Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   JS\Hiloti.C.1 und HTML/Rce.Gen (https://www.trojaner-board.de/112743-js-hiloti-c-1-html-rce-gen.html)

Enna-AF 31.03.2012 09:32
JS\Hiloti.C.1 und HTML/Rce.Gen
 
Hallo,

gestern meldete Avira den Fund von JS\Hiloti.C.1. Ich habe die Datei mit Avira entfernt. Heute meldete Avira dann den Fund von HTML/Rce.Gen in C:\Users\Niklas Herrmann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VX7ANWWW\3307[1].htm. Leider war ich so blöd und habe mit CCleaner die Logfiles gelöscht:stirn:.



Defogger meldetet:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:22 on 31/03/2012 (***)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

dds.txt:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by *** at 10:23:06 on 2012-03-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2575 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Users\Niklas Herrmann\Downloads\the West Lan Windows 0.1.0.14\twlandownload\mysql\bin\mysqld.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\nHancer\nHancerService.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\maxdome\DCBin\DCService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_2_202_228_ActiveX.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.google.de/
uSearch Bar =
uInternet Settings,ProxyServer = 152.3.138.4:80
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Ghostery Add-On: {237eb6da-3fea-4dd2-8a61-a901b5c489d7} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryBrowserHelperObject.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Turnabout Helper: {87ff76f0-bca9-40dc-b1e5-254062eee8f4} - C:\Program Files (x86)\Reify Software\Turnabout\turnabout.dll
BHO: Windows Live Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Reify Toolbar: {b99f805c-f0b1-48ea-8c8b-753bfcbed912} - C:\Program Files (x86)\Reify Software\Turnabout\turnabout.dll
TB: Gutscheinmieze: {dfefcdee-cf1a-4fc8-88ad-48514e463b27} - C:\Users\Niklas Herrmann\AppData\Roaming\Gutscheinmieze\toolbar.dll
TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {942CD1D4-9CC1-4D31-876A-EA8F489F7A59} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [<NO NAME>]
mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-explorer: NoFileAssociate = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {1C1CB5F8-D5A3-4FD9-876C-ECD2BDA32716} - {1C1CB5F8-D5A3-4FD9-876C-ECD2BDA32716} - C:\Program Files (x86)\Reify Software\Turnabout\turnabout.dll
IE: {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - {237EB6DA-3FEA-4DD2-8A61-A901B5C489D7} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryBrowserHelperObject.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: ath.cx\twtool
Trusted Zone: web.de
DPF: {10000000-1000-1000-1000-100000000000} - hxxp://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E4CF4E86-D0DC-4864-8F0E-4F6EA2526334} - hxxps://img.web.de/v/smartdrive/v23/activex/web_de_osupload_2002.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{AE59E6C5-8877-4A9A-A091-CA83E1D33B2B} : DhcpNameServer = 192.168.178.1
Filter: text/html - {4459DC76-1FDE-4B16-BAD0-E4F8E7647555} - C:\Program Files (x86)\GhosteryIEplugin\GhosteryMimeFilter.dll
Handler: data - {038664DA-5BA5-47FC-88D9-15ADE940ED55} - C:\Program Files (x86)\Reify Software\Turnabout\turnabout.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
{0347C33E-8762-4905-BF09-768834316C61}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{237EB6DA-3FEA-4DD2-8A61-A901B5C489D7}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{87FF76F0-BCA9-40DC-B1E5-254062EEE8F4}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{EEE6C35C-6118-11DC-9C72-001320C79847}
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}
{B99F805C-F0B1-48EA-8C8B-753BFCBED912}
{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}
{EEE6C35B-6118-11DC-9C72-001320C79847}
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB-X64: {942CD1D4-9CC1-4D31-876A-EA8F489F7A59} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\jqxu2rri.default\
FF - prefs.js: browser.search.selectedEngine - foxsearch
FF - prefs.js: browser.startup.homepage - hxxp://weww.the-west.de
FF - prefs.js: keyword.URL - hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - prefs.js: network.proxy.ftp - 152.3.138.4
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.gopher - 152.3.138.4
FF - prefs.js: network.proxy.gopher_port - 80
FF - prefs.js: network.proxy.http - 152.3.138.4
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 152.3.138.4
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 152.3.138.4
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6\components\FirefoxExtension.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - foxsearch
FF - user.js: browser.search.order.1 - foxsearch
FF - user.js: browser.search.defaultenginename - foxsearch
FF - user.js: keyword.URL - hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xx;mv61xx;C:\Windows\system32\DRIVERS\mv61xx.sys --> C:\Windows\system32\DRIVERS\mv61xx.sys [?]
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\system32\DRIVERS\rtlprot.sys --> C:\Windows\system32\DRIVERS\rtlprot.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-18 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-18 110032]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cpuz133;cpuz133;\??\C:\Windows\system32\drivers\cpuz133_x64.sys --> C:\Windows\system32\drivers\cpuz133_x64.sys [?]
R2 Prosieben;maxdome Download Manager;C:\Program Files (x86)\maxdome\DCBin\DCService.exe [2009-5-1 77032]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-8-3 379496]
R3 netr28ux;RT2870-USB-Drahtlos-LAN-Kartentreiber für Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]
R3 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-6-17 2255464]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 Apache2.2;Apache2.2;C:\Users\***\Downloads\the West Lan Windows 0.1.0.14\twlandownload\apache\bin\httpd.exe [2009-12-20 29416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-26 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-30 253600]
S3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\system32\DRIVERS\athrxusb.sys --> C:\Windows\system32\DRIVERS\athrxusb.sys [?]
S3 CBPSp50a64;CBPSp50a64 NDIS Protocol Driver;C:\Windows\system32\Drivers\CBPSp50a64.sys --> C:\Windows\system32\Drivers\CBPSp50a64.sys [?]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-9-4 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-9-3 79360]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-26 133104]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 12288]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
.
=============== Created Last 30 ================
.
2012-03-30 13:00:47 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BAEE2B89-5409-4171-8609-DFE15CECE54A}\mpengine.dll
2012-03-30 12:21:16 97208 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-03-30 12:21:16 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-30 12:21:16 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-30 11:52:20 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-03-29 16:23:10 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-29 16:23:10 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-29 16:23:09 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-29 16:08:41 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-03-29 16:08:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-03-29 16:08:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-29 16:08:37 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-29 16:08:35 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-29 16:08:33 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-03-29 16:08:32 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-03-29 16:08:32 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-03-29 16:08:16 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-03-29 16:08:16 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-03-29 16:04:48 -------- d-----w- C:\Program Files\Core Temp
2012-03-29 16:04:40 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-29 16:04:40 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-29 16:04:40 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-29 16:04:39 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-29 16:04:39 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-29 16:04:39 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-29 16:04:39 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
.
==================== Find3M ====================
.
2012-03-30 11:52:20 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-29 16:12:45 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-23 07:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2006-05-03 10:06:54 163328 --sh--r- C:\Windows\SysWOW64\flvDX.dll
2007-02-21 11:47:16 31232 --sh--r- C:\Windows\SysWOW64\msfDX.dll
2008-03-16 13:30:52 216064 --sh--r- C:\Windows\SysWOW64\nbDX.dll
.
============= FINISH: 10:23:42,07 ===============


attach.zip als Anhang

Schonmal jetzt danke.

cosinus 02.04.2012 13:03
Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Enna-AF 03.04.2012 13:35
Erstmal Danke für die ANtwort!

Malwarebytes sagt:

Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.02.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
***:: ***-PC [Administrator]

02.04.2012 11:56:43
mbam-log-2012-04-02 (11-56-43).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 477610
Laufzeit: 1 Stunde(n), 19 Minute(n), 33 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
(Ich habe, nachdem die Windows/Daten Partition durchsucht war, abgebrochen, da auf D: nur Flugsimulator Daten und Addons liegen)

ESET:

Code:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-03 12:28:03
# local_time=2012-04-03 02:28:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 14493330 14493330 0 0
# compatibility_mode=5893 16776573 100 94 931 85067893 0 0
# compatibility_mode=8192 67108863 100 0 726 726 0 0
# scanned=690142
# found=0
# cleaned=0
# scan_time=18039
Sieht alles sauber aus, oder? PC verhält sich wie immer. JS/Hiloti.C.1 hat Avira in der Quarantäne und vom anderen fehlt jede Spur.

