| |
| |||||||
Log-Analyse und Auswertung: Dieses Programm kann die Webseite nicht anzeigenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.09.2012, 08:46
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Dieses Programm kann die Webseite nicht anzeigen Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
O3 - HKU\S-1-5-21-981068331-3160160095-2827742430-1000\..\Toolbar\WebBrowser: (no name) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c0f10771-d95e-11e1-8397-8c89a59b9d1d}\Shell - "" = AutoRun
:Files
C:\ProgramData\rxwauxnhunlrqqh
C:\Users\Family\AppData\Local\{*
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.09.2012, 16:38
| #17 |
 | Dieses Programm kann die Webseite nicht anzeigen Hallo Cosinus,
__________________anbei das Log-File von dem OTL durchlauf. Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-981068331-3160160095-2827742430-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0f10771-d95e-11e1-8397-8c89a59b9d1d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c0f10771-d95e-11e1-8397-8c89a59b9d1d}\ not found.
========== FILES ==========
C:\ProgramData\rxwauxnhunlrqqh folder moved successfully.
C:\Users\Family\AppData\Local\{331E43C9-3E2A-4974-A2F1-C9250D795A29} folder moved successfully.
C:\Users\Family\AppData\Local\{4EB4D349-9E2F-41BB-9FDE-87C60EFAA4C9} folder moved successfully.
C:\Users\Family\AppData\Local\{5D5B1F2D-94D5-43CB-93BB-89BDAC831AD6} folder moved successfully.
C:\Users\Family\AppData\Local\{720AA5F0-A88E-4ED4-95E2-1B7C32BFEF7F} folder moved successfully.
C:\Users\Family\AppData\Local\{7F8724CC-B4D5-4582-966A-135BDDC6692D} folder moved successfully.
C:\Users\Family\AppData\Local\{8927EEB9-4F3D-46ED-B1D8-D23FA1B57F62} folder moved successfully.
C:\Users\Family\AppData\Local\{A5BE2EE9-0F45-4C75-A7C9-7A117C04E132} folder moved successfully.
C:\Users\Family\AppData\Local\{B9023C85-319F-4CEA-8950-FACCCFE70B5A} folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Family\Desktop\cmd.bat deleted successfully.
C:\Users\Family\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Family
->Temp folder emptied: 1823799853 bytes
->Temporary Internet Files folder emptied: 35298752 bytes
->Java cache emptied: 192607 bytes
->FireFox cache emptied: 363296209 bytes
->Flash cache emptied: 57877 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16605429 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2.136,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.5 log created on 09172012_173036
Files\Folders moved on Reboot...
C:\Users\Family\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\asat0000.tmp scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
17.09.2012, 20:42
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Webseite nicht anzeigen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
18.09.2012, 06:57
| #19 |
| | Dieses Programm kann die Webseite nicht anzeigen anbei das gewünschte Log-File. Code:
ATTFilter 07:50:03.0793 4584 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
07:50:08.0900 4584 ============================================================
07:50:08.0900 4584 Current date / time: 2012/09/18 07:50:08.0900
07:50:08.0900 4584 SystemInfo:
07:50:08.0900 4584
07:50:08.0900 4584 OS Version: 6.1.7601 ServicePack: 1.0
07:50:08.0900 4584 Product type: Workstation
07:50:08.0900 4584 ComputerName: FAMILY-PC
07:50:08.0901 4584 UserName: Family
07:50:08.0901 4584 Windows directory: C:\Windows
07:50:08.0901 4584 System windows directory: C:\Windows
07:50:08.0901 4584 Running under WOW64
07:50:08.0901 4584 Processor architecture: Intel x64
07:50:08.0901 4584 Number of processors: 4
07:50:08.0901 4584 Page size: 0x1000
07:50:08.0901 4584 Boot type: Normal boot
07:50:08.0901 4584 ============================================================
07:50:09.0573 4584 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:50:09.0592 4584 ============================================================
07:50:09.0592 4584 \Device\Harddisk0\DR0:
07:50:09.0593 4584 MBR partitions:
07:50:09.0593 4584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
07:50:09.0593 4584 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xA8454800
07:50:09.0593 4584 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA8487000, BlocksNum 0x6400000
07:50:09.0593 4584 ============================================================
07:50:09.0609 4584 C: <-> \Device\Harddisk0\DR0\Partition2
07:50:09.0662 4584 D: <-> \Device\Harddisk0\DR0\Partition3
07:50:09.0662 4584 ============================================================
07:50:09.0662 4584 Initialize success
07:50:09.0662 4584 ============================================================
07:51:19.0769 5412 ============================================================
07:51:19.0769 5412 Scan started
07:51:19.0769 5412 Mode: Manual; SigCheck; TDLFS;
07:51:19.0769 5412 ============================================================
07:51:19.0973 5412 ================ Scan system memory ========================
07:51:19.0973 5412 System memory - ok
07:51:19.0974 5412 ================ Scan services =============================
07:51:20.0073 5412 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:51:20.0192 5412 1394ohci - ok
07:51:20.0215 5412 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:51:20.0234 5412 ACPI - ok
07:51:20.0239 5412 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:51:20.0321 5412 AcpiPmi - ok
07:51:20.0484 5412 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
07:51:20.0499 5412 AdobeActiveFileMonitor9.0 - ok
07:51:20.0610 5412 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:51:20.0621 5412 AdobeARMservice - ok
07:51:20.0643 5412 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
07:51:20.0666 5412 adp94xx - ok
07:51:20.0684 5412 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
07:51:20.0697 5412 adpahci - ok
07:51:20.0706 5412 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
07:51:20.0716 5412 adpu320 - ok
07:51:20.0743 5412 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:51:20.0806 5412 AeLookupSvc - ok
07:51:20.0851 5412 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
07:51:20.0913 5412 AFD - ok
07:51:20.0927 5412 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
07:51:20.0941 5412 agp440 - ok
07:51:20.0967 5412 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
07:51:21.0011 5412 ALG - ok
07:51:21.0034 5412 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
07:51:21.0047 5412 aliide - ok
07:51:21.0075 5412 [ C08ADE825268D291AFE06EDA71415C7D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
07:51:21.0147 5412 AMD External Events Utility - ok
07:51:21.0167 5412 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
07:51:21.0174 5412 amdide - ok
07:51:21.0195 5412 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
07:51:21.0221 5412 AmdK8 - ok
07:51:21.0388 5412 [ F59A32A90C4F96189CD74473F7BE572B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
07:51:21.0609 5412 amdkmdag - ok
07:51:21.0640 5412 [ 0327723D45A7BB7C1FE4835EB784AC61 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
07:51:21.0658 5412 amdkmdap - ok
07:51:21.0691 5412 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
07:51:21.0721 5412 AmdPPM - ok
07:51:21.0751 5412 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:51:21.0751 5412 amdsata - ok
07:51:21.0761 5412 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
07:51:21.0771 5412 amdsbs - ok
07:51:21.0781 5412 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:51:21.0791 5412 amdxata - ok
07:51:21.0821 5412 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
07:51:21.0861 5412 androidusb - ok
07:51:21.0901 5412 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
07:51:22.0041 5412 AppID - ok
07:51:22.0081 5412 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:51:22.0121 5412 AppIDSvc - ok
07:51:22.0151 5412 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
07:51:22.0191 5412 Appinfo - ok
07:51:22.0211 5412 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
07:51:22.0221 5412 arc - ok
07:51:22.0221 5412 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
07:51:22.0231 5412 arcsas - ok
07:51:22.0241 5412 [ D6D2BB2F4F5868549DDE75F3146BC84E ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys
07:51:22.0281 5412 asmthub3 - ok
07:51:22.0301 5412 [ 1E758172367DC2A3653F16586D62A3F0 ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys
07:51:22.0341 5412 asmtxhci - ok
07:51:22.0351 5412 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:51:22.0411 5412 AsyncMac - ok
07:51:22.0491 5412 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
07:51:22.0511 5412 atapi - ok
07:51:22.0551 5412 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
07:51:22.0561 5412 AtiHDAudioService - ok
07:51:22.0581 5412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:51:22.0641 5412 AudioEndpointBuilder - ok
07:51:22.0651 5412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:51:22.0671 5412 AudioSrv - ok
07:51:22.0681 5412 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:51:22.0751 5412 AxInstSV - ok
07:51:22.0771 5412 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
07:51:22.0801 5412 b06bdrv - ok
07:51:22.0831 5412 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:51:22.0871 5412 b57nd60a - ok
07:51:22.0901 5412 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
07:51:22.0941 5412 BDESVC - ok
07:51:22.0961 5412 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
07:51:23.0021 5412 Beep - ok
07:51:23.0051 5412 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
