 0416 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:26:20.0349 0416 PlugPlay - ok
19:26:20.0455 0416 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
19:26:20.0466 0416 PMBDeviceInfoProvider - ok
19:26:20.0489 0416 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:26:20.0498 0416 PNRPAutoReg - ok
19:26:20.0523 0416 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:26:20.0535 0416 PNRPsvc - ok
19:26:20.0575 0416 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:26:20.0617 0416 PolicyAgent - ok
19:26:20.0652 0416 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:26:20.0693 0416 Power - ok
19:26:20.0763 0416 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:26:20.0796 0416 PptpMiniport - ok
19:26:20.0826 0416 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:26:20.0846 0416 Processor - ok
19:26:20.0880 0416 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:26:20.0911 0416 ProfSvc - ok
19:26:20.0931 0416 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:20.0940 0416 ProtectedStorage - ok
19:26:20.0970 0416 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:26:21.0011 0416 Psched - ok
19:26:21.0066 0416 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
19:26:21.0074 0416 PSI_SVC_2 - ok
19:26:21.0112 0416 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:26:21.0120 0416 PxHlpa64 - ok
19:26:21.0210 0416 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:26:21.0243 0416 ql2300 - ok
19:26:21.0322 0416 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:26:21.0332 0416 ql40xx - ok
19:26:21.0368 0416 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:26:21.0385 0416 QWAVE - ok
19:26:21.0399 0416 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:26:21.0419 0416 QWAVEdrv - ok
19:26:21.0431 0416 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:26:21.0474 0416 RasAcd - ok
19:26:21.0506 0416 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:21.0535 0416 RasAgileVpn - ok
19:26:21.0554 0416 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:26:21.0598 0416 RasAuto - ok
19:26:21.0605 0416 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:21.0635 0416 Rasl2tp - ok
19:26:21.0702 0416 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:26:21.0732 0416 RasMan - ok
19:26:21.0739 0416 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:21.0781 0416 RasPppoe - ok
19:26:21.0787 0416 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:26:21.0821 0416 RasSstp - ok
19:26:21.0844 0416 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:26:21.0885 0416 rdbss - ok
19:26:21.0908 0416 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:26:21.0919 0416 rdpbus - ok
19:26:21.0956 0416 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:21.0985 0416 RDPCDD - ok
19:26:21.0988 0416 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:26:22.0027 0416 RDPENCDD - ok
19:26:22.0030 0416 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:26:22.0057 0416 RDPREFMP - ok
19:26:22.0098 0416 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:26:22.0133 0416 RDPWD - ok
19:26:22.0165 0416 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:26:22.0175 0416 rdyboost - ok
19:26:22.0194 0416 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
19:26:22.0201 0416 regi - ok
19:26:22.0230 0416 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:26:22.0259 0416 RemoteAccess - ok
19:26:22.0284 0416 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:26:22.0326 0416 RemoteRegistry - ok
19:26:22.0369 0416 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:26:22.0392 0416 RFCOMM - ok
19:26:22.0442 0416 rimspci (ff71ecb1b121c6273ec4c45eddbc4fe4) C:\Windows\system32\drivers\rimssne64.sys
19:26:22.0470 0416 rimspci - ok
19:26:22.0507 0416 risdsnpe (e33075c22c14c57095f037253f936bb8) C:\Windows\system32\drivers\risdsnxc64.sys
19:26:22.0535 0416 risdsnpe - ok
19:26:22.0555 0416 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:26:22.0592 0416 RpcEptMapper - ok
19:26:22.0611 0416 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:26:22.0630 0416 RpcLocator - ok
19:26:22.0666 0416 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:26:22.0697 0416 RpcSs - ok
19:26:22.0724 0416 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:26:22.0752 0416 rspndr - ok
19:26:22.0791 0416 RTL8167 (4fe1cef69d36e913738234303986fbb3) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:26:22.0804 0416 RTL8167 - ok
19:26:22.0847 0416 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:22.0856 0416 SamSs - ok
19:26:22.0890 0416 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:26:22.0900 0416 sbp2port - ok
19:26:22.0924 0416 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:26:22.0953 0416 SCardSvr - ok
19:26:22.0970 0416 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:26:23.0005 0416 scfilter - ok