Ich hatte jetzt doch noch Zeit: nachgereichter Malwarebytes Durchlauf von D:/

Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.03.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-PC [Administrator]

03.04.2012 15:31:18
mbam-log-2012-04-03 (15-31-18).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 467574
Laufzeit: 40 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Soll ich noch einen von der externen machen?

cosinus 03.04.2012 16:18
Zitat:
Soll ich noch einen von der externen machen?
Ja solltest du eigentlich mitscannen

Enna-AF 03.04.2012 16:54
Hier der Log (der eine Fund ist definitv ein Fehlalarm, das ist ein Freeware-Flusi-Addon von einer definitiv virenfreien Downloadseite. (www.flightsim.com). (Und hätte Avira ja auch nicht zur Meldung von den 2 Sachen bewogen, die ja auch nicht auf J:/ lagen, das J:/ zudem Zeitpunkt nicht angeschlossen war...

Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.03.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-PC [Administrator]

03.04.2012 17:45:14
mbam-log-2012-04-03 (17-45-14).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 234242
Laufzeit: 4 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
J:\fs9addis\uk_roads\UK Roads.exe (Adware.Onlinegames) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus 03.04.2012 18:49
Bislang ist alles unauffällig. Ich gehe langsam davon aus, dass hier entweder Fehlalarme im Spiel waren oder die Schädlinge nicht über den Browsercache hinaus gekommen sind.

Wollen wir tieefer graben?

Enna-AF 03.04.2012 20:07
Kommt drauf an. Ich möchte nur ungern das Risiko eingehen mir meine System zu zerschießen, andererseits will ich natürlich nicht als Virenschleuder für alle fungieren, die Daten von mir bekommen... Was sagst du den dazu?

Und schonmal ein großes Dankeschön!:party:

cosinus 03.04.2012 20:11
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Enna-AF 03.04.2012 20:29
Das war ja mal ein schneller Scanner :)