07:51:23.0121 5412 BFE - ok
07:51:23.0161 5412 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
07:51:23.0211 5412 BITS - ok
07:51:23.0241 5412 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
07:51:23.0271 5412 blbdrive - ok
07:51:23.0301 5412 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:51:23.0351 5412 bowser - ok
07:51:23.0361 5412 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
07:51:23.0391 5412 BrFiltLo - ok
07:51:23.0411 5412 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
07:51:23.0451 5412 BrFiltUp - ok
07:51:23.0491 5412 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
07:51:23.0521 5412 Browser - ok
07:51:23.0531 5412 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:51:23.0591 5412 Brserid - ok
07:51:23.0601 5412 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:51:23.0621 5412 BrSerWdm - ok
07:51:23.0651 5412 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:51:23.0681 5412 BrUsbMdm - ok
07:51:23.0701 5412 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:51:23.0721 5412 BrUsbSer - ok
07:51:23.0741 5412 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
07:51:23.0761 5412 BTHMODEM - ok
07:51:23.0791 5412 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
07:51:23.0811 5412 bthserv - ok
07:51:23.0841 5412 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:51:23.0901 5412 cdfs - ok
07:51:23.0921 5412 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:51:23.0951 5412 cdrom - ok
07:51:23.0971 5412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
07:51:24.0031 5412 CertPropSvc - ok
07:51:24.0041 5412 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
07:51:24.0071 5412 circlass - ok
07:51:24.0101 5412 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
07:51:24.0121 5412 CLFS - ok
07:51:24.0181 5412 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:51:24.0191 5412 clr_optimization_v2.0.50727_32 - ok
07:51:24.0231 5412 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:51:24.0241 5412 clr_optimization_v2.0.50727_64 - ok
07:51:24.0301 5412 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:51:24.0311 5412 clr_optimization_v4.0.30319_32 - ok
07:51:24.0341 5412 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:51:24.0351 5412 clr_optimization_v4.0.30319_64 - ok
07:51:24.0381 5412 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
07:51:24.0401 5412 CmBatt - ok
07:51:24.0421 5412 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:51:24.0431 5412 cmdide - ok
07:51:24.0471 5412 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
07:51:24.0501 5412 CNG - ok
07:51:24.0531 5412 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
07:51:24.0541 5412 Compbatt - ok
07:51:24.0561 5412 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
07:51:24.0591 5412 CompositeBus - ok
07:51:24.0591 5412 COMSysApp - ok
07:51:24.0601 5412 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
07:51:24.0611 5412 crcdisk - ok
07:51:24.0681 5412 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:51:24.0731 5412 CryptSvc - ok
07:51:24.0761 5412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:51:24.0841 5412 DcomLaunch - ok
07:51:24.0861 5412 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
07:51:24.0901 5412 defragsvc - ok
07:51:24.0941 5412 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:51:25.0001 5412 DfsC - ok
07:51:25.0041 5412 [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
07:51:25.0061 5412 dg_ssudbus - ok
07:51:25.0081 5412 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
07:51:25.0131 5412 Dhcp - ok
07:51:25.0141 5412 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
07:51:25.0201 5412 discache - ok
07:51:25.0211 5412 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
07:51:25.0221 5412 Disk - ok
07:51:25.0231 5412 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:51:25.0271 5412 Dnscache - ok
07:51:25.0281 5412 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
07:51:25.0351 5412 dot3svc - ok
07:51:25.0351 5412 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
07:51:25.0391 5412 DPS - ok
07:51:25.0421 5412 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:51:25.0451 5412 drmkaud - ok
07:51:25.0501 5412 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
07:51:25.0521 5412 dtsoftbus01 - ok
07:51:25.0561 5412 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:51:25.0591 5412 DXGKrnl - ok
07:51:25.0601 5412 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
07:51:25.0651 5412 EapHost - ok
07:51:25.0711 5412 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
07:51:25.0781 5412 ebdrv - ok
07:51:25.0801 5412 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
07:51:25.0851 5412 EFS - ok
07:51:25.0891 5412 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:51:25.0971 5412 ehRecvr - ok
07:51:25.0991 5412 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
07:51:26.0021 5412 ehSched - ok
07:51:26.0051 5412 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
07:51:26.0071 5412 elxstor - ok
07:51:26.0101 5412 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:51:26.0131 5412 ErrDev - ok
07:51:26.0201 5412 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
07:51:26.0261 5412 EventSystem - ok
07:51:26.0308 5412 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
07:51:26.0373 5412 exfat - ok
07:51:26.0393 5412 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:51:26.0448 5412 fastfat - ok
07:51:26.0478 5412 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
07:51:26.0543 5412 Fax - ok
07:51:26.0563 5412 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
07:51:26.0593 5412 fdc - ok
07:51:26.0613 5412 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
07:51:26.0683 5412 fdPHost - ok
07:51:26.0688 5412 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
07:51:26.0723 5412 FDResPub - ok
07:51:26.0743 5412 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:51:26.0753 5412 FileInfo - ok
07:51:26.0758 5412 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:51:26.0823 5412 Filetrace - ok
07:51:26.0843 5412 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
07:51:26.0868 5412 flpydisk - ok
07:51:26.0888 5412 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:51:26.0908 5412 FltMgr - ok
07:51:26.0948 5412 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
07:51:27.0013 5412 FontCache - ok
07:51:27.0068 5412 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:51:27.0078 5412 FontCache3.0.0.0 - ok
07:51:27.0083 5412 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:51:27.0098 5412 FsDepends - ok
07:51:27.0128 5412 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:51:27.0138 5412 Fs_Rec - ok
07:51:27.0153 5412 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:51:27.0178 5412 fvevol - ok
07:51:27.0198 5412 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:51:27.0208 5412 gagp30kx - ok
07:51:27.0228 5412 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
07:51:27.0283 5412 gpsvc - ok
07:51:27.0308 5412 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:51:27.0323 5412 hcw85cir - ok
07:51:27.0353 5412 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:51:27.0393 5412 HdAudAddService - ok
07:51:27.0423 5412 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
07:51:27.0453 5412 HDAudBus - ok
07:51:27.0473 5412 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
07:51:27.0508 5412 HidBatt - ok
07:51:27.0523 5412 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:51:27.0568 5412 HidBth - ok
07:51:27.0593 5412 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
07:51:27.0613 5412 HidIr - ok
07:51:27.0618 5412 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
07:51:27.0663 5412 hidserv - ok
07:51:27.0673 5412 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:51:27.0693 5412 HidUsb - ok
07:51:27.0703 5412 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:51:27.0748 5412 hkmsvc - ok
07:51:27.0768 5412 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:51:27.0828 5412 HomeGroupListener - ok
07:51:27.0853 5412 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:51:27.0883 5412 HomeGroupProvider - ok
07:51:27.0953 5412 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
07:51:27.0978 5412 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
07:51:27.0978 5412 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
07:51:28.0003 5412 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
07:51:28.0008 5412 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
07:51:28.0008 5412 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
07:51:28.0023 5412 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:51:28.0038 5412 HpSAMD - ok
07:51:28.0068 5412 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
07:51:28.0083 5412 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
07:51:28.0083 5412 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
07:51:28.0123 5412 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:51:28.0183 5412 HTTP - ok
07:51:28.0198 5412 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:51:28.0208 5412 hwpolicy - ok
07:51:28.0223 5412 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
07:51:28.0233 5412 i8042prt - ok
07:51:28.0253 5412 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
07:51:28.0268 5412 iaStor - ok
07:51:28.0338 5412 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
07:51:28.0354 5412 IAStorDataMgrSvc - ok
07:51:28.0370 5412 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:51:28.0395 5412 iaStorV - ok