19:26:23.0059 0416 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:26:23.0106 0416 Schedule - ok
19:26:23.0138 0416 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:26:23.0163 0416 SCPolicySvc - ok
19:26:23.0204 0416 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:26:23.0227 0416 sdbus - ok
19:26:23.0266 0416 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:26:23.0300 0416 SDRSVC - ok
19:26:23.0316 0416 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:26:23.0355 0416 secdrv - ok
19:26:23.0373 0416 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:26:23.0400 0416 seclogon - ok
19:26:23.0419 0416 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:26:23.0446 0416 SENS - ok
19:26:23.0468 0416 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:26:23.0494 0416 SensrSvc - ok
19:26:23.0521 0416 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:26:23.0539 0416 Serenum - ok
19:26:23.0564 0416 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:26:23.0584 0416 Serial - ok
19:26:23.0618 0416 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:26:23.0638 0416 sermouse - ok
19:26:23.0672 0416 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:26:23.0708 0416 SessionEnv - ok
19:26:23.0743 0416 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
19:26:23.0773 0416 SFEP - ok
19:26:23.0784 0416 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:26:23.0795 0416 sffdisk - ok
19:26:23.0804 0416 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:26:23.0828 0416 sffp_mmc - ok
19:26:23.0842 0416 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:26:23.0867 0416 sffp_sd - ok
19:26:23.0893 0416 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:26:23.0915 0416 sfloppy - ok
19:26:23.0994 0416 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:26:24.0012 0416 Sftfs - ok
19:26:24.0098 0416 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:26:24.0111 0416 sftlist - ok
19:26:24.0136 0416 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:26:24.0147 0416 Sftplay - ok
19:26:24.0171 0416 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:26:24.0178 0416 Sftredir - ok
19:26:24.0205 0416 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:26:24.0212 0416 Sftvol - ok
19:26:24.0229 0416 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:26:24.0238 0416 sftvsa - ok
19:26:24.0279 0416 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:26:24.0319 0416 ShellHWDetection - ok
19:26:24.0352 0416 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:26:24.0360 0416 SiSRaid2 - ok
19:26:24.0388 0416 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:26:24.0397 0416 SiSRaid4 - ok
19:26:24.0439 0416 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:26:24.0476 0416 Smb - ok
19:26:24.0522 0416 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:26:24.0546 0416 SNMPTRAP - ok
19:26:24.0620 0416 SOHCImp (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
19:26:24.0629 0416 SOHCImp - ok
19:26:24.0633 0416 SOHDs (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
19:26:24.0639 0416 SOHDs - ok
19:26:24.0714 0416 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
19:26:24.0726 0416 SpfService - ok
19:26:24.0746 0416 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:26:24.0753 0416 spldr - ok
19:26:24.0790 0416 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:26:24.0823 0416 Spooler - ok
19:26:24.0961 0416 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:26:25.0037 0416 sppsvc - ok
19:26:25.0154 0416 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:26:25.0183 0416 sppuinotify - ok
19:26:25.0234 0416 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:26:25.0265 0416 srv - ok
19:26:25.0298 0416 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:26:25.0324 0416 srv2 - ok
19:26:25.0339 0416 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:26:25.0349 0416 srvnet - ok
19:26:25.0373 0416 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:26:25.0403 0416 SSDPSRV - ok
19:26:25.0421 0416 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:26:25.0449 0416 SstpSvc - ok
19:26:25.0490 0416 ssudmdm (78cd64791f8634cf7b582fd085e57c4b) C:\Windows\system32\DRIVERS\ssudmdm.sys
19:26:25.0500 0416 ssudmdm - ok
19:26:25.0555 0416 Steam Client Service - ok
19:26:25.0597 0416 Stereo Service (525597fa2e9d49f19c59623b05562968) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:26:25.0607 0416 Stereo Service - ok
19:26:25.0633 0416 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:26:25.0641 0416 stexstor - ok
19:26:25.0683 0416 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:26:25.0710 0416 stisvc - ok
19:26:25.0734 0416 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:26:25.0742 0416 swenum - ok