Code:
21:26:32.0505 5104        TDSS rootkit removing tool 2.7.25.0 Apr  3 2012 13:42:32
21:26:32.0646 5104        ============================================================
21:26:32.0646 5104        Current date / time: 2012/04/03 21:26:32.0646
21:26:32.0646 5104        SystemInfo:
21:26:32.0646 5104       
21:26:32.0646 5104        OS Version: 6.1.7601 ServicePack: 1.0
21:26:32.0646 5104        Product type: Workstation
21:26:32.0646 5104        ComputerName: ***-PC
21:26:32.0646 5104        UserName: ***
21:26:32.0646 5104        Windows directory: C:\Windows
21:26:32.0646 5104        System windows directory: C:\Windows
21:26:32.0646 5104        Running under WOW64
21:26:32.0646 5104        Processor architecture: Intel x64
21:26:32.0646 5104        Number of processors: 2
21:26:32.0646 5104        Page size: 0x1000
21:26:32.0646 5104        Boot type: Normal boot
21:26:32.0646 5104        ============================================================
21:26:33.0613 5104        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
21:26:33.0629 5104        Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:26:34.0065 5104        \Device\Harddisk0\DR0:
21:26:34.0065 5104        MBR used
21:26:34.0065 5104        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x124F8000
21:26:34.0065 5104        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x12F35800
21:26:34.0065 5104        \Device\Harddisk1\DR1:
21:26:34.0065 5104        MBR used
21:26:34.0065 5104        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706D71
21:26:34.0143 5104        Initialize success
21:26:34.0143 5104        ============================================================
21:26:56.0914 3436        ============================================================
21:26:56.0914 3436        Scan started
21:26:56.0914 3436        Mode: Manual;
21:26:56.0914 3436        ============================================================
21:26:58.0598 3436        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:26:58.0598 3436        1394ohci - ok
21:26:58.0661 3436        61883          (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
21:26:58.0661 3436        61883 - ok
21:26:58.0739 3436        acedrv05        (056faaff049ca7237194065423307189) C:\Windows\system32\drivers\acedrv05.sys
21:26:58.0739 3436        acedrv05 - ok
21:26:58.0770 3436        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:26:58.0770 3436        ACPI - ok
21:26:58.0801 3436        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:26:58.0801 3436        AcpiPmi - ok
21:26:58.0895 3436        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:26:58.0895 3436        AdobeARMservice - ok
21:26:59.0004 3436        AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:26:59.0004 3436        AdobeFlashPlayerUpdateSvc - ok
21:26:59.0051 3436        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:26:59.0066 3436        adp94xx - ok
21:26:59.0082 3436        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:26:59.0082 3436        adpahci - ok
21:26:59.0098 3436        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:26:59.0098 3436        adpu320 - ok
21:26:59.0144 3436        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:26:59.0144 3436        AeLookupSvc - ok
21:26:59.0191 3436        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:26:59.0207 3436        AFD - ok
21:26:59.0238 3436        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:26:59.0238 3436        agp440 - ok
21:26:59.0254 3436        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:26:59.0269 3436        ALG - ok
21:26:59.0285 3436        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:26:59.0285 3436        aliide - ok
21:26:59.0378 3436        ALSysIO - ok
21:26:59.0394 3436        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:26:59.0394 3436        amdide - ok
21:26:59.0425 3436        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:26:59.0425 3436        AmdK8 - ok
21:26:59.0441 3436        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:26:59.0441 3436        AmdPPM - ok
21:26:59.0472 3436        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:26:59.0472 3436        amdsata - ok
21:26:59.0503 3436        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:26:59.0503 3436        amdsbs - ok
21:26:59.0534 3436        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:26:59.0534 3436        amdxata - ok
21:26:59.0612 3436        AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:26:59.0612 3436        AntiVirSchedulerService - ok
21:26:59.0659 3436        AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:26:59.0659 3436        AntiVirService - ok
21:26:59.0815 3436        Apache2.2      (fb32f046a2578755fa0da5052c6a9cd3) C:\Users\***\Downloads\the West Lan Windows 0.1.0.14\twlandownload\apache\bin\httpd.exe
21:26:59.0815 3436        Apache2.2 - ok
21:26:59.0893 3436        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:26:59.0893 3436        AppID - ok
21:26:59.0924 3436        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:26:59.0924 3436        AppIDSvc - ok
21:26:59.0971 3436        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:26:59.0971 3436        Appinfo - ok
21:27:00.0002 3436        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:27:00.0002 3436        arc - ok
21:27:00.0018 3436        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:27:00.0018 3436        arcsas - ok
21:27:00.0096 3436        AsIO            (68726474c69b738eac3a62e06b33addc) C:\Windows\syswow64\drivers\AsIO.sys
21:27:00.0096 3436        AsIO - ok
21:27:00.0112 3436        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:27:00.0112 3436        AsyncMac - ok
21:27:00.0158 3436        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:27:00.0158 3436        atapi - ok
21:27:00.0221 3436        athrusb        (4bc451a93db4915569c97fdab020e6e7) C:\Windows\system32\DRIVERS\athrxusb.sys
21:27:00.0236 3436        athrusb - ok
21:27:00.0252 3436        atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
21:27:00.0252 3436        atksgt - ok
21:27:00.0314 3436        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:27:00.0314 3436        AudioEndpointBuilder - ok
21:27:00.0330 3436        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:27:00.0330 3436        AudioSrv - ok
21:27:00.0361 3436        Avc            (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
21:27:00.0361 3436        Avc - ok
21:27:00.0408 3436        avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
21:27:00.0408 3436        avgntflt - ok
21:27:00.0455 3436        avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
21:27:00.0455 3436        avipbb - ok
21:27:00.0626 3436        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
21:27:00.0626 3436        avkmgr - ok
21:27:00.0673 3436        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:27:00.0673 3436        AxInstSV - ok
21:27:00.0720 3436        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:27:00.0720 3436        b06bdrv - ok
21:27:00.0751 3436        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:27:00.0751 3436        b57nd60a - ok
21:27:00.0814 3436        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:27:00.0814 3436        BDESVC - ok
21:27:00.0829 3436        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:27:00.0829 3436        Beep - ok
21:27:00.0876 3436        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:27:00.0892 3436        BFE - ok
21:27:00.0938 3436        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:27:00.0954 3436        BITS - ok
21:27:00.0985 3436        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:27:00.0985 3436        blbdrive - ok
21:27:01.0079 3436        Bonjour Service (ebad0f51d8d4dade7660b1851addbd07) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
21:27:01.0079 3436        Bonjour Service - ok
21:27:01.0126 3436        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:27:01.0126 3436        bowser - ok
21:27:01.0141 3436        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:27:01.0141 3436        BrFiltLo - ok
21:27:01.0172 3436        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:27:01.0172 3436        BrFiltUp - ok
21:27:01.0219 3436        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:27:01.0219 3436        Browser - ok
21:27:01.0235 3436        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:27:01.0250 3436        Brserid - ok
21:27:01.0266 3436        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:27:01.0266 3436        BrSerWdm - ok
21:27:01.0297 3436        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:27:01.0297 3436        BrUsbMdm - ok
21:27:01.0313 3436        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:27:01.0313 3436        BrUsbSer - ok
21:27:01.0328 3436        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:27:01.0328 3436        BTHMODEM - ok
21:27:01.0375 3436        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:27:01.0375 3436        bthserv - ok
21:27:01.0391 3436        CBPSp50a64      (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\Drivers\CBPSp50a64.sys
21:27:01.0391 3436        CBPSp50a64 - ok
21:27:01.0422 3436        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:27:01.0422 3436        cdfs - ok
21:27:01.0469 3436        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:27:01.0469 3436        cdrom - ok
21:27:01.0516 3436        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:27:01.0516 3436        CertPropSvc - ok
21:27:01.0531 3436        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:27:01.0531 3436        circlass - ok
21:27:01.0562 3436        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:27:01.0562 3436        CLFS - ok
21:27:01.0640 3436        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:27:01.0640 3436        clr_optimization_v2.0.50727_32 - ok
21:27:01.0718 3436        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:27:01.0718 3436        clr_optimization_v2.0.50727_64 - ok
21:27:01.0781 3436        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:27:01.0781 3436        clr_optimization_v4.0.30319_32 - ok
21:27:01.0812 3436        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:27:01.0812 3436        clr_optimization_v4.0.30319_64 - ok
21:27:01.0859 3436        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:27:01.0859 3436        CmBatt - ok
21:27:01.0890 3436        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:27:01.0890 3436        cmdide - ok
21:27:01.0921 3436        CNG            (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:27:01.0937 3436        CNG - ok
21:27:01.0952 3436        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:27:01.0952 3436        Compbatt - ok
21:27:01.0968 3436        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:27:01.0968 3436        CompositeBus - ok
21:27:01.0984 3436        COMSysApp - ok
21:27:02.0015 3436        cpuz133        (641243746597fbd650e5000d95811ea3) C:\Windows\system32\drivers\cpuz133_x64.sys
21:27:02.0015 3436        cpuz133 - ok
21:27:02.0030 3436        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:27:02.0030 3436        crcdisk - ok
21:27:02.0093 3436        Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
21:27:02.0093 3436        Creative ALchemy AL6 Licensing Service - ok
21:27:02.0124 3436        Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
21:27:02.0124 3436        Creative Audio Engine Licensing Service - ok
21:27:02.0155 3436        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
21:27:02.0155 3436        CryptSvc - ok
21:27:02.0249 3436        CTAudSvcService (69cdba2b9c397e349a04fa70dd9170a2) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
21:27:02.0249 3436        CTAudSvcService - ok
21:27:02.0296 3436        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:27:02.0296 3436        DcomLaunch - ok
21:27:02.0358 3436        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:27:02.0358 3436        defragsvc - ok
21:27:02.0405 3436        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:27:02.0405 3436        DfsC - ok
21:27:02.0452 3436        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:27:02.0452 3436        Dhcp - ok
21:27:02.0483 3436        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:27:02.0483 3436        discache - ok
21:27:02.0561 3436        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:27:02.0561 3436        Disk - ok
21:27:02.0592 3436        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:27:02.0592 3436        Dnscache - ok
21:27:02.0639 3436        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:27:02.0639 3436        dot3svc - ok
21:27:02.0686 3436        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:27:02.0686 3436        DPS - ok
21:27:02.0732 3436        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:27:02.0732 3436        drmkaud - ok
21:27:02.0764 3436        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:27:02.0779 3436        DXGKrnl - ok
21:27:02.0810 3436        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:27:02.0810 3436        EapHost - ok
21:27:02.0888 3436        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:27:02.0920 3436        ebdrv - ok
21:27:02.0951 3436        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:27:02.0951 3436        EFS - ok
21:27:03.0013 3436        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:27:03.0013 3436        ehRecvr - ok
21:27:03.0044 3436        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:27:03.0044 3436        ehSched - ok
21:27:03.0076 3436        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:27:03.0091 3436        elxstor - ok
21:27:03.0122 3436        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:27:03.0122 3436        ErrDev - ok
21:27:03.0185 3436        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:27:03.0185 3436        EventSystem - ok
21:27:03.0200 3436        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:27:03.0200 3436        exfat - ok
21:27:03.0216 3436        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:27:03.0232 3436        fastfat - ok
21:27:03.0278 3436        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:27:03.0278 3436        Fax - ok
21:27:03.0310 3436        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:27:03.0310 3436        fdc - ok
21:27:03.0325 3436        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:27:03.0325 3436        fdPHost - ok
21:27:03.0341 3436        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:27:03.0341 3436        FDResPub - ok
21:27:03.0356 3436        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:27:03.0356 3436        FileInfo - ok
21:27:03.0388 3436        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:27:03.0388 3436        Filetrace - ok
21:27:03.0403 3436        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:27:03.0403 3436        flpydisk - ok
21:27:03.0434 3436        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:27:03.0434 3436        FltMgr - ok
21:27:03.0481 3436        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:27:03.0497 3436        FontCache - ok
21:27:03.0622 3436        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:27:03.0622 3436        FontCache3.0.0.0 - ok
21:27:03.0653 3436        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:27:03.0653 3436        FsDepends - ok
21:27:03.0668 3436        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:27:03.0668 3436        Fs_Rec - ok
21:27:03.0700 3436        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:27:03.0700 3436        fvevol - ok
21:27:03.0731 3436        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:27:03.0731 3436        gagp30kx - ok
21:27:03.0778 3436        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:27:03.0793 3436        gpsvc - ok
21:27:03.0887 3436        gupdate        (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:27:03.0887 3436        gupdate - ok
21:27:03.0902 3436        gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:27:03.0902 3436        gupdatem - ok
21:27:03.0918 3436        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:27:03.0918 3436        hcw85cir - ok
21:27:03.0965 3436        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:27:03.0965 3436        HdAudAddService - ok
21:27:03.0996 3436        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:27:03.0996 3436        HDAudBus - ok
21:27:04.0012 3436        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:27:04.0012 3436        HidBatt - ok
21:27:04.0043 3436        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:27:04.0043 3436        HidBth - ok
21:27:04.0058 3436        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:27:04.0058 3436        HidIr - ok
21:27:04.0090 3436        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:27:04.0105 3436        hidserv - ok
21:27:04.0136 3436        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:27:04.0136 3436        HidUsb - ok
21:27:04.0168 3436        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:27:04.0168 3436        hkmsvc - ok
21:27:04.0214 3436        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:27:04.0214 3436        HomeGroupListener - ok
21:27:04.0246 3436        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:27:04.0246 3436        HomeGroupProvider - ok
21:27:04.0355 3436        hpqcxs08        (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:27:04.0355 3436        hpqcxs08 - ok
21:27:04.0402 3436        hpqddsvc        (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:27:04.0402 3436        hpqddsvc - ok
21:27:04.0433 3436        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:27:04.0433 3436        HpSAMD - ok
21:27:04.0511 3436        HPSLPSVC        (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:27:04.0526 3436        HPSLPSVC - ok
21:27:04.0573 3436        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:27:04.0589 3436        HTTP - ok
21:27:04.0620 3436        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:27:04.0620 3436        hwpolicy - ok
21:27:04.0667 3436        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:27:04.0667 3436        i8042prt - ok
21:27:04.0714 3436        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:27:04.0714 3436        iaStorV - ok
21:27:04.0807 3436        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:27:04.0807 3436        IDriverT - ok
21:27:04.0932 3436        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:27:04.0948 3436        idsvc - ok
21:27:04.0979 3436        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:27:04.0979 3436        iirsp - ok
21:27:05.0041 3436        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:27:05.0041 3436        IKEEXT - ok
21:27:05.0088 3436        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:27:05.0088 3436        intelide - ok
21:27:05.0104 3436        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:27:05.0104 3436        intelppm - ok
21:27:05.0135 3436        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:27:05.0135 3436        IPBusEnum - ok
21:27:05.0182 3436        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:27:05.0182 3436        IpFilterDriver - ok
21:27:05.0228 3436        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:27:05.0228 3436        iphlpsvc - ok
21:27:05.0260 3436        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:27:05.0260 3436        IPMIDRV - ok
21:27:05.0291 3436        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:27:05.0291 3436        IPNAT - ok
21:27:05.0322 3436        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:27:05.0322 3436        IRENUM - ok
21:27:05.0369 3436        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:27:05.0369 3436        isapnp - ok
21:27:05.0384 3436        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:27:05.0384 3436        iScsiPrt - ok
21:27:05.0431 3436        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:27:05.0431 3436        kbdclass - ok
21:27:05.0462 3436        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:27:05.0462 3436        kbdhid - ok
21:27:05.0478 3436        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:27:05.0494 3436        KeyIso - ok
21:27:05.0509 3436        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:27:05.0509 3436        KSecDD - ok
21:27:05.0525 3436        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:27:05.0525 3436        KSecPkg - ok
21:27:05.0540 3436        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:27:05.0540 3436        ksthunk - ok
21:27:05.0587 3436        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:27:05.0587 3436        KtmRm - ok
21:27:05.0696 3436        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:27:05.0759 3436        LanmanServer - ok
21:27:05.0806 3436        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:27:05.0806 3436        LanmanWorkstation - ok
21:27:05.0852 3436        lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
21:27:05.0852 3436        lirsgt - ok
21:27:05.0884 3436        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:27:05.0884 3436        lltdio - ok
21:27:05.0899 3436        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:27:05.0915 3436        lltdsvc - ok
21:27:05.0930 3436        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:27:05.0930 3436        lmhosts - ok
21:27:05.0962 3436        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:27:05.0962 3436        LSI_FC - ok
21:27:05.0977 3436        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:27:05.0977 3436        LSI_SAS - ok
21:27:05.0993 3436        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:27:05.0993 3436        LSI_SAS2 - ok
21:27:06.0008 3436        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:27:06.0008 3436        LSI_SCSI - ok
21:27:06.0040 3436        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:27:06.0040 3436        luafv - ok
21:27:06.0071 3436        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:27:06.0086 3436        Mcx2Svc - ok
21:27:06.0102 3436        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:27:06.0102 3436        megasas - ok
21:27:06.0133 3436        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:27:06.0133 3436        MegaSR - ok
21:27:06.0164 3436        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:27:06.0164 3436        MMCSS - ok
21:27:06.0180 3436        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:27:06.0180 3436        Modem - ok
21:27:06.0227 3436        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:27:06.0227 3436        monitor - ok
21:27:06.0258 3436        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:27:06.0258 3436        mouclass - ok
21:27:06.0274 3436        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:27:06.0274 3436        mouhid - ok
21:27:06.0305 3436        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:27:06.0305 3436        mountmgr - ok
21:27:06.0320 3436        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:27:06.0336 3436        mpio - ok
21:27:06.0352 3436        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:27:06.0352 3436        mpsdrv - ok
21:27:06.0414 3436        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:27:06.0414 3436        MpsSvc - ok
21:27:06.0461 3436        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:27:06.0461 3436        MRxDAV - ok
21:27:06.0492 3436        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:27:06.0492 3436        mrxsmb - ok
21:27:06.0539 3436        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:27:06.0539 3436        mrxsmb10 - ok
21:27:06.0554 3436        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:27:06.0554 3436        mrxsmb20 - ok
21:27:06.0570 3436        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:27:06.0570 3436        msahci - ok
21:27:06.0601 3436        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:27:06.0601 3436        msdsm - ok
21:27:06.0632 3436        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:27:06.0632 3436        MSDTC - ok
21:27:06.0695 3436        MSDV            (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys
21:27:06.0695 3436        MSDV - ok
21:27:06.0726 3436        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:27:06.0726 3436        Msfs - ok
21:27:06.0742 3436        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:27:06.0742 3436        mshidkmdf - ok
21:27:06.0757 3436        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:27:06.0757 3436        msisadrv - ok
21:27:06.0804 3436        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:27:06.0804 3436        MSiSCSI - ok
21:27:06.0820 3436        msiserver - ok
21:27:06.0851 3436        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:27:06.0851 3436        MSKSSRV - ok
21:27:06.0866 3436        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:27:06.0866 3436        MSPCLOCK - ok
21:27:06.0882 3436        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:27:06.0882 3436        MSPQM - ok
21:27:06.0929 3436        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:27:06.0929 3436        MsRPC - ok
21:27:06.0944 3436        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:27:06.0944 3436        mssmbios - ok
21:27:06.0960 3436        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:27:06.0960 3436        MSTEE - ok
21:27:06.0976 3436        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:27:06.0976 3436        MTConfig - ok
21:27:07.0007 3436        MTsensor        (2219a3d695405e7ba2186ba6b9ede14a) C:\Windows\system32\DRIVERS\ASACPI.sys
21:27:07.0007 3436        MTsensor - ok
21:27:07.0038 3436        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:27:07.0038 3436        Mup - ok
21:27:07.0069 3436        mv61xx          (e884fd7fb31bc82041aab75be5c81eef) C:\Windows\system32\DRIVERS\mv61xx.sys
21:27:07.0069 3436        mv61xx - ok
21:27:07.0350 3436        MySQL          (21eef976d53a0bcb603abff4ab6e4c88) C:\Users\***\Downloads\the West Lan Windows 0.1.0.14\twlandownload\mysql\bin\mysqld.exe
21:27:07.0397 3436        MySQL - ok
21:27:07.0444 3436        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:27:07.0444 3436        napagent - ok
21:27:07.0506 3436        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:27:07.0506 3436        NativeWifiP - ok
21:27:07.0553 3436        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:27:07.0568 3436        NDIS - ok
21:27:07.0584 3436        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:27:07.0584 3436        NdisCap - ok
21:27:07.0600 3436        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:27:07.0600 3436        NdisTapi - ok
21:27:07.0646 3436        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:27:07.0646 3436        Ndisuio - ok