07:51:28.0445 5412 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:51:28.0465 5412 idsvc - ok
07:51:28.0585 5412 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
07:51:28.0725 5412 igfx - ok
07:51:28.0745 5412 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:51:28.0755 5412 iirsp - ok
07:51:28.0785 5412 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
07:51:28.0825 5412 IKEEXT - ok
07:51:28.0915 5412 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
07:51:28.0965 5412 IntcAzAudAddService - ok
07:51:28.0975 5412 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
07:51:28.0985 5412 intelide - ok
07:51:29.0005 5412 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:51:29.0025 5412 intelppm - ok
07:51:29.0045 5412 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:51:29.0095 5412 IPBusEnum - ok
07:51:29.0125 5412 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:51:29.0155 5412 IpFilterDriver - ok
07:51:29.0195 5412 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:51:29.0245 5412 iphlpsvc - ok
07:51:29.0275 5412 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:51:29.0295 5412 IPMIDRV - ok
07:51:29.0325 5412 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:51:29.0365 5412 IPNAT - ok
07:51:29.0395 5412 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:51:29.0415 5412 IRENUM - ok
07:51:29.0435 5412 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:51:29.0445 5412 isapnp - ok
07:51:29.0455 5412 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:51:29.0465 5412 iScsiPrt - ok
07:51:29.0475 5412 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
07:51:29.0485 5412 kbdclass - ok
07:51:29.0495 5412 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
07:51:29.0505 5412 kbdhid - ok
07:51:29.0525 5412 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
07:51:29.0525 5412 KeyIso - ok
07:51:29.0555 5412 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:51:29.0565 5412 KSecDD - ok
07:51:29.0585 5412 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:51:29.0595 5412 KSecPkg - ok
07:51:29.0605 5412 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:51:29.0645 5412 ksthunk - ok
07:51:29.0675 5412 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
07:51:29.0725 5412 KtmRm - ok
07:51:29.0745 5412 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:51:29.0785 5412 LanmanServer - ok
07:51:29.0815 5412 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:51:29.0845 5412 LanmanWorkstation - ok
07:51:29.0885 5412 Lexware_Datenbank_Plus - ok
07:51:29.0905 5412 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:51:29.0965 5412 lltdio - ok
07:51:29.0995 5412 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:51:30.0035 5412 lltdsvc - ok
07:51:30.0055 5412 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:51:30.0095 5412 lmhosts - ok
07:51:30.0135 5412 [ 1584DEEAE5AA0E3FB045F3D0EAC585EA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
07:51:30.0155 5412 LMS - ok
07:51:30.0175 5412 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:51:30.0195 5412 LSI_FC - ok
07:51:30.0215 5412 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:51:30.0235 5412 LSI_SAS - ok
07:51:30.0245 5412 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
07:51:30.0255 5412 LSI_SAS2 - ok
07:51:30.0265 5412 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:51:30.0275 5412 LSI_SCSI - ok
07:51:30.0305 5412 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
07:51:30.0345 5412 luafv - ok
07:51:30.0385 5412 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
07:51:30.0405 5412 LVRS64 - ok
07:51:30.0495 5412 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
07:51:30.0555 5412 LVUVC64 - ok
07:51:30.0575 5412 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
07:51:30.0585 5412 MBAMProtector - ok
07:51:30.0625 5412 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
07:51:30.0645 5412 MBAMScheduler - ok
07:51:30.0655 5412 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
07:51:30.0675 5412 MBAMService - ok
07:51:30.0705 5412 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:51:30.0725 5412 Mcx2Svc - ok
07:51:30.0755 5412 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
07:51:30.0765 5412 megasas - ok
07:51:30.0795 5412 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
07:51:30.0805 5412 MegaSR - ok
07:51:30.0835 5412 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
07:51:30.0845 5412 MEIx64 - ok
07:51:30.0885 5412 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
07:51:30.0895 5412 MemeoBackgroundService - ok
07:51:30.0895 5412 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
07:51:30.0955 5412 MMCSS - ok
07:51:30.0975 5412 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
07:51:31.0015 5412 Modem - ok
07:51:31.0035 5412 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:51:31.0075 5412 monitor - ok
07:51:31.0095 5412 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:51:31.0115 5412 mouclass - ok
07:51:31.0135 5412 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:51:31.0175 5412 mouhid - ok
07:51:31.0205 5412 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:51:31.0215 5412 mountmgr - ok
07:51:31.0255 5412 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:51:31.0275 5412 MozillaMaintenance - ok
07:51:31.0305 5412 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
07:51:31.0325 5412 MpFilter - ok
07:51:31.0335 5412 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
07:51:31.0355 5412 mpio - ok
07:51:31.0375 5412 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:51:31.0425 5412 mpsdrv - ok
07:51:31.0475 5412 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:51:31.0545 5412 MpsSvc - ok
07:51:31.0555 5412 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:51:31.0595 5412 MRxDAV - ok
07:51:31.0625 5412 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:51:31.0665 5412 mrxsmb - ok
07:51:31.0675 5412 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:51:31.0715 5412 mrxsmb10 - ok
07:51:31.0735 5412 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:51:31.0775 5412 mrxsmb20 - ok
07:51:31.0805 5412 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
07:51:31.0815 5412 msahci - ok
07:51:31.0835 5412 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:51:31.0855 5412 msdsm - ok
07:51:31.0875 5412 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
07:51:31.0895 5412 MSDTC - ok
07:51:31.0915 5412 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:51:31.0975 5412 Msfs - ok
07:51:31.0985 5412 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:51:32.0025 5412 mshidkmdf - ok
07:51:32.0035 5412 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:51:32.0045 5412 msisadrv - ok
07:51:32.0075 5412 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:51:32.0125 5412 MSiSCSI - ok
07:51:32.0125 5412 msiserver - ok
07:51:32.0155 5412 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:51:32.0195 5412 MSKSSRV - ok
07:51:32.0265 5412 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:51:32.0275 5412 MsMpSvc - ok
07:51:32.0295 5412 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:51:32.0345 5412 MSPCLOCK - ok
07:51:32.0345 5412 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:51:32.0375 5412 MSPQM - ok
07:51:32.0395 5412 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:51:32.0405 5412 MsRPC - ok
07:51:32.0435 5412 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
07:51:32.0445 5412 mssmbios - ok
07:51:32.0445 5412 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:51:32.0485 5412 MSTEE - ok
07:51:32.0505 5412 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
07:51:32.0545 5412 MTConfig - ok
07:51:32.0555 5412 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
07:51:32.0565 5412 Mup - ok
07:51:32.0595 5412 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
07:51:32.0655 5412 napagent - ok
07:51:32.0675 5412 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:51:32.0705 5412 NativeWifiP - ok
07:51:32.0755 5412 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
07:51:32.0785 5412 NDIS - ok
07:51:32.0805 5412 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:51:32.0825 5412 NdisCap - ok
07:51:32.0855 5412 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:51:32.0885 5412 NdisTapi - ok
07:51:32.0905 5412 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:51:32.0935 5412 Ndisuio - ok
07:51:32.0935 5412 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:51:32.0965 5412 NdisWan - ok
07:51:32.0985 5412 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:51:33.0025 5412 NDProxy - ok
07:51:33.0065 5412 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
07:51:33.0075 5412 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
07:51:33.0075 5412 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
07:51:33.0095 5412 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:51:33.0145 5412 NetBIOS - ok
07:51:33.0165 5412 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:51:33.0215 5412 NetBT - ok
07:51:33.0215 5412 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
07:51:33.0225 5412 Netlogon - ok
07:51:33.0255 5412 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
07:51:33.0325 5412 Netman - ok
07:51:33.0335 5412 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
07:51:33.0385 5412 netprofm - ok
07:51:33.0395 5412 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:51:33.0405 5412 NetTcpPortSharing - ok
07:51:33.0425 5412 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:51:33.0425 5412 nfrd960 - ok