19:26:25.0782 0416 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:26:25.0829 0416 swprv - ok
19:26:25.0929 0416 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\drivers\SynTP.sys
19:26:25.0957 0416 SynTP - ok
19:26:26.0142 0416 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:26:26.0192 0416 SysMain - ok
19:26:26.0232 0416 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:26:26.0246 0416 TabletInputService - ok
19:26:26.0270 0416 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:26:26.0301 0416 TapiSrv - ok
19:26:26.0312 0416 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:26:26.0349 0416 TBS - ok
19:26:26.0474 0416 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:26:26.0511 0416 Tcpip - ok
19:26:26.0630 0416 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:26:26.0660 0416 TCPIP6 - ok
19:26:26.0722 0416 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:26:26.0764 0416 tcpipreg - ok
19:26:26.0782 0416 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:26:26.0808 0416 TDPIPE - ok
19:26:26.0831 0416 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:26:26.0840 0416 TDTCP - ok
19:26:26.0856 0416 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:26:26.0895 0416 tdx - ok
19:26:26.0929 0416 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:26:26.0938 0416 TermDD - ok
19:26:26.0988 0416 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:26:27.0036 0416 TermService - ok
19:26:27.0052 0416 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:26:27.0065 0416 Themes - ok
19:26:27.0088 0416 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:26:27.0116 0416 THREADORDER - ok
19:26:27.0135 0416 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:26:27.0175 0416 TrkWks - ok
19:26:27.0229 0416 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:26:27.0271 0416 TrustedInstaller - ok
19:26:27.0300 0416 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:26:27.0340 0416 tssecsrv - ok
19:26:27.0345 0416 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:26:27.0364 0416 TsUsbFlt - ok
19:26:27.0381 0416 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:26:27.0389 0416 TsUsbGD - ok
19:26:27.0420 0416 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:26:27.0458 0416 tunnel - ok
19:26:27.0482 0416 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:26:27.0491 0416 uagp35 - ok
19:26:27.0567 0416 uCamMonitor (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
19:26:27.0574 0416 uCamMonitor - ok
19:26:27.0605 0416 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:26:27.0646 0416 udfs - ok
19:26:27.0676 0416 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:26:27.0701 0416 UI0Detect - ok
19:26:27.0740 0416 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:26:27.0748 0416 uliagpkx - ok
19:26:27.0788 0416 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:26:27.0809 0416 umbus - ok
19:26:27.0846 0416 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:26:27.0862 0416 UmPass - ok
19:26:28.0021 0416 UNS (fc43877b4625f6eb773c98233eb625c5) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:26:28.0059 0416 UNS - ok
19:26:28.0175 0416 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:26:28.0215 0416 upnphost - ok
19:26:28.0247 0416 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:26:28.0267 0416 usbccgp - ok
19:26:28.0298 0416 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:26:28.0310 0416 usbcir - ok
19:26:28.0324 0416 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:26:28.0344 0416 usbehci - ok
19:26:28.0376 0416 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:26:28.0397 0416 usbhub - ok
19:26:28.0420 0416 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:26:28.0441 0416 usbohci - ok
19:26:28.0464 0416 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:26:28.0490 0416 usbprint - ok
19:26:28.0505 0416 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:26:28.0540 0416 USBSTOR - ok
19:26:28.0555 0416 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:26:28.0577 0416 usbuhci - ok
19:26:28.0618 0416 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:26:28.0644 0416 usbvideo - ok
19:26:28.0668 0416 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:26:28.0706 0416 UxSms - ok
19:26:28.0813 0416 VAIO Event Service (dcb1f83ad167d16d263ce57c94e9eedf) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
19:26:28.0820 0416 VAIO Event Service - ok
19:26:28.0874 0416 VAIO Power Management (ef7cf87f940f9104a3079f839bdc60c5) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
19:26:28.0890 0416 VAIO Power Management - ok
19:26:28.0915 0416 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:28.0924 0416 VaultSvc - ok
19:26:29.0005 0416 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