21:27:07.0678 3436        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:27:07.0693 3436        NdisWan - ok
21:27:07.0724 3436        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:27:07.0724 3436        NDProxy - ok
21:27:07.0802 3436        Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
21:27:07.0802 3436        Net Driver HPZ12 - ok
21:27:07.0818 3436        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:27:07.0818 3436        NetBIOS - ok
21:27:07.0849 3436        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:27:07.0849 3436        NetBT - ok
21:27:07.0896 3436        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:27:07.0896 3436        Netlogon - ok
21:27:07.0943 3436        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:27:07.0943 3436        Netman - ok
21:27:07.0974 3436        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:27:07.0974 3436        netprofm - ok
21:27:08.0021 3436        netr28ux        (618c55b392238b9467f9113e13525c49) C:\Windows\system32\DRIVERS\netr28ux.sys
21:27:08.0036 3436        netr28ux - ok
21:27:08.0146 3436        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:27:08.0146 3436        NetTcpPortSharing - ok
21:27:08.0177 3436        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:27:08.0177 3436        nfrd960 - ok
21:27:08.0270 3436        nHancer        (473ab3856ca286a616998cb34762eb6d) C:\Program Files\nHancer\nHancerService.exe
21:27:08.0286 3436        nHancer - ok
21:27:08.0317 3436        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:27:08.0333 3436        NlaSvc - ok
21:27:08.0380 3436        nmwcd          (5fe6f8c05f0769bbb74afac11453b182) C:\Windows\system32\drivers\ccdcmbx64.sys
21:27:08.0395 3436        nmwcd - ok
21:27:08.0426 3436        nmwcdc          (73c929945c0850b8d1fe2fea05fdf05d) C:\Windows\system32\drivers\ccdcmbox64.sys
21:27:08.0426 3436        nmwcdc - ok
21:27:08.0458 3436        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:27:08.0458 3436        Npfs - ok
21:27:08.0489 3436        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:27:08.0489 3436        nsi - ok
21:27:08.0504 3436        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:27:08.0504 3436        nsiproxy - ok
21:27:08.0567 3436        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:27:08.0582 3436        Ntfs - ok
21:27:08.0676 3436        nTuneService - ok
21:27:08.0692 3436        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:27:08.0692 3436        Null - ok
21:27:08.0926 3436        nvlddmkm        (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:27:09.0113 3436        nvlddmkm - ok
21:27:09.0222 3436        nvoclk64        (8c1d181480796d7d3366a9381fd7782d) C:\Windows\system32\DRIVERS\nvoclk64.sys
21:27:09.0222 3436        nvoclk64 - ok
21:27:09.0269 3436        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:27:09.0269 3436        nvraid - ok
21:27:09.0300 3436        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:27:09.0300 3436        nvstor - ok
21:27:09.0347 3436        nvsvc          (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
21:27:09.0362 3436        nvsvc - ok
21:27:09.0487 3436        nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:27:09.0518 3436        nvUpdatusService - ok
21:27:09.0565 3436        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:27:09.0565 3436        nv_agp - ok
21:27:09.0596 3436        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:27:09.0596 3436        ohci1394 - ok
21:27:09.0659 3436        P17            (634347adebc790b8f07654a3ea8034fd) C:\Windows\system32\drivers\P17.sys
21:27:09.0674 3436        P17 - ok
21:27:09.0721 3436        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:27:09.0721 3436        p2pimsvc - ok
21:27:09.0768 3436        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:27:09.0768 3436        p2psvc - ok
21:27:09.0815 3436        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:27:09.0815 3436        Parport - ok
21:27:09.0846 3436        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:27:09.0846 3436        partmgr - ok
21:27:09.0862 3436        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:27:09.0862 3436        PcaSvc - ok
21:27:09.0924 3436        pccsmcfd        (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:27:09.0924 3436        pccsmcfd - ok
21:27:09.0940 3436        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:27:09.0940 3436        pci - ok
21:27:09.0955 3436        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:27:09.0955 3436        pciide - ok
21:27:09.0986 3436        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:27:09.0986 3436        pcmcia - ok
21:27:10.0002 3436        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:27:10.0002 3436        pcw - ok
21:27:10.0033 3436        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:27:10.0033 3436        PEAUTH - ok
21:27:10.0096 3436        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:27:10.0111 3436        PerfHost - ok
21:27:10.0174 3436        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:27:10.0189 3436        pla - ok
21:27:10.0236 3436        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:27:10.0252 3436        PlugPlay - ok
21:27:10.0298 3436        Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
21:27:10.0298 3436        Pml Driver HPZ12 - ok
21:27:10.0330 3436        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:27:10.0330 3436        PNRPAutoReg - ok
21:27:10.0361 3436        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:27:10.0361 3436        PNRPsvc - ok
21:27:10.0376 3436        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:27:10.0392 3436        PolicyAgent - ok
21:27:10.0439 3436        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:27:10.0439 3436        Power - ok
21:27:10.0486 3436        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:27:10.0486 3436        PptpMiniport - ok
21:27:10.0532 3436        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:27:10.0532 3436        Processor - ok
21:27:10.0579 3436        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
21:27:10.0579 3436        ProfSvc - ok
21:27:10.0657 3436        Prosieben      (9cc2c93394241e602da63826413055ff) C:\Program Files (x86)\maxdome\DCBin\DCService.exe
21:27:10.0657 3436        Prosieben - ok
21:27:10.0673 3436        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:27:10.0673 3436        ProtectedStorage - ok
21:27:10.0720 3436        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:27:10.0720 3436        Psched - ok
21:27:10.0782 3436        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:27:10.0813 3436        ql2300 - ok
21:27:10.0829 3436        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:27:10.0829 3436        ql40xx - ok
21:27:10.0891 3436        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:27:10.0891 3436        QWAVE - ok
21:27:10.0922 3436        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:27:10.0922 3436        QWAVEdrv - ok
21:27:10.0969 3436        RapiMgr        (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
21:27:10.0969 3436        RapiMgr - ok
21:27:10.0985 3436        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:27:10.0985 3436        RasAcd - ok
21:27:11.0016 3436        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:27:11.0016 3436        RasAgileVpn - ok
21:27:11.0032 3436        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:27:11.0032 3436        RasAuto - ok
21:27:11.0078 3436        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:27:11.0078 3436        Rasl2tp - ok
21:27:11.0125 3436        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:27:11.0141 3436        RasMan - ok
21:27:11.0156 3436        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:27:11.0156 3436        RasPppoe - ok
21:27:11.0188 3436        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:27:11.0188 3436        RasSstp - ok
21:27:11.0234 3436        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:27:11.0234 3436        rdbss - ok
21:27:11.0250 3436        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:27:11.0250 3436        rdpbus - ok
21:27:11.0266 3436        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:27:11.0281 3436        RDPCDD - ok
21:27:11.0297 3436        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:27:11.0297 3436        RDPENCDD - ok
21:27:11.0312 3436        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:27:11.0312 3436        RDPREFMP - ok
21:27:11.0359 3436        RDPWD          (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
21:27:11.0359 3436        RDPWD - ok
21:27:11.0390 3436        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:27:11.0390 3436        rdyboost - ok
21:27:11.0422 3436        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:27:11.0422 3436        RemoteAccess - ok
21:27:11.0468 3436        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:27:11.0468 3436        RemoteRegistry - ok
21:27:11.0562 3436        RivaTuner64    (9b29bbd1427f71a854c2b400f3bbcf55) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
21:27:11.0562 3436        RivaTuner64 - ok
21:27:11.0578 3436        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:27:11.0578 3436        RpcEptMapper - ok
21:27:11.0624 3436        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:27:11.0624 3436        RpcLocator - ok
21:27:11.0671 3436        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:27:11.0671 3436        RpcSs - ok
21:27:11.0687 3436        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:27:11.0687 3436        rspndr - ok
21:27:11.0734 3436        RtlProt        (8f018e901ef4ff276fda3adaaf96c0f5) C:\Windows\system32\DRIVERS\rtlprot.sys
21:27:11.0734 3436        RtlProt - ok
21:27:11.0765 3436        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:27:11.0780 3436        SamSs - ok
21:27:11.0812 3436        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:27:11.0812 3436        sbp2port - ok
21:27:11.0827 3436        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:27:11.0827 3436        SCardSvr - ok
21:27:11.0874 3436        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:27:11.0874 3436        scfilter - ok
21:27:11.0921 3436        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:27:11.0936 3436        Schedule - ok
21:27:11.0968 3436        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:27:11.0968 3436        SCPolicySvc - ok
21:27:12.0014 3436        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:27:12.0014 3436        SDRSVC - ok
21:27:12.0030 3436        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:27:12.0030 3436        secdrv - ok
21:27:12.0061 3436        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:27:12.0077 3436        seclogon - ok
21:27:12.0108 3436        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:27:12.0108 3436        SENS - ok
21:27:12.0124 3436        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:27:12.0124 3436        SensrSvc - ok
21:27:12.0155 3436        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:27:12.0155 3436        Serenum - ok
21:27:12.0170 3436        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:27:12.0186 3436        Serial - ok
21:27:12.0217 3436        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:27:12.0217 3436        sermouse - ok
21:27:12.0311 3436        ServiceLayer    (e802089fec30a95fdfd218995308f9b3) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
21:27:12.0311 3436        ServiceLayer - ok
21:27:12.0358 3436        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:27:12.0358 3436        SessionEnv - ok
21:27:12.0404 3436        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:27:12.0404 3436        sffdisk - ok
21:27:12.0420 3436        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:27:12.0420 3436        sffp_mmc - ok
21:27:12.0451 3436        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:27:12.0451 3436        sffp_sd - ok
21:27:12.0482 3436        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:27:12.0482 3436        sfloppy - ok
21:27:12.0529 3436        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:27:12.0529 3436        SharedAccess - ok
21:27:12.0576 3436        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:27:12.0592 3436        ShellHWDetection - ok
21:27:12.0623 3436        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:27:12.0623 3436        SiSRaid2 - ok
21:27:12.0638 3436        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:27:12.0638 3436        SiSRaid4 - ok
21:27:12.0670 3436        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:27:12.0670 3436        Smb - ok
21:27:12.0748 3436        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:27:12.0748 3436        SNMPTRAP - ok
21:27:12.0763 3436        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:27:12.0763 3436        spldr - ok
21:27:12.0810 3436        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:27:12.0810 3436        Spooler - ok
21:27:12.0904 3436        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:27:12.0950 3436        sppsvc - ok
21:27:12.0966 3436        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:27:12.0966 3436        sppuinotify - ok
21:27:13.0013 3436        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:27:13.0013 3436        srv - ok
21:27:13.0044 3436        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:27:13.0044 3436        srv2 - ok
21:27:13.0060 3436        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:27:13.0060 3436        srvnet - ok
21:27:13.0091 3436        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:27:13.0091 3436        SSDPSRV - ok
21:27:13.0106 3436        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:27:13.0106 3436        SstpSvc - ok
21:27:13.0231 3436        Stereo Service  (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:27:13.0231 3436        Stereo Service - ok
21:27:13.0278 3436        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:27:13.0278 3436        stexstor - ok
21:27:13.0309 3436        StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
21:27:13.0309 3436        StillCam - ok
21:27:13.0372 3436        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:27:13.0372 3436        stisvc - ok
21:27:13.0418 3436        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:27:13.0418 3436        swenum - ok
21:27:13.0450 3436        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:27:13.0450 3436        swprv - ok
21:27:13.0512 3436        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:27:13.0528 3436        SysMain - ok
21:27:13.0574 3436        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:27:13.0574 3436        TabletInputService - ok
21:27:13.0606 3436        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:27:13.0606 3436        TapiSrv - ok
21:27:13.0637 3436        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:27:13.0652 3436        TBS - ok
21:27:13.0699 3436        Tcpip          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:27:13.0730 3436        Tcpip - ok
21:27:13.0777 3436        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:27:13.0777 3436        TCPIP6 - ok
21:27:13.0824 3436        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:27:13.0824 3436        tcpipreg - ok
21:27:13.0871 3436        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:27:13.0871 3436        TDPIPE - ok
21:27:13.0902 3436        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:27:13.0902 3436        TDTCP - ok
21:27:13.0949 3436        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:27:13.0964 3436        tdx - ok
21:27:13.0996 3436        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:27:13.0996 3436        TermDD - ok
21:27:14.0042 3436        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:27:14.0058 3436        TermService - ok
21:27:14.0089 3436        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:27:14.0089 3436        Themes - ok
21:27:14.0120 3436        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:27:14.0120 3436        THREADORDER - ok
21:27:14.0136 3436        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:27:14.0136 3436        TrkWks - ok
21:27:14.0198 3436        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:27:14.0198 3436        TrustedInstaller - ok
21:27:14.0230 3436        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:27:14.0230 3436        tssecsrv - ok
21:27:14.0292 3436        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:27:14.0292 3436        TsUsbFlt - ok
21:27:14.0339 3436        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:27:14.0339 3436        tunnel - ok
21:27:14.0386 3436        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:27:14.0386 3436        uagp35 - ok
21:27:14.0417 3436        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:27:14.0432 3436        udfs - ok
21:27:14.0464 3436        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:27:14.0464 3436        UI0Detect - ok
21:27:14.0510 3436        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:27:14.0510 3436        uliagpkx - ok
21:27:14.0526 3436        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:27:14.0526 3436        umbus - ok
21:27:14.0557 3436        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:27:14.0557 3436        UmPass - ok
21:27:14.0635 3436        UpdateCenterService - ok
21:27:14.0682 3436        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:27:14.0698 3436        upnphost - ok
21:27:14.0744 3436        upperdev        (34afb83c7bba370e404e52cc2290350c) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
21:27:14.0744 3436        upperdev - ok
21:27:14.0776 3436        USBAAPL64      (5cf1ead086176dd3348e920a40bed03d) C:\Windows\system32\Drivers\usbaapl64.sys
21:27:14.0776 3436        USBAAPL64 - ok
21:27:14.0807 3436        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:27:14.0807 3436        usbccgp - ok
21:27:14.0854 3436        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:27:14.0854 3436        usbcir - ok
21:27:14.0885 3436        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:27:14.0900 3436        usbehci - ok
21:27:14.0916 3436        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:27:14.0916 3436        usbhub - ok
21:27:14.0947 3436        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:27:14.0947 3436        usbohci - ok
21:27:14.0994 3436        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:27:14.0994 3436        usbprint - ok
21:27:15.0041 3436        usbser          (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
21:27:15.0041 3436        usbser - ok
21:27:15.0056 3436        UsbserFilt      (aa75e1efbee7186b4cbaaacf1f15e6ca) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
21:27:15.0056 3436        UsbserFilt - ok
21:27:15.0103 3436        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:27:15.0103 3436        USBSTOR - ok
21:27:15.0119 3436        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:27:15.0119 3436        usbuhci - ok
21:27:15.0150 3436        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:27:15.0150 3436        UxSms - ok
21:27:15.0166 3436        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:27:15.0166 3436        VaultSvc - ok
21:27:15.0181 3436        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:27:15.0181 3436        vdrvroot - ok
21:27:15.0228 3436        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:27:15.0244 3436        vds - ok
21:27:15.0275 3436        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:27:15.0275 3436        vga - ok
21:27:15.0290 3436        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:27:15.0290 3436        VgaSave - ok
21:27:15.0337 3436        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:27:15.0337 3436        vhdmp - ok
21:27:15.0353 3436        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:27:15.0353 3436        viaide - ok
21:27:15.0368 3436        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:27:15.0368 3436        volmgr - ok
21:27:15.0415 3436        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:27:15.0415 3436        volmgrx - ok
21:27:15.0431 3436        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:27:15.0446 3436        volsnap - ok
21:27:15.0462 3436        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:27:15.0462 3436        vsmraid - ok
21:27:15.0540 3436        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:27:15.0556 3436        VSS - ok
21:27:15.0571 3436        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:27:15.0571 3436        vwifibus - ok
21:27:15.0587 3436        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:27:15.0587 3436        vwififlt - ok
21:27:15.0634 3436        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:27:15.0634 3436        W32Time - ok
21:27:15.0649 3436        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:27:15.0649 3436        WacomPen - ok
21:27:15.0680 3436        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:27:15.0680 3436        WANARP - ok
21:27:15.0680 3436        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:27:15.0680 3436        Wanarpv6 - ok
21:27:15.0727 3436        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:27:15.0743 3436        wbengine - ok
21:27:15.0774 3436        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:27:15.0774 3436        WbioSrvc - ok
21:27:15.0899 3436        WcesComm        (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
21:27:15.0914 3436        WcesComm - ok
21:27:16.0024 3436        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:27:16.0039 3436        wcncsvc - ok
21:27:16.0055 3436        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:27:16.0055 3436        WcsPlugInService - ok
21:27:16.0070 3436        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:27:16.0070 3436        Wd - ok
21:27:16.0102 3436        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:27:16.0102 3436        Wdf01000 - ok
21:27:16.0133 3436        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:27:16.0133 3436        WdiServiceHost - ok
21:27:16.0133 3436        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:27:16.0133 3436        WdiSystemHost - ok
21:27:16.0180 3436        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:27:16.0180 3436        WebClient - ok
21:27:16.0195 3436        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:27:16.0195 3436        Wecsvc - ok
21:27:16.0211 3436        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:27:16.0226 3436        wercplsupport - ok
21:27:16.0258 3436        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:27:16.0258 3436        WerSvc - ok
21:27:16.0273 3436        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:27:16.0273 3436        WfpLwf - ok
21:27:16.0289 3436        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:27:16.0289 3436        WIMMount - ok
21:27:16.0320 3436        WinDefend - ok
21:27:16.0336 3436        WinHttpAutoProxySvc - ok
21:27:16.0398 3436        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:27:16.0398 3436        Winmgmt - ok
21:27:16.0445 3436        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:27:16.0476 3436        WinRM - ok
21:27:16.0523 3436        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:27:16.0523 3436        WinUsb - ok
21:27:16.0570 3436        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:27:16.0585 3436        Wlansvc - ok
21:27:16.0616 3436        WmBEnum        (14dc5897bc6c4e03c023ad80abb7f539) C:\Windows\system32\drivers\WmBEnum.sys
21:27:16.0616 3436        WmBEnum - ok
21:27:16.0663 3436        WmFilter        (2de0a0cea49972c82c7e9d36bd4c1247) C:\Windows\system32\drivers\WmFilter.sys
21:27:16.0663 3436        WmFilter - ok
21:27:16.0694 3436        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:27:16.0694 3436        WmiAcpi - ok
21:27:16.0757 3436        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:27:16.0757 3436        wmiApSrv - ok
21:27:16.0819 3436        WMPNetworkSvc - ok
21:27:16.0850 3436        WmVirHid        (53c12ae1183f3f7787f1f1835001ccc0) C:\Windows\system32\drivers\WmVirHid.sys
21:27:16.0850 3436        WmVirHid - ok
21:27:16.0850 3436        WmXlCore        (c807e470cca24f5e479da4872a7d2121) C:\Windows\system32\drivers\WmXlCore.sys
21:27:16.0850 3436        WmXlCore - ok
21:27:16.0866 3436        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:27:16.0882 3436        WPCSvc - ok
21:27:16.0913 3436        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:27:16.0913 3436        WPDBusEnum - ok
21:27:16.0944 3436        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:27:16.0944 3436        ws2ifsl - ok
21:27:16.0975 3436        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:27:16.0975 3436        wscsvc - ok
21:27:16.0991 3436        WSearch - ok
21:27:17.0053 3436        wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:27:17.0084 3436        wuauserv - ok
21:27:17.0131 3436        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:27:17.0131 3436        WudfPf - ok
21:27:17.0147 3436        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:27:17.0147 3436        WUDFRd - ok
21:27:17.0178 3436        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:27:17.0194 3436        wudfsvc - ok
21:27:17.0209 3436        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:27:17.0240 3436        WwanSvc - ok
21:27:17.0272 3436        yukonw7        (e1e858aef2ed420cbb7605d3eccec69a) C:\Windows\system32\DRIVERS\yk62x64.sys
21:27:17.0272 3436        yukonw7 - ok
21:27:17.0287 3436        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:27:17.0350 3436        \Device\Harddisk0\DR0 - ok
21:27:17.0350 3436        MBR (0x1B8)    (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR1
21:27:17.0381 3436        \Device\Harddisk1\DR1 - ok
21:27:17.0381 3436        Boot (0x1200)  (2ab10f777490dcdf67f38eb85017e5d0) \Device\Harddisk0\DR0\Partition0
21:27:17.0381 3436        \Device\Harddisk0\DR0\Partition0 - ok
21:27:17.0396 3436        Boot (0x1200)  (f762347ee37ee93aadfe5cd2aaa34881) \Device\Harddisk0\DR0\Partition1
21:27:17.0396 3436        \Device\Harddisk0\DR0\Partition1 - ok
21:27:17.0396 3436        Boot (0x1200)  (d89e66940ec062cfb143d8f1c3631738) \Device\Harddisk1\DR1\Partition0
21:27:17.0396 3436        \Device\Harddisk1\DR1\Partition0 - ok
21:27:17.0396 3436        ============================================================
21:27:17.0396 3436        Scan finished
21:27:17.0396 3436        ============================================================
21:27:17.0412 3164        Detected object count: 0
21:27:17.0412 3164        Actual detected object count: 0
Sieht gut aus, oder?