07:51:33.0465 5412 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:51:33.0485 5412 NisDrv - ok
07:51:33.0505 5412 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
07:51:33.0525 5412 NisSrv - ok
07:51:33.0555 5412 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:51:33.0595 5412 NlaSvc - ok
07:51:33.0605 5412 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:51:33.0625 5412 Npfs - ok
07:51:33.0645 5412 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
07:51:33.0685 5412 nsi - ok
07:51:33.0695 5412 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:51:33.0745 5412 nsiproxy - ok
07:51:33.0795 5412 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:51:33.0845 5412 Ntfs - ok
07:51:33.0855 5412 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
07:51:33.0885 5412 Null - ok
07:51:33.0905 5412 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:51:33.0921 5412 nvraid - ok
07:51:33.0936 5412 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:51:33.0952 5412 nvstor - ok
07:51:33.0952 5412 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:51:33.0968 5412 nv_agp - ok
07:51:33.0978 5412 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:51:33.0998 5412 ohci1394 - ok
07:51:34.0038 5412 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:51:34.0058 5412 ose - ok
07:51:34.0168 5412 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:51:34.0218 5412 osppsvc - ok
07:51:34.0238 5412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:51:34.0258 5412 p2pimsvc - ok
07:51:34.0288 5412 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
07:51:34.0328 5412 p2psvc - ok
07:51:34.0338 5412 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
07:51:34.0368 5412 Parport - ok
07:51:34.0398 5412 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:51:34.0408 5412 partmgr - ok
07:51:34.0418 5412 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:51:34.0468 5412 PcaSvc - ok
07:51:34.0488 5412 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
07:51:34.0498 5412 pci - ok
07:51:34.0508 5412 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
07:51:34.0518 5412 pciide - ok
07:51:34.0538 5412 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
07:51:34.0548 5412 pcmcia - ok
07:51:34.0558 5412 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
07:51:34.0568 5412 pcw - ok
07:51:34.0588 5412 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:51:34.0618 5412 PEAUTH - ok
07:51:34.0678 5412 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:51:34.0708 5412 PerfHost - ok
07:51:34.0748 5412 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
07:51:34.0828 5412 pla - ok
07:51:34.0858 5412 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:51:34.0878 5412 PlugPlay - ok
07:51:34.0898 5412 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
07:51:34.0928 5412 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
07:51:34.0928 5412 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
07:51:34.0938 5412 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:51:34.0978 5412 PNRPAutoReg - ok
07:51:35.0008 5412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:51:35.0018 5412 PNRPsvc - ok
07:51:35.0058 5412 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:51:35.0118 5412 PolicyAgent - ok
07:51:35.0148 5412 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
07:51:35.0188 5412 Power - ok
07:51:35.0218 5412 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:51:35.0258 5412 PptpMiniport - ok
07:51:35.0268 5412 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
07:51:35.0288 5412 Processor - ok
07:51:35.0318 5412 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
07:51:35.0358 5412 ProfSvc - ok
07:51:35.0368 5412 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:51:35.0388 5412 ProtectedStorage - ok
07:51:35.0398 5412 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:51:35.0448 5412 Psched - ok
07:51:35.0488 5412 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
07:51:35.0498 5412 PxHlpa64 - ok
07:51:35.0558 5412 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:51:35.0608 5412 ql2300 - ok
07:51:35.0618 5412 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:51:35.0618 5412 ql40xx - ok
07:51:35.0648 5412 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
07:51:35.0658 5412 QWAVE - ok
07:51:35.0668 5412 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:51:35.0708 5412 QWAVEdrv - ok
07:51:35.0738 5412 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:51:35.0778 5412 RasAcd - ok
07:51:35.0818 5412 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:51:35.0868 5412 RasAgileVpn - ok
07:51:35.0888 5412 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
07:51:35.0938 5412 RasAuto - ok
07:51:35.0948 5412 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:51:35.0998 5412 Rasl2tp - ok
07:51:36.0018 5412 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
07:51:36.0058 5412 RasMan - ok
07:51:36.0068 5412 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:51:36.0108 5412 RasPppoe - ok
07:51:36.0128 5412 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:51:36.0158 5412 RasSstp - ok
07:51:36.0168 5412 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:51:36.0208 5412 rdbss - ok
07:51:36.0238 5412 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
07:51:36.0268 5412 rdpbus - ok
07:51:36.0298 5412 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:51:36.0328 5412 RDPCDD - ok
07:51:36.0338 5412 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:51:36.0388 5412 RDPENCDD - ok
07:51:36.0408 5412 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:51:36.0448 5412 RDPREFMP - ok
07:51:36.0468 5412 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:51:36.0498 5412 RDPWD - ok
07:51:36.0518 5412 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:51:36.0538 5412 rdyboost - ok
07:51:36.0548 5412 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:51:36.0598 5412 RemoteAccess - ok
07:51:36.0618 5412 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:51:36.0668 5412 RemoteRegistry - ok
07:51:36.0678 5412 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:51:36.0718 5412 RpcEptMapper - ok
07:51:36.0738 5412 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
07:51:36.0768 5412 RpcLocator - ok
07:51:36.0788 5412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
07:51:36.0808 5412 RpcSs - ok
07:51:36.0818 5412 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:51:36.0848 5412 rspndr - ok
07:51:36.0888 5412 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
07:51:36.0898 5412 RTL8167 - ok
07:51:36.0938 5412 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
07:51:36.0948 5412 RTL8192su - ok
07:51:36.0968 5412 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
07:51:36.0978 5412 SamSs - ok
07:51:36.0988 5412 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:51:36.0998 5412 sbp2port - ok
07:51:37.0008 5412 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:51:37.0028 5412 SCardSvr - ok
07:51:37.0048 5412 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:51:37.0088 5412 scfilter - ok
07:51:37.0108 5412 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
07:51:37.0168 5412 Schedule - ok
07:51:37.0188 5412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
07:51:37.0228 5412 SCPolicySvc - ok
07:51:37.0238 5412 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:51:37.0298 5412 SDRSVC - ok
07:51:37.0318 5412 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:51:37.0378 5412 secdrv - ok
07:51:37.0388 5412 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
07:51:37.0428 5412 seclogon - ok
07:51:37.0448 5412 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
07:51:37.0498 5412 SENS - ok
07:51:37.0518 5412 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:51:37.0568 5412 SensrSvc - ok
07:51:37.0598 5412 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
07:51:37.0628 5412 Serenum - ok
07:51:37.0658 5412 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
07:51:37.0698 5412 Serial - ok
07:51:37.0748 5412 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:51:37.0778 5412 sermouse - ok
07:51:37.0808 5412 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
07:51:37.0858 5412 SessionEnv - ok
07:51:37.0878 5412 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:51:37.0888 5412 sffdisk - ok
07:51:37.0898 5412 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:51:37.0908 5412 sffp_mmc - ok
07:51:37.0908 5412 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:51:37.0928 5412 sffp_sd - ok
07:51:37.0958 5412 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:51:37.0988 5412 sfloppy - ok
07:51:38.0028 5412 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:51:38.0068 5412 SharedAccess - ok
07:51:38.0078 5412 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:51:38.0118 5412 ShellHWDetection - ok
07:51:38.0138 5412 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
07:51:38.0148 5412 SiSRaid2 - ok
07:51:38.0148 5412 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:51:38.0158 5412 SiSRaid4 - ok
07:51:38.0188 5412 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
07:51:38.0208 5412 SkypeUpdate - ok
07:51:38.0238 5412 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:51:38.0288 5412 Smb - ok
07:51:38.0318 5412 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:51:38.0348 5412 SNMPTRAP - ok
07:51:38.0368 5412 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
07:51:38.0378 5412 spldr - ok
07:51:38.0408 5412 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