19:26:29.0027 0416 VCFw - ok
19:26:29.0128 0416 VcmIAlzMgr (bffde5af83dbef61f8afe1781482521d) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
19:26:29.0151 0416 VcmIAlzMgr - ok
19:26:29.0196 0416 VcmINSMgr (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
19:26:29.0212 0416 VcmINSMgr - ok
19:26:29.0267 0416 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
19:26:29.0276 0416 VcmXmlIfHelper - ok
19:26:29.0316 0416 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
19:26:29.0323 0416 VCService - ok
19:26:29.0424 0416 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:26:29.0433 0416 vdrvroot - ok
19:26:29.0469 0416 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:26:29.0509 0416 vds - ok
19:26:29.0534 0416 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:26:29.0546 0416 vga - ok
19:26:29.0556 0416 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:26:29.0592 0416 VgaSave - ok
19:26:29.0639 0416 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:26:29.0650 0416 vhdmp - ok
19:26:29.0672 0416 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:26:29.0680 0416 viaide - ok
19:26:29.0718 0416 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:26:29.0727 0416 volmgr - ok
19:26:29.0743 0416 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:26:29.0756 0416 volmgrx - ok
19:26:29.0779 0416 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:26:29.0791 0416 volsnap - ok
19:26:29.0829 0416 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:26:29.0839 0416 vsmraid - ok
19:26:29.0967 0416 VSNService (03f6f618367cb16a2176b8db4215d1f9) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
19:26:29.0993 0416 VSNService - ok
19:26:30.0116 0416 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:26:30.0176 0416 VSS - ok
19:26:30.0333 0416 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
19:26:30.0355 0416 VUAgent - ok
19:26:30.0438 0416 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:26:30.0463 0416 vwifibus - ok
19:26:30.0485 0416 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:26:30.0507 0416 vwififlt - ok
19:26:30.0524 0416 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:26:30.0544 0416 vwifimp - ok
19:26:30.0591 0416 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:26:30.0623 0416 W32Time - ok
19:26:30.0640 0416 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:26:30.0664 0416 WacomPen - ok
19:26:30.0705 0416 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:30.0746 0416 WANARP - ok
19:26:30.0748 0416 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:30.0774 0416 Wanarpv6 - ok
19:26:30.0867 0416 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:26:30.0895 0416 WatAdminSvc - ok
19:26:31.0010 0416 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:26:31.0069 0416 wbengine - ok
19:26:31.0160 0416 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:26:31.0176 0416 WbioSrvc - ok
19:26:31.0201 0416 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:26:31.0232 0416 wcncsvc - ok
19:26:31.0251 0416 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:26:31.0281 0416 WcsPlugInService - ok
19:26:31.0306 0416 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:26:31.0315 0416 Wd - ok
19:26:31.0364 0416 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:26:31.0382 0416 Wdf01000 - ok
19:26:31.0398 0416 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:26:31.0458 0416 WdiServiceHost - ok
19:26:31.0460 0416 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:26:31.0474 0416 WdiSystemHost - ok
19:26:31.0515 0416 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:26:31.0541 0416 WebClient - ok
19:26:31.0570 0416 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:26:31.0616 0416 Wecsvc - ok
19:26:31.0636 0416 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:26:31.0665 0416 wercplsupport - ok
19:26:31.0685 0416 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:26:31.0715 0416 WerSvc - ok
19:26:31.0773 0416 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:26:31.0800 0416 WfpLwf - ok
19:26:31.0807 0416 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:26:31.0815 0416 WIMMount - ok
19:26:31.0819 0416 WinHttpAutoProxySvc - ok
19:26:31.0882 0416 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:26:31.0925 0416 Winmgmt - ok
19:26:32.0024 0416 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:26:32.0076 0416 WinRM - ok
19:26:32.0211 0416 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:26:32.0232 0416 WinUsb - ok
19:26:32.0328 0416 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:26:32.0364 0416 Wlansvc - ok
19:26:32.0414 0416 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:26:32.0421 0416 wlcrasvc - ok
19:26:32.0535 0416 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:26:32.0578 0416 wlidsvc - ok