cosinus 03.04.2012 21:05
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Enna-AF 04.04.2012 17:00
So:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-04 17:39:29
-----------------------------
17:39:29.254    OS Version: Windows x64 6.1.7601 Service Pack 1
17:39:29.254    Number of processors: 2 586 0x170A
17:39:29.254    ComputerName: ***-PC  UserName: ***
17:39:29.581    Initialze error C000010E - driver not loaded
17:39:29.597    write error "aswCmnB.dll". Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
17:39:31.890    AVAST engine defs: 12040400
17:39:50.782    Service scanning
17:40:08.987    Modules scanning
17:40:08.987    Disk 0 trace - called modules:
17:40:08.987   
17:40:09.377    AVAST engine scan C:\Windows
17:40:11.639    AVAST engine scan C:\Windows\system32
17:42:29.263    AVAST engine scan C:\Windows\system32\drivers
17:42:39.091    AVAST engine scan C:\Users\***
17:50:57.870    AVAST engine scan C:\ProgramData
17:52:04.872    Scan finished successfully
17:52:35.589    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"
Ich habe beim ersten Mal abgebrochen, weil er seit 15min die Temporären Inet Files scannte. Danach kam dann erst die Meldung mit der .dll Datei die auf irgendetwas nicht zugreifen konnte. Beim Ersten Lauf war die nicht da. Ist aber trotzdem ohne zu Murren durchgelaufen. EInstellung war auf Quick-Scan (also nicht verändert).