07:51:38.0468 5412 Spooler - ok
07:51:38.0538 5412 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
07:51:38.0628 5412 sppsvc - ok
07:51:38.0648 5412 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:51:38.0698 5412 sppuinotify - ok
07:51:38.0738 5412 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
07:51:38.0778 5412 srv - ok
07:51:38.0788 5412 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:51:38.0828 5412 srv2 - ok
07:51:38.0848 5412 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:51:38.0888 5412 srvnet - ok
07:51:38.0918 5412 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
07:51:38.0958 5412 ssadbus - ok
07:51:38.0968 5412 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
07:51:39.0008 5412 ssadmdfl - ok
07:51:39.0028 5412 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
07:51:39.0058 5412 ssadmdm - ok
07:51:39.0088 5412 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
07:51:39.0098 5412 sscdbus - ok
07:51:39.0118 5412 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
07:51:39.0128 5412 sscdmdfl - ok
07:51:39.0148 5412 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
07:51:39.0158 5412 sscdmdm - ok
07:51:39.0188 5412 [ F74634F46692C8315E7F37F698AF3225 ] sscebus C:\Windows\system32\DRIVERS\sscebus.sys
07:51:39.0198 5412 sscebus - ok
07:51:39.0218 5412 [ 82732B391EFD69B0548044BE9CB37BFC ] sscemdfl C:\Windows\system32\DRIVERS\sscemdfl.sys
07:51:39.0228 5412 sscemdfl - ok
07:51:39.0248 5412 [ 43D56ACE4469D90F9790E8352D87D9B5 ] sscemdm C:\Windows\system32\DRIVERS\sscemdm.sys
07:51:39.0268 5412 sscemdm - ok
07:51:39.0298 5412 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:51:39.0348 5412 SSDPSRV - ok
07:51:39.0358 5412 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:51:39.0388 5412 SstpSvc - ok
07:51:39.0398 5412 [ 855335BF5792E56164F98C012E3D92DD ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
07:51:39.0408 5412 ssudmdm - ok
07:51:39.0438 5412 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
07:51:39.0448 5412 stexstor - ok
07:51:39.0468 5412 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
07:51:39.0498 5412 StillCam - ok
07:51:39.0538 5412 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
07:51:39.0578 5412 stisvc - ok
07:51:39.0628 5412 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
07:51:39.0638 5412 swenum - ok
07:51:39.0658 5412 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
07:51:39.0718 5412 swprv - ok
07:51:39.0758 5412 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
07:51:39.0828 5412 SysMain - ok
07:51:39.0838 5412 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:51:39.0868 5412 TabletInputService - ok
07:51:40.0028 5412 [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
07:51:40.0098 5412 TabletServicePen - ok
07:51:40.0108 5412 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
07:51:40.0138 5412 TapiSrv - ok
07:51:40.0148 5412 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
07:51:40.0178 5412 TBS - ok
07:51:40.0218 5412 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:51:40.0268 5412 Tcpip - ok
07:51:40.0308 5412 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:51:40.0338 5412 TCPIP6 - ok
07:51:40.0368 5412 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:51:40.0408 5412 tcpipreg - ok
07:51:40.0428 5412 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:51:40.0458 5412 TDPIPE - ok
07:51:40.0478 5412 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:51:40.0488 5412 TDTCP - ok
07:51:40.0508 5412 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:51:40.0558 5412 tdx - ok
07:51:40.0588 5412 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
07:51:40.0598 5412 TermDD - ok
07:51:40.0618 5412 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
07:51:40.0688 5412 TermService - ok
07:51:40.0698 5412 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
07:51:40.0718 5412 Themes - ok
07:51:40.0738 5412 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
07:51:40.0768 5412 THREADORDER - ok
07:51:40.0798 5412 [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
07:51:40.0828 5412 TouchServicePen - ok
07:51:40.0838 5412 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
07:51:40.0888 5412 TrkWks - ok
07:51:40.0918 5412 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:51:40.0978 5412 TrustedInstaller - ok
07:51:40.0998 5412 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:51:41.0038 5412 tssecsrv - ok
07:51:41.0058 5412 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:51:41.0108 5412 TsUsbFlt - ok
07:51:41.0138 5412 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
07:51:41.0148 5412 TsUsbGD - ok
07:51:41.0168 5412 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:51:41.0208 5412 tunnel - ok
07:51:41.0228 5412 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:51:41.0238 5412 uagp35 - ok
07:51:41.0248 5412 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:51:41.0288 5412 udfs - ok
07:51:41.0308 5412 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:51:41.0328 5412 UI0Detect - ok
07:51:41.0358 5412 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:51:41.0378 5412 uliagpkx - ok
07:51:41.0398 5412 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:51:41.0428 5412 umbus - ok
07:51:41.0458 5412 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
07:51:41.0478 5412 UmPass - ok
07:51:41.0538 5412 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
07:51:41.0558 5412 UMVPFSrv - ok
07:51:41.0658 5412 [ FC43877B4625F6EB773C98233EB625C5 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
07:51:41.0698 5412 UNS - ok
07:51:41.0718 5412 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
07:51:41.0748 5412 upnphost - ok
07:51:41.0778 5412 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
07:51:41.0818 5412 usbaudio - ok
07:51:41.0838 5412 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:51:41.0888 5412 usbccgp - ok
07:51:41.0908 5412 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:51:41.0948 5412 usbcir - ok
07:51:41.0968 5412 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
07:51:41.0998 5412 usbehci - ok
07:51:42.0028 5412 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:51:42.0048 5412 usbhub - ok
07:51:42.0058 5412 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:51:42.0068 5412 usbohci - ok
07:51:42.0078 5412 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
07:51:42.0098 5412 usbprint - ok
07:51:42.0108 5412 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:51:42.0138 5412 USBSTOR - ok
07:51:42.0148 5412 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:51:42.0168 5412 usbuhci - ok
07:51:42.0208 5412 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
07:51:42.0228 5412 usbvideo - ok
07:51:42.0238 5412 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
07:51:42.0268 5412 UxSms - ok
07:51:42.0278 5412 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
07:51:42.0288 5412 VaultSvc - ok
07:51:42.0308 5412 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:51:42.0318 5412 vdrvroot - ok
07:51:42.0338 5412 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
07:51:42.0368 5412 vds - ok
07:51:42.0388 5412 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:51:42.0398 5412 vga - ok
07:51:42.0408 5412 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
07:51:42.0448 5412 VgaSave - ok
07:51:42.0468 5412 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:51:42.0468 5412 vhdmp - ok
07:51:42.0498 5412 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
07:51:42.0508 5412 viaide - ok
07:51:42.0528 5412 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:51:42.0548 5412 volmgr - ok
07:51:42.0568 5412 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:51:42.0588 5412 volmgrx - ok
07:51:42.0598 5412 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:51:42.0608 5412 volsnap - ok
07:51:42.0618 5412 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:51:42.0628 5412 vsmraid - ok
07:51:42.0658 5412 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
07:51:42.0718 5412 VSS - ok
07:51:42.0728 5412 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
07:51:42.0758 5412 vwifibus - ok
07:51:42.0788 5412 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
07:51:42.0828 5412 vwififlt - ok
07:51:42.0848 5412 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
07:51:42.0898 5412 W32Time - ok
07:51:42.0928 5412 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
07:51:42.0948 5412 wacommousefilter - ok
07:51:42.0968 5412 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:51:42.0998 5412 WacomPen - ok
07:51:43.0028 5412 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
07:51:43.0058 5412 wacomvhid - ok
07:51:43.0078 5412 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:51:43.0128 5412 WANARP - ok
07:51:43.0138 5412 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:51:43.0158 5412 Wanarpv6 - ok
07:51:43.0188 5412 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
07:51:43.0248 5412 wbengine - ok
07:51:43.0258 5412 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:51:43.0288 5412 WbioSrvc - ok
07:51:43.0288 5412 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:51:43.0318 5412 wcncsvc - ok
07:51:43.0338 5412 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:51:43.0388 5412 WcsPlugInService - ok
07:51:43.0398 5412 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
07:51:43.0408 5412 Wd - ok
07:51:43.0428 5412 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:51:43.0458 5412 Wdf01000 - ok