19:26:32.0669 0416 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:26:32.0692 0416 WmiAcpi - ok
19:26:32.0746 0416 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:26:32.0767 0416 wmiApSrv - ok
19:26:32.0809 0416 WMPNetworkSvc - ok
19:26:32.0830 0416 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:26:32.0851 0416 WPCSvc - ok
19:26:32.0874 0416 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:26:32.0898 0416 WPDBusEnum - ok
19:26:32.0921 0416 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:26:32.0947 0416 ws2ifsl - ok
19:26:32.0950 0416 WSearch - ok
19:26:32.0965 0416 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:26:32.0991 0416 WudfPf - ok
19:26:33.0023 0416 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:26:33.0063 0416 WUDFRd - ok
19:26:33.0093 0416 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:26:33.0119 0416 wudfsvc - ok
19:26:33.0148 0416 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:26:33.0174 0416 WwanSvc - ok
19:26:33.0201 0416 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys
19:26:33.0209 0416 xusb21 - ok
19:26:33.0237 0416 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:26:34.0120 0416 \Device\Harddisk0\DR0 - ok
19:26:34.0147 0416 Boot (0x1200) (2afd3184df4dcdbcd7bca2141a561e31) \Device\Harddisk0\DR0\Partition0
19:26:34.0149 0416 \Device\Harddisk0\DR0\Partition0 - ok
19:26:34.0163 0416 Boot (0x1200) (6091cf625107424e7b5143b9657171b9) \Device\Harddisk0\DR0\Partition1
19:26:34.0165 0416 \Device\Harddisk0\DR0\Partition1 - ok
19:26:34.0165 0416 ============================================================
19:26:34.0165 0416 Scan finished
19:26:34.0165 0416 ============================================================
19:26:34.0172 4392 Detected object count: 0
19:26:34.0172 4392 Actual detected object count: 0
|
|
13.08.2012, 19:23
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.08.2012, 20:38
| #20 |
| | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dllCode:
ATTFilter ComboFix 12-08-13.01 - Kim 13.08.2012 21:22:54.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6125.4825 [GMT 2:00]
ausgeführt von:: c:\users\Kim\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\RGSS103J.dll
c:\windows\SysWow64\RGSS104E.dll
c:\windows\SysWow64\RGSS104J.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-13 bis 2012-08-13 ))))))))))))))))))))))))))))))
.
.
2012-08-13 19:28 . 2012-08-13 19:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-12 12:19 . 2012-08-13 14:35 -------- d-----w- C:\_OTL
2012-08-09 11:29 . 2012-08-09 11:29 -------- d-----w- c:\program files (x86)\ESET
2012-08-07 17:17 . 2012-08-07 17:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-07 17:17 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-03 14:06 . 2012-08-03 14:06 -------- d-----w- c:\users\Kim\AppData\Roaming\TuneUp Software
2012-08-03 14:05 . 2012-08-07 17:27 -------- d-----w- c:\programdata\TuneUp Software
2012-08-03 14:05 . 2012-08-03 14:10 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2012-08-03 14:05 . 2012-08-03 14:05 -------- d--h--w- c:\programdata\Common Files
2012-07-29 19:23 . 2000-05-16 08:40 83968 ----a-w- c:\windows\UnGins.exe
2012-07-29 19:23 . 2012-07-29 19:23 -------- d-----w- c:\program files (x86)\ASCII
2012-07-29 19:23 . 2000-03-06 22:00 237568 ----a-w- c:\windows\SysWow64\Unlha32.dll
2012-07-29 19:23 . 2000-03-06 22:00 473600 ----a-w- c:\windows\SysWow64\Harmony.dll
2012-07-29 19:15 . 2005-08-29 22:00 778752 ----a-w- c:\windows\SysWow64\RGSS102E.dll
2012-07-29 19:15 . 2005-08-29 22:00 781312 ----a-w- c:\windows\SysWow64\RGSS102J.dll
2012-07-29 19:15 . 2005-08-29 22:00 771584 ----a-w- c:\windows\SysWow64\RGSS100J.dll
2012-07-29 19:09 . 2012-07-29 19:15 -------- d-----w- c:\program files (x86)\Common Files\Enterbrain
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-14 17:15 . 2012-07-14 17:15 65536 ----a-r- c:\users\Kim\AppData\Roaming\Microsoft\Installer\{B727BD4D-0C42-43F7-AC60-4AFBDDC732BD}\FlexPoints.exe1_B727BD4D0C4243F7AC604AFBDDC732BD_5.exe
2012-07-14 17:15 . 2012-07-14 17:15 65536 ----a-r- c:\users\Kim\AppData\Roaming\Microsoft\Installer\{B727BD4D-0C42-43F7-AC60-4AFBDDC732BD}\FlexPoints.exe_B727BD4D0C4243F7AC604AFBDDC732BD_7.exe
2012-07-10 14:13 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-07-10 14:12 . 2012-04-13 08:06 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-10 14:12 . 2011-09-16 18:48 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-02 22:19 . 2012-06-21 06:48 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 06:48 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 06:48 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 06:48 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 06:48 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 06:48 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 06:48 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 06:48 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 06:48 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 04:04 . 2012-07-10 14:02 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CE4D0E71-EE56-4C67-86DA-50330947C441}\mpengine.dll