(Log aus dem ersten, abgebrochenen Lauf:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-04 17:19:02
-----------------------------
17:19:02.477    OS Version: Windows x64 6.1.7601 Service Pack 1
17:19:02.477    Number of processors: 2 586 0x170A
17:19:02.477    ComputerName: ***-PC  UserName: ***
17:19:02.805    Initialize success
17:23:00.694    AVAST engine defs: 12040400
17:23:10.426    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\mv61xx1Port4Path0Target0Lun0
17:23:10.426    Disk 0 Vendor: SAMSUNG_  Size: 305245MB BusType: 8
17:23:10.442    Disk 0 MBR read successfully
17:23:10.457    Disk 0 MBR scan
17:23:10.457    Disk 0 Windows 7 default MBR code
17:23:10.457    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      150000 MB offset 2048
17:23:10.488    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      155243 MB offset 307202048
17:23:10.535    Disk 0 scanning C:\Windows\system32\drivers
17:24:21.081    Service scanning
17:24:42.234    Modules scanning
17:24:42.234    Disk 0 trace - called modules:
17:24:42.250    ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll mv61xx.sys
17:24:42.250    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049a1060]
17:24:42.266    3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> \Device\Scsi\mv61xx1Port4Path0Target0Lun0[0xfffffa800447b050]
17:27:42.640    AVAST engine scan C:\Windows
17:27:46.212    AVAST engine scan C:\Windows\system32
17:28:39.912    AVAST engine scan C:\Windows\system32\drivers
17:28:51.166    AVAST engine scan C:\Users\***
17:38:53.735    Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
17:38:53.740    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"
PS: Ich habe nochmal einen Scan gemacht. Jetzt ohne jegliche Fehler. (ich glaube ich hatte davor vergessen, als Admin auszuführen, deshalb der .dll-Fehler.