07:51:43.0458 5412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:51:43.0548 5412 WdiServiceHost - ok
07:51:43.0548 5412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:51:43.0568 5412 WdiSystemHost - ok
07:51:43.0588 5412 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
07:51:43.0628 5412 WebClient - ok
07:51:43.0658 5412 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:51:43.0718 5412 Wecsvc - ok
07:51:43.0728 5412 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:51:43.0768 5412 wercplsupport - ok
07:51:43.0788 5412 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
07:51:43.0828 5412 WerSvc - ok
07:51:43.0868 5412 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:51:43.0888 5412 WfpLwf - ok
07:51:43.0898 5412 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:51:43.0908 5412 WIMMount - ok
07:51:43.0928 5412 WinDefend - ok
07:51:43.0928 5412 WinHttpAutoProxySvc - ok
07:51:43.0968 5412 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:51:44.0018 5412 Winmgmt - ok
07:51:44.0058 5412 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
07:51:44.0118 5412 WinRM - ok
07:51:44.0158 5412 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:51:44.0168 5412 WinUsb - ok
07:51:44.0198 5412 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
07:51:44.0228 5412 Wlansvc - ok
07:51:44.0258 5412 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:51:44.0268 5412 wlcrasvc - ok
07:51:44.0338 5412 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:51:44.0408 5412 wlidsvc - ok
07:51:44.0418 5412 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:51:44.0448 5412 WmiAcpi - ok
07:51:44.0458 5412 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:51:44.0478 5412 wmiApSrv - ok
07:51:44.0518 5412 WMPNetworkSvc - ok
07:51:44.0528 5412 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:51:44.0548 5412 WPCSvc - ok
07:51:44.0568 5412 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:51:44.0588 5412 WPDBusEnum - ok
07:51:44.0598 5412 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:51:44.0658 5412 ws2ifsl - ok
07:51:44.0668 5412 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
07:51:44.0678 5412 wscsvc - ok
07:51:44.0698 5412 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
07:51:44.0728 5412 WSDPrintDevice - ok
07:51:44.0738 5412 WSearch - ok
07:51:44.0778 5412 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
07:51:44.0788 5412 wsvd - ok
07:51:44.0848 5412 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
07:51:44.0938 5412 wuauserv - ok
07:51:44.0948 5412 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:51:44.0998 5412 WudfPf - ok
07:51:45.0038 5412 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:51:45.0088 5412 WUDFRd - ok
07:51:45.0108 5412 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:51:45.0128 5412 wudfsvc - ok
07:51:45.0148 5412 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
07:51:45.0168 5412 WwanSvc - ok
07:51:45.0188 5412 ================ Scan global ===============================
07:51:45.0208 5412 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:51:45.0238 5412 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
07:51:45.0248 5412 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
07:51:45.0268 5412 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:51:45.0288 5412 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
07:51:45.0298 5412 [Global] - ok
07:51:45.0298 5412 ================ Scan MBR ==================================
07:51:45.0308 5412 [ 753CA1D394F3C0855134963D7361060F ] \Device\Harddisk0\DR0
07:51:47.0048 5412 \Device\Harddisk0\DR0 - ok
07:51:47.0048 5412 ================ Scan VBR ==================================
07:51:47.0048 5412 [ 619A03A875D85497D559FA3E19E9DE27 ] \Device\Harddisk0\DR0\Partition1
07:51:47.0048 5412 \Device\Harddisk0\DR0\Partition1 - ok
07:51:47.0088 5412 [ B68F870CBB386C27C245D596A7B85D07 ] \Device\Harddisk0\DR0\Partition2
07:51:47.0088 5412 \Device\Harddisk0\DR0\Partition2 - ok
07:51:47.0118 5412 [ 1EF04439AE4D06A5FB203D439E62816E ] \Device\Harddisk0\DR0\Partition3
07:51:47.0128 5412 \Device\Harddisk0\DR0\Partition3 - ok
07:51:47.0128 5412 ============================================================
07:51:47.0128 5412 Scan finished
07:51:47.0128 5412 ============================================================
07:51:47.0138 4124 Detected object count: 5
07:51:47.0138 4124 Actual detected object count: 5
07:53:06.0657 4124 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
07:53:06.0657 4124 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:53:06.0657 4124 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:53:06.0657 4124 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:53:06.0659 4124 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
07:53:06.0659 4124 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:53:06.0660 4124 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:53:06.0660 4124 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:53:06.0662 4124 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:53:06.0662 4124 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
19.09.2012, 11:17
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Webseite nicht anzeigen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.09.2012, 16:47
| #21 |
| | Dieses Programm kann die Webseite nicht anzeigen Combofix habe ich ausgeführt. Im Anschluß kamen die Fehlermeldungen die nach einem Neustart verschwunden sind. Code:
ATTFilter ComboFix 12-09-18.07 - Family 19.09.2012 17:25:57.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6126.4387 [GMT 2:00]
ausgeführt von:: c:\users\Family\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Family\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll
c:\windows\iun6002.exe
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-19 bis 2012-09-19 ))))))))))))))))))))))))))))))
.
.
2012-09-17 19:28 . 2012-09-17 19:28 -------- d-----w- c:\program files (x86)\Ambient Design
2012-09-17 19:28 . 2012-09-17 19:29 -------- d-----w- c:\users\Family\AppData\Roaming\Ambient Design
2012-09-17 18:50 . 2010-03-19 01:00 55856 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2012-09-17 18:50 . 2009-10-20 01:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2012-09-17 18:50 . 2009-10-20 01:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2012-09-17 18:48 . 2012-09-17 18:48 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-09-17 18:48 . 2012-09-17 18:48 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2012-09-17 17:41 . 2012-09-17 17:41 -------- d-----w- c:\users\Family\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2012-09-17 17:40 . 2012-09-17 17:40 -------- d-----w- c:\users\Family\AppData\Roaming\Wacom
2012-09-17 17:40 . 2012-09-17 17:41 -------- d-----w- c:\programdata\Wacom
2012-09-17 17:40 . 2012-09-17 17:40 -------- d-----w- c:\program files (x86)\Bamboo Dock
2012-09-17 17:39 . 2012-09-17 17:39 -------- d-----w- c:\users\Family\AppData\Roaming\WTablet
2012-09-17 17:39 . 2011-09-08 15:48 1326456 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
2012-09-17 17:39 . 2011-09-08 15:48 1107832 ----a-w- c:\windows\SysWow64\Pen_Touch_Tablet.dll
2012-09-17 17:38 . 2012-09-17 17:38 -------- d-----w- c:\program files (x86)\TabletPlugins
2012-09-17 17:38 . 2011-09-08 15:49 12848 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2012-09-17 17:38 . 2011-09-08 15:49 16168 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2012-09-17 17:38 . 2011-09-08 15:48 1152888 ----a-w- c:\windows\SysWow64\WacomMT.dll
2012-09-17 17:38 . 2011-09-08 15:48 1665400 ----a-w- c:\windows\system32\Pen_Tablet.dll
2012-09-17 17:38 . 2011-09-08 15:48 1401208 ----a-w- c:\windows\system32\Wintab32.dll
2012-09-17 17:38 . 2011-09-08 15:48 1392504 ----a-w- c:\windows\system32\WacomMT.dll
2012-09-17 17:38 . 2011-09-08 15:48 1156472 ----a-w- c:\windows\SysWow64\Wintab32.dll
2012-09-17 17:38 . 2011-09-08 15:48 1369464 ----a-w- c:\windows\SysWow64\Pen_Tablet.dll
2012-09-17 17:38 . 2012-09-17 17:57 -------- d-----w- c:\program files\Tablet
2012-09-17 15:43 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-17 15:30 . 2012-09-17 15:30 -------- d-----w- C:\_OTL
2012-09-16 09:01 . 2012-09-16 09:01 -------- d-----w- c:\program files (x86)\Sybase
2012-09-16 09:00 . 2006-06-26 13:58 1929216 ----a-w- c:\windows\SysWow64\cdintf250.dll
2012-09-15 08:06 . 2012-09-15 08:06 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-15 08:06 . 2012-09-15 08:06 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-15 07:30 . 2012-09-15 07:30 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-14 12:44 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-14 12:44 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-14 12:44 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-14 12:44 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-14 12:44 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-14 12:44 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-14 12:44 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 14:50 . 2012-09-12 14:50 -------- d-----w- c:\program files (x86)\ESET
2012-09-10 07:46 . 2012-09-10 07:46 -------- d-----w- c:\users\Family\AppData\Roaming\Malwarebytes
2012-09-10 07:45 . 2012-09-10 07:45 -------- d-----w- c:\programdata\Malwarebytes