2012-05-26 21:25 . 2011-11-18 21:45 952 --sha-w- c:\programdata\KGyGaAvL.sys
2012-05-18 02:47 . 2012-06-13 17:37 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-05-18 02:16 . 2012-06-13 17:37 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-05-18 02:06 . 2012-06-13 17:37 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-05-18 01:59 . 2012-06-13 17:37 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-05-18 01:59 . 2012-06-13 17:37 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-05-18 01:58 . 2012-06-13 17:37 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-18 01:58 . 2012-06-13 17:37 237056 ----a-w- c:\windows\system32\url.dll
2012-05-18 01:56 . 2012-06-13 17:37 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-18 01:55 . 2012-06-13 17:37 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-18 01:55 . 2012-06-13 17:37 818688 ----a-w- c:\windows\system32\jscript.dll
2012-05-18 01:54 . 2012-06-13 17:37 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-05-18 01:51 . 2012-06-13 17:37 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-05-18 01:51 . 2012-06-13 17:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-05-18 01:47 . 2012-06-13 17:37 248320 ----a-w- c:\windows\system32\ieui.dll
2012-05-17 22:45 . 2012-06-13 17:37 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-05-17 22:35 . 2012-06-13 17:37 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-17 22:35 . 2012-06-13 17:37 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-05-17 22:29 . 2012-06-13 17:37 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-05-17 22:24 . 2012-06-13 17:37 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-05-16 07:04 . 2011-05-30 08:21 433152 ----a-w- c:\windows\system32\SonyVideoProcessor.dll
2012-05-16 07:04 . 2011-05-30 08:21 341504 ----a-w- c:\windows\SysWow64\SonyVideoProcessor.dll
2006-05-03 11:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
.
c:\users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2011-04-29 51872]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-04-29 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-04-29 283296]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-04-29 288416]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-07-19 104096]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-15 99384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-11-10 115272]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-15 203320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-24 652016]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-15 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-30 270912]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2011-03-01 102400]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsnxc64.sys [2011-03-01 98816]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-16 378472]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-07 2656280]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2011-02-14 550080]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-08-12 971704]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-04-29 29344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2011-03-07 56344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-12-10 181248]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-05-17 174184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-07 413800]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-07 11776104]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-07 2188904]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 10.0.0.10:3128
uInternet Settings,ProxyOverride = <local>
mSearchAssistant = hxxp://www.google.com
TCP: DhcpNameServer = 217.0.43.113 192.168.0.1
TCP: Interfaces\{1FFEF02D-4253-4AEE-B6ED-39710311CC74}\263726F5F6C6C6: NameServer = 10.0.0.1,192.168.1.254
FF - ProfilePath - c:\users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\ndauc2gq.default\
FF - prefs.js: browser.startup.homepage - hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F%3Fhl%3Dde%26tab%3Dwm%26ui%3Dhtml%26zy%3Dl&bsv=llya694le36z&scc=1<mpl=googlemail&hl=de&from=login
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-13 21:33:03 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-13 19:33
.
Vor Suchlauf: 15 Verzeichnis(se), 436.506.157.056 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 436.211.335.168 Bytes frei
.