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-04 18:57:32
-----------------------------
18:57:32.667    OS Version: Windows x64 6.1.7601 Service Pack 1
18:57:32.667    Number of processors: 2 586 0x170A
18:57:32.667    ComputerName: ***-PC  UserName: ***
18:57:33.158    Initialize success
18:57:35.665    AVAST engine defs: 12040400
18:57:41.497    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\mv61xx1Port4Path0Target0Lun0
18:57:41.499    Disk 0 Vendor: SAMSUNG_  Size: 305245MB BusType: 8
18:57:41.511    Disk 0 MBR read successfully
18:57:41.512    Disk 0 MBR scan
18:57:41.515    Disk 0 Windows 7 default MBR code
18:57:41.526    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      150000 MB offset 2048
18:57:41.545    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      155243 MB offset 307202048
18:57:41.588    Disk 0 scanning C:\Windows\system32\drivers
18:57:53.687    Service scanning
18:58:12.233    Modules scanning
18:58:12.240    Disk 0 trace - called modules:
18:58:12.254    ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll mv61xx.sys
18:58:12.258    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049a1060]
18:58:12.264    3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> \Device\Scsi\mv61xx1Port4Path0Target0Lun0[0xfffffa800447b050]
18:58:12.543    AVAST engine scan C:\Windows
18:58:17.381    AVAST engine scan C:\Windows\system32
19:01:55.806    AVAST engine scan C:\Windows\system32\drivers
19:02:14.109    AVAST engine scan C:\Users\***
19:16:30.881    AVAST engine scan C:\ProgramData
19:18:02.384    Scan finished successfully
19:18:53.526    Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
19:18:53.529    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"