2012-09-10 07:45 . 2012-09-12 07:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-10 07:45 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-15 08:06 . 2012-06-18 13:23 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-15 08:06 . 2011-11-23 18:34 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-14 16:02 . 2011-03-14 14:08 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-07-29 14:53 . 2012-07-29 14:53 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-28 14:51 . 2012-06-21 07:04 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-28 14:51 . 2011-08-22 17:09 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-18 18:15 . 2012-08-15 15:45 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-04 22:16 . 2012-08-15 15:45 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-15 15:45 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-15 15:45 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-15 15:45 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-06-29 04:55 . 2012-08-15 20:29 17809920 ----a-w- c:\windows\system32\mshtml.dll
2012-06-29 04:09 . 2012-08-15 20:29 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-06-29 03:56 . 2012-08-15 20:29 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 03:49 . 2012-08-15 20:29 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-29 03:49 . 2012-08-15 20:29 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 03:48 . 2012-08-15 20:29 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 03:47 . 2012-08-15 20:29 237056 ----a-w- c:\windows\system32\url.dll
2012-06-29 03:45 . 2012-08-15 20:29 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-29 03:44 . 2012-08-15 20:29 816640 ----a-w- c:\windows\system32\jscript.dll
2012-06-29 03:43 . 2012-08-15 20:29 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 03:42 . 2012-08-15 20:29 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-29 03:40 . 2012-08-15 20:29 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-29 03:39 . 2012-08-15 20:29 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-29 03:35 . 2012-08-15 20:29 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-29 00:16 . 2012-08-15 20:29 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-29 00:09 . 2012-08-15 20:29 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-29 00:08 . 2012-08-15 20:29 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04 . 2012-08-15 20:29 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00 . 2012-08-15 20:29 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-22 14:32 . 2012-07-19 16:28 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-07 21432]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-07 960440]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-14 343168]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-07 3524536]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2011-09-27 646232]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-06-04 99384]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-15 114144]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2010-12-21 127488]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2010-12-21 18944]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2010-12-21 161280]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-06-04 203320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-29 283200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-13 204288]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
S2 Lexware_Datenbank_Plus;Lexware Datenbank Plus;c:\program files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [2010-11-05 83248]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-09-28 25824]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-11 2656280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-13 10496000]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-13 326656]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-08-02 129000]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-08-02 391144]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2011-03-11 56344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Family\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\kk83a8w9.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
AddRemove-Die Sims Daten 8.0 - c:\windows\iun6002.exe
AddRemove-Die Sims8.0 - c:\windows\iun6002.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-19 17:34:42 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-19 15:34
.
Vor Suchlauf: 8 Verzeichnis(se), 1.312.529.666.048 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 1.314.241.343.488 Bytes frei
.
- - End Of File - - 1D84C50DF00F91DC1D77729CC5F74898
|
|
19.09.2012, 21:06
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Webseite nicht anzeigen Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2012, 19:32
| #23 |
| | Dieses Programm kann die Webseite nicht anzeigen Hallo Cosinus, den Gmer-Scan konnte ich durchführen, und auch den Osam Scan. siehe unten Der Scan mit aswMBR hat mir immer wieder folgende Fehlermeldung gebracht:avas!rootkt funktioniert nicht mehr. Danach konnte ich nur das Programm schließen. Ein Log-File konnte ich nicht erstellen Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-20 19:30:18
Windows 6.1.7601 Service Pack 1
Running: rnjde6ps.exe
---- Registry - GMER 1.0.15 ----
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Family\AppData\Local\Logitech\xae Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe 1
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 19:35:55 on 20.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "wsvd" (wsvd) - "CyberLink" - C:\Windows\System32\DRIVERS\wsvd.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (HTTP value) -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll "eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (HTTP value) {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "DAEMON Tools Lite" - "DT Soft Ltd" - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun "KiesPDLR" - ? - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe "KiesPreload" - "Samsung" - C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload "Skype" - "Skype Technologies S.A." - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BambooCore" - ? - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe "CLMLServer" - "CyberLink" - "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe "IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe "KiesTrayAgent" - "Samsung Electronics Co., Ltd." - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe "LexwareInfoService" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart "LWS" - "Logitech Inc." - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\NisSrv.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Active File Monitor V9" (AdobeActiveFileMonitor9.0) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll "HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe "Lexware Datenbank Plus" (Lexware_Datenbank_Plus) - "iAnywhere Solutions, Inc." - C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "MemeoBackgroundService" (MemeoBackgroundService) - "Memeo" - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\MsMpEng.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "TabletServicePen" (TabletServicePen) - "Wacom Technology, Corp." - C:\Program Files\Tablet\Pen\Pen_Tablet.exe "Wacom Consumer Touch Service" (TouchServicePen) - "Wacom Technology, Corp." - C:\Program Files\Tablet\Pen\Pen_TouchService.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
21.09.2012, 11:44
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Webseite nicht anzeigen Bitte meine Postings komplett zu Ende lesen. Esgab ganz unten einen Hinweis zu aswMBR
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.09.2012, 14:16
| #25 |
| | Dieses Programm kann die Webseite nicht anzeigen anbei das Log des komplett mit aswMBR durchgeführten Scans. Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-21 15:11:56
-----------------------------
15:11:56.603 OS Version: Windows x64 6.1.7601 Service Pack 1
15:11:56.603 Number of processors: 4 586 0x2A07
15:11:56.603 ComputerName: FAMILY-PC UserName: Family
15:11:59.002 Initialize success
15:12:04.071 AVAST engine defs: 12092000
15:12:23.113 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:12:23.113 Disk 0 Vendor: ST1500DL CC4A Size: 1430799MB BusType: 3
15:12:23.143 Disk 0 MBR read successfully
15:12:23.143 Disk 0 MBR scan
15:12:23.143 Disk 0 unknown MBR code
15:12:23.153 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:12:23.163 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1378473 MB offset 206848
15:12:23.213 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 51200 MB offset 2823319552
15:12:23.233 Disk 0 Partition 4 00 12 Compaq diag NTFS 1024 MB offset 2928177152
15:12:23.283 Disk 0 scanning C:\Windows\system32\drivers
15:12:32.221 Service scanning
15:12:47.892 Modules scanning
15:12:47.892 Disk 0 trace - called modules:
15:12:47.912 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:12:47.922 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80087f2060]
15:12:47.922 3 CLASSPNP.SYS[fffff88001d4c43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005f39050]
15:12:47.932 Scan finished successfully
15:13:12.095 Disk 0 MBR has been saved successfully to "C:\Users\Family\Desktop\MBR.dat"
15:13:12.105 The log file has been saved successfully to "C:\Users\Family\Desktop\aswMBR.txt"
|
|
21.09.2012, 20:15
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Webseite nicht anzeigen Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.09.2012, 11:27
| #27 |
| | Dieses Programm kann die Webseite nicht anzeigen FIXMBR ist ohne Probleme durchgelaufen. anbei das Log-File Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-22 12:21:46