- - End Of File - - 0D90E5FEFCD6700CBF39347DA4DA287F
|
|
14.08.2012, 14:46
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ --> TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll |
|
14.08.2012, 16:26
| #22 |
| | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll OSAM Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 17:08:19 on 14.08.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Pando" - "Pando Networks" - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "regi" (regi) - "InterVideo" - C:\Windows\system32\drivers\regi.sys "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "ClsidExtension" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "CIESpeechBHO Class" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "OpenOffice.org 3.3.lnk" - ? - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe "PMBVolumeWatcher" - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Active File Monitor V9" (AdobeActiveFileMonitor9.0) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "Atheros Bt&Wlan Coex Agent" (Atheros Bt&Wlan Coex Agent) - "Atheros" - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe "AtherosSvc" (AtherosSvc) - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe "BBUpdate" (BBUpdate) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE "Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE "CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "DCDhcpService" (DCDhcpService) - "Atheros Communication Inc." - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe "IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "NVIDIA Driver Helper Service" (NVSvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "PMBDeviceInfoProvider" (PMBDeviceInfoProvider) - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe "Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe "VAIO Care Performance Service" (SampleCollector) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCPerfService.exe "VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe "VAIO Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe "VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe "VAIO Content Metadata Intelligent Network Service Manager" (VcmINSMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe "VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe "VAIO Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe "VAIO Entertainment Common Service" (SpfService) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe "VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe "VAIO Power Management" (VAIO Power Management) - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMService.exe "VCService" (VCService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCService.exe "VSNService" (VSNService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe "VUAgent" (VUAgent) - "Sony Corporation" - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-14 17:25:43
Windows 6.1.7601 Service Pack 1
Running: 578nm8b2.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004eacc70a
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78b82418
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78b82418@64995dae40c7 0xD9 0xA8 0x1A 0xE2 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78b82418@ccf9e8f59c31 0x97 0x8E 0x1C 0x61 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78b82418@ccf9e844313c 0xA9 0x8F 0x1B 0x7E ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004eacc70a (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78b82418 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78b82418@64995dae40c7 0xD9 0xA8 0x1A 0xE2 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78b82418@ccf9e8f59c31 0x97 0x8E 0x1C 0x61 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78b82418@ccf9e844313c 0xA9 0x8F 0x1B 0x7E ...
---- EOF - GMER 1.0.15 ----
aswMBR Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-14 17:27:42
-----------------------------
17:27:42.355 OS Version: Windows x64 6.1.7601 Service Pack 1
17:27:42.355 Number of processors: 8 586 0x2A07
17:27:42.355 ComputerName: KIM-VAIO UserName: Kim
17:27:43.307 Initialize success
17:31:05.704 AVAST engine defs: 12081400
17:31:22.975 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:31:22.975 Disk 0 Vendor: TOSHIBA_ MJ00 Size: 610480MB BusType: 3
17:31:22.990 Disk 0 MBR read successfully
17:31:22.990 Disk 0 MBR scan
17:31:22.990 Disk 0 Windows 7 default MBR code
17:31:23.006 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 17150 MB offset 2048
17:31:23.021 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 35125248
17:31:23.037 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 593228 MB offset 35330048
17:31:23.053 Disk 0 scanning C:\Windows\system32\drivers
17:31:30.369 Service scanning
17:31:49.432 Modules scanning
17:31:49.432 Disk 0 trace - called modules:
17:31:49.463 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:31:49.463 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006228790]