cosinus 04.04.2012 22:01
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Enna-AF 05.04.2012 14:50
Sodele:

SuperAntigedöns:

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 04/05/2012 at 03:45 PM

Application Version : 5.0.1146

Core Rules Database Version : 8418
Trace Rules Database Version: 6230

Scan type      : Complete Scan
Total Scan Time : 03:44:34

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned      : 661
Memory threats detected  : 0
Registry items scanned    : 71943
Registry threats detected : 0
File items scanned        : 753241
File threats detected    : 57

Adware.Tracking Cookie
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\XMPVCZS2.txt [ /adfarm1.adition.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\P65C8UQU.txt [ /atdmt.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\QTOE3651.txt [ /adbrite.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\1PGMCSO3.txt [ /doubleclick.net ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\J1M950JE.txt [ /apmebf.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\2YH45OUP.txt [ /ad.yieldmanager.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\JRUU91TP.txt [ /smartadserver.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\77SKA6NF.txt [ /mediaplex.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\8177A649.txt [ /revsci.net ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\1F87ZL3R.txt [ /ad2.adfarm1.adition.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\IVEJSE6B.txt [ /dyntracker.com ]
        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\K39RSVTR.txt [ /tracking.quisma.com ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\2DHS4V09.txt [ Cookie:***@fastclick.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\PIX4S1U0.txt [ Cookie:***@amazon-adsystem.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\KEY8IR82.txt [ Cookie:***@media6degrees.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\ROQLFVP9.txt [ Cookie:***@zanox.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\LKVWSXV3.txt [ Cookie:***@zanox-affiliate.de/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\RRSQM2YW.txt [ Cookie:***@eas.apm.emediate.eu/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\SGD09MX3.txt [ Cookie:***@ad3.adfarm1.adition.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\OFDLY8ZQ.txt [ Cookie:***@webmasterplan.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\M700FHMR.txt [ Cookie:***@track.adform.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\U3YXFLQV.txt [ Cookie:***@adform.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\53YVGEHI.txt [ Cookie:***@atdmt.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\N3AHAV5H.txt [ Cookie:***@specificclick.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\TAR49QBS.txt [ Cookie:***@ad.adition.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\2BA2K0ZZ.txt [ Cookie:***@doubleclick.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\XJWLNWAK.txt [ Cookie:***@im.banner.t-online.de/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\0B0BPR7B.txt [ Cookie:***@traffictrack.de/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\OU9MCLHZ.txt [ Cookie:***@apmebf.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\UC6J4HQJ.txt [ Cookie:***@ad.zanox.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\V2026W1P.txt [ Cookie:***@ww251.smartadserver.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\JF4TJPK3.txt [ Cookie:***@adviva.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\5SAWH9VR.txt [ Cookie:***@smartadserver.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\65RZQOJB.txt [ Cookie:***@ad.adserver01.de/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\CSXKTGOA.txt [ Cookie:***@www.googleadservices.com/pagead/conversion/1071427337/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\M3F2TC91.txt [ Cookie:***@mediaplex.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\PW8GTH6Z.txt [ Cookie:***@kontera.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\TWYHVV9H.txt [ Cookie:***@tracking.mlsat02.de/tmobile/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\ANMSBEQ9.txt [ Cookie:***@quartermedia.de/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\2IQ24FE6.txt [ Cookie:***@server.adform.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\4QSOOG4M.txt [ Cookie:***@tradedoubler.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\3FV5CDH0.txt [ Cookie:***@revsci.net/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\WQML1G7O.txt [ Cookie:***@ad2.adfarm1.adition.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\CBM3QDLR.txt [ Cookie:***@dyntracker.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\HSOXAQLS.txt [ Cookie:***@ad.dyntracker.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\X6WQ0UJM.txt [ Cookie:***@tracking.quisma.com/ ]
        C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\UPINTKZ5.txt [ Cookie:***@www.zanox-affiliate.de/ ]
        C:\USERS\***\Cookies\P65C8UQU.txt [ Cookie:***@atdmt.com/ ]
        C:\USERS\***\Cookies\QTOE3651.txt [ Cookie:***@adbrite.com/ ]
        C:\USERS\***\Cookies\1PGMCSO3.txt [ Cookie:***@doubleclick.net/ ]
        C:\USERS\***\Cookies\J1M950JE.txt [ Cookie:***@apmebf.com/ ]
        C:\USERS\***\Cookies\JRUU91TP.txt [ Cookie:***@smartadserver.com/ ]
        C:\USERS\***\Cookies\77SKA6NF.txt [ Cookie:***@mediaplex.com/ ]
        C:\USERS\***\Cookies\8177A649.txt [ Cookie:***@revsci.net/ ]
        C:\USERS\***\Cookies\1F87ZL3R.txt [ Cookie:***@ad2.adfarm1.adition.com/ ]
        C:\USERS\***\Cookies\IVEJSE6B.txt [ Cookie:***@dyntracker.com/ ]
        C:\USERS\***\Cookies\K39RSVTR.txt [ Cookie:***@tracking.quisma.com/ ]
Den Malwarebytes hab ich über jede Festplatte einzeln gemacht, da ich zwischendurch arbeiten musste.

C:\\
Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.05.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-PC [Administrator]

05.04.2012 09:55:50
mbam-log-2012-04-05 (09-55-50).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 525811
Laufzeit: 1 Stunde(n), 14 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
D:\\

Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.05.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-PC [Administrator]

05.04.2012 11:11:46
mbam-log-2012-04-05 (11-11-46).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 468115
Laufzeit: 28 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
J:\\(extern)

Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.05.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-PC [Administrator]

05.04.2012 11:47:18
mbam-log-2012-04-05 (11-47-18).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 234660
Laufzeit: 2 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Sieht gut aus, oder? Vielen Dank schonmal!:daumenhoc

cosinus 05.04.2012 14:54
Sieht ok aus, da wurden nur Cookies gefunden.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )


Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da.


Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Enna-AF 05.04.2012 15:59
Tausend dank!

System läuft, bis auf Hardwareprobleme, aber das ist ne andere Geschichte, perfekt.

Ich bin mit IE9 (64-bit)und FF11 im Internet. FF brauche ich nur, weil ich für ein paar Sachen Scripts benötige (Greasemonkey). Bei FF läuft Addblockplus und Ghostery, letzteres läuft beim IE leider nur in der 32-bit Version... einmal die Woche wird aber mit CCleaner alles gelöscht und ein bisschen faul (einloggen und so) bin ich schon:kaffee:...

Dem Forum hier werde ich auf jeden Fall treu bleiben und auch ohne selbst betroffen zu sein, öfters mal vorbeischauen!


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:51 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131