-----------------------------
12:21:46.941 OS Version: Windows x64 6.1.7601 Service Pack 1
12:21:46.941 Number of processors: 4 586 0x2A07
12:21:46.941 ComputerName: FAMILY-PC UserName: Family
12:21:52.367 Initialize success
12:21:56.757 AVAST engine defs: 12092100
12:22:00.449 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:22:00.449 Disk 0 Vendor: ST1500DL CC4A Size: 1430799MB BusType: 3
12:22:00.489 Disk 0 MBR read successfully
12:22:00.489 Disk 0 MBR scan
12:22:00.489 Disk 0 Windows 7 default MBR code
12:22:00.509 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:22:00.529 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1378473 MB offset 206848
12:22:00.569 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 51200 MB offset 2823319552
12:22:00.589 Disk 0 Partition 4 00 12 Compaq diag NTFS 1024 MB offset 2928177152
12:22:00.649 Disk 0 scanning C:\Windows\system32\drivers
12:22:11.889 Service scanning
12:22:29.023 Modules scanning
12:22:29.023 Disk 0 trace - called modules:
12:22:29.043 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:22:29.043 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80087f3060]
12:22:29.053 3 CLASSPNP.SYS[fffff88001cfa43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80060f9050]
12:22:29.053 Scan finished successfully
12:23:02.924 Disk 0 MBR has been saved successfully to "C:\Users\Family\Desktop\MBR.dat"
12:23:02.934 The log file has been saved successfully to "C:\Users\Family\Desktop\aswMBR.txt"
12:24:33.315 Disk 0 MBR has been saved successfully to "C:\Users\Family\Desktop\MBR.dat"
12:24:33.325 The log file has been saved successfully to "C:\Users\Family\Desktop\aswMBR.txt"
12:25:15.149 Disk 0 MBR has been saved successfully to "C:\Users\Family\Downloads\MBR.dat"
12:25:15.159 The log file has been saved successfully to "C:\Users\Family\Downloads\aswMBR.txt"
|
|
22.09.2012, 18:02
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Webseite nicht anzeigen Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.09.2012, 18:55
| #29 |
| | Dieses Programm kann die Webseite nicht anzeigen Hallo Cosinus, anbei die beiden Log-Files: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.24.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Family :: FAMILY-PC [Administrator] Schutz: Aktiviert 24.09.2012 10:35:34 mbam-log-2012-09-24 (10-35-34).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 417821 Laufzeit: 54 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/24/2012 at 05:48 PM
Application Version : 5.5.1016
Core Rules Database Version : 9277
Trace Rules Database Version: 7089
Scan type : Complete Scan
Total Scan Time : 01:20:26
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 856
Memory threats detected : 0
Registry items scanned : 67396
Registry threats detected : 0
File items scanned : 204162
File threats detected : 189
Adware.Tracking Cookie
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\C738B1MM.txt [ /atdmt.com ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\TB2N8TLE.txt [ /track.adform.net ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\4MTU7L6H.txt [ /serving-sys.com ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\1S50VCGH.txt [ /bs.serving-sys.com ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\UO97VDY2.txt [ /adform.net ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\E5BVOE7T.txt [ /mp3find.sd.softonic.de ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\3CO9S1JO.txt [ /adfarm1.adition.com ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\OD85PA9N.txt [ /doubleclick.net ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\AHRA67SI.txt [ /eaeacom.112.2o7.net ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\7BKS4N7M.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\R1T39U70.txt [ /c.atdmt.com ]
C:\Users\Family\AppData\Roaming\Microsoft\Windows\Cookies\HATR6U4I.txt [ /imrworldwide.com ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\OUFSZNUK.txt [ Cookie:family@clkads.com/adServe ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\X993HP95.txt [ Cookie:family@atdmt.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XRZJ57EO.txt [ Cookie:family@revsci.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\C3DZ5JG1.txt [ Cookie:family@adfarm1.adition.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\05CEOLRR.txt [ Cookie:family@doubleclick.net/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\UEOSJ7GQ.txt [ Cookie:family@invitemedia.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0E29Y70L.txt [ Cookie:family@apmebf.com/ ]
C:\USERS\FAMILY\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y1TN51EF.txt [ Cookie:family@yieldmanager.net/ ]
C:\USERS\FAMILY\Cookies\C738B1MM.txt [ Cookie:family@atdmt.com/ ]
C:\USERS\FAMILY\Cookies\TB2N8TLE.txt [ Cookie:family@track.adform.net/ ]
C:\USERS\FAMILY\Cookies\UO97VDY2.txt [ Cookie:family@adform.net/ ]
C:\USERS\FAMILY\Cookies\OUFSZNUK.txt [ Cookie:family@clkads.com/adServe ]
C:\USERS\FAMILY\Cookies\3CO9S1JO.txt [ Cookie:family@adfarm1.adition.com/ ]
C:\USERS\FAMILY\Cookies\OD85PA9N.txt [ Cookie:family@doubleclick.net/ ]
C:\USERS\FAMILY\Cookies\7BKS4N7M.txt [ Cookie:family@ad2.adfarm1.adition.com/ ]
C:\USERS\FAMILY\Cookies\R1T39U70.txt [ Cookie:family@c.atdmt.com/ ]
.revsci.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.microsoftwlsearchcrm.112.2o7.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
deutsches-youporn.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
deutsches-youporn.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
lustpornos.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
lustpornos.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
traffic.brokerbabe.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
traffic.brokerbabe.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
traffic.brokerbabe.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.hdpornmobile.xxx [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.hdpornmobile.xxx [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.hdpornmobile.xxx [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.hdpornmobile.xxx [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.hdpornmobile.xxx [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
sexlegenden.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
sexlegenden.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
sexlegenden.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.bittasex.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.bittasex.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
viewad.exchangecash.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
media.neodau.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
media.neodau.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
media.neodau.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.pornme.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.youporn-deutsch.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.youporn-deutsch.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.youporn-deutsch.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.youporn-deutsch.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.youporn-deutsch.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
www.youporn-deutsch.com [ C:\USERS\FAMILY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KK83A8W9.DEFAULT\COOKIES.SQLITE ]
naiadsystems.com [ C:\USERS\FAMILY\JENS\SICHERUNG\MODERSITZKI\C-DATEIN\DOKUMENTE UND EINSTELLUNGEN\MODERSITZKI\ANWENDUNGSDATEN\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XXZAFXRP ]
tribalfusion.com [ C:\USERS\FAMILY\JENS\SICHERUNG\MODERSITZKI\C-DATEIN\DOKUMENTE UND EINSTELLUNGEN\MODERSITZKI\ANWENDUNGSDATEN\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XXZAFXRP ]
www.digital-media-repository.com [ C:\USERS\FAMILY\JENS\SICHERUNG\MODERSITZKI\C-DATEIN\DOKUMENTE UND EINSTELLUNGEN\MODERSITZKI\ANWENDUNGSDATEN\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XXZAFXRP ]
C:\USERS\FAMILY\JENS\SICHERUNG\MODERSITZKI\C-DATEIN\DOKUMENTE UND EINSTELLUNGEN\MODERSITZKI\COOKIES\MODERSITZKI@FORTUNECITY[1].TXT [ /FORTUNECITY ]
C:\USERS\FAMILY\JENS\SICHERUNG\MODERSITZKI\C-DATEIN\DOKUMENTE UND EINSTELLUNGEN\MODERSITZKI\COOKIES\MODERSITZKI@WWW.GOOGLEADSERVICES[2].TXT [ /WWW.GOOGLEADSERVICES ]
C:\USERS\FAMILY\JENS\SICHERUNG\MODERSITZKI\C-DATEIN\DOKUMENTE UND EINSTELLUNGEN\MODERSITZKI\COOKIES\MODERSITZKI@POSTCLICKTRACKING[2].TXT [ /POSTCLICKTRACKING ]
Trojan.Agent/Gen-MSFake
C:\USERS\FAMILY\APPDATA\ROAMING\DESKTOPICONFORAMAZON\ICONFORAMAZON.EXE
Trojan.Agent/Gen-Sirefef
C:\USERS\FAMILY\JENS\SICHERUNG\MODERSITZKI\LOKALE EINSTELLUNGEN\TEMPORARY INTERNET FILES\CONTENT.IE5\8KK0MPBK\STAMPSETUP[1].EXE
C:\USERS\FAMILY\JENS\SICHERUNG\MODERSITZKI\C-DATEIN\DOKUMENTE UND EINSTELLUNGEN\MODERSITZKI\LOKALE EINSTELLUNGEN\TEMPORARY INTERNET FILES\CONTENT.IE5\8KK0MPBK\STAMPSETUP[1].EXE
|
|
25.09.2012, 08:05
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Webseite nicht anzeigen Sieht ok aus, da wurden nur Cookies gefunden und drei Fehlalarme gemeldet. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Dieses Programm kann die Webseite nicht anzeigen |
| autorun, bho, converter, dieses programm kann die webseite nicht anzeigen, document, error, firefox, flash player, format, google, helper, home, install.exe, logfile, lws.exe, mozilla, mp3, officejet, plug-in, problem, programm, realtek, registry, rundll, security, software, svchost.exe, trojan.agent.ge, trojaner, trojaner board, udp, usb 3.0 |
Linear-Darstellung