17:31:49.463 3 CLASSPNP.SYS[fffff88001baf43f] -> nt!IofCallDriver -> [0xfffffa8005ff14c0]
17:31:49.479 5 ACPI.sys[fffff88000f247a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005ff5050]
17:31:50.477 AVAST engine scan C:\Windows
17:31:52.786 AVAST engine scan C:\Windows\system32
17:33:44.358 AVAST engine scan C:\Windows\system32\drivers
17:33:54.046 AVAST engine scan C:\Users\Kim
17:35:39.003 AVAST engine scan C:\ProgramData
17:37:36.846 Scan finished successfully
17:39:44.985 Disk 0 MBR has been saved successfully to "C:\Users\Kim\Desktop\MBR.dat"
17:39:44.985 The log file has been saved successfully to "C:\Users\Kim\Desktop\aswMBR.txt"
Geändert von Moep09 (14.08.2012 um 16:42 Uhr) |
|
14.08.2012, 17:02
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.08.2012, 18:18
| #24 |
| | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll SUPERAntiSpyware Scan Log Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/15/2012 at 05:00 PM
Application Version : 5.5.1012
Core Rules Database Version : 9059
Trace Rules Database Version: 6871
Scan type : Complete Scan
Total Scan Time : 01:30:40
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 642
Memory threats detected : 0
Registry items scanned : 66779
Registry threats detected : 0
File items scanned : 248809
File threats detected : 207
Adware.Tracking Cookie
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\3T3D125B.txt [ /fastclick.net ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\WDOEDIF6.txt [ /accountingbusinessservice.com ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\831M8Z2X.txt [ /adform.net ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\VF69X6GN.txt [ /zanox.com ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\YRN7Y04F.txt [ /ad.zanox.com ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\WEXH4TC2.txt [ /doubleclick.net ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\9A9GSYWT.txt [ /imrworldwide.com ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\S7JQDU0Q.txt [ /atdmt.com ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\GIN3HBYC.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\UD1G6W8X.txt [ /track.adform.net ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\1ZDSHI7D.txt [ /apmebf.com ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\M4YKPJHP.txt [ /mediaplex.com ]
C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Cookies\W21NS8U1.txt [ /adfarm1.adition.com ]
C:\USERS\KIM\AppData\Roaming\Microsoft\Windows\Cookies\Low\kim@google[3].txt [ Cookie:kim@google.com/accounts/ ]
C:\USERS\KIM\Cookies\3T3D125B.txt [ Cookie:kim@fastclick.net/ ]
C:\USERS\KIM\Cookies\WDOEDIF6.txt [ Cookie:kim@accountingbusinessservice.com/ ]
C:\USERS\KIM\Cookies\831M8Z2X.txt [ Cookie:kim@adform.net/ ]
C:\USERS\KIM\Cookies\VF69X6GN.txt [ Cookie:kim@zanox.com/ ]
C:\USERS\KIM\Cookies\YRN7Y04F.txt [ Cookie:kim@ad.zanox.com/ ]
C:\USERS\KIM\Cookies\9A9GSYWT.txt [ Cookie:kim@imrworldwide.com/cgi-bin ]
C:\USERS\KIM\Cookies\GIN3HBYC.txt [ Cookie:kim@ad1.adfarm1.adition.com/ ]
C:\USERS\KIM\Cookies\1ZDSHI7D.txt [ Cookie:kim@apmebf.com/ ]
C:\USERS\KIM\Cookies\M4YKPJHP.txt [ Cookie:kim@mediaplex.com/ ]
C:\USERS\KIM\Cookies\W21NS8U1.txt [ Cookie:kim@adfarm1.adition.com/ ]
cdn1.static.youporn.phncdn.com [ C:\USERS\KIM\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ULUWKY2H ]
.imrworldwide.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
adserver.ps3m.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NDAUC2GQ.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.15.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Kim :: KIM-VAIO [Administrator] 15.08.2012 18:33:06 mbam-log-2012-08-15 (19-17-21).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 456013 Laufzeit: 43 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\_OTL\MovedFiles\08122012_141909\C_Users\Kim\AppData\Local\Temp\msimg32.dll (RootKit.0Access) -> Keine Aktion durchgeführt. (Ende) |
|
16.08.2012, 08:31
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll Sieht ok aus, da wurden nur Cookies gefunden. Und ein isolierter Schädling in der Q von OTL, der ist da harmlos. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.08.2012, 09:24
| #26 |
| | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll Nein, funktioniert alles wunderbar Kann ich die ganzen Programme und den Isolierten Schädling löschen?Ansonsten bedanke ich mich herzlichst Hast mir wirklich sehr geholfen. Vielen Dank! |
|
16.08.2012, 11:03
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.08.2012, 20:34
| #28 |
| | TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll Alles erledigt. Vielen Dank |
|
| Themen zu TR/Crypt.ZPACK.Gen8 in C:\Users\XXX\AppData\Local\Temp\msimg32.dll |
| .dll, antivirus, appdata, avira, datei, dateien, erstell, folge, folgendes, free, fund, hinweis, hoffe, leitfaden, msimg32.dll, namen, pferd, richtig, temp, tr/crypt.zpack.gen, troja, trojanische, trojanische pferd, verschoben, windows, windows 7, windows 7 64 bit |
Linear-Darstellung
