Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Spam-Versand über meinen Yahoo-Account

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 23.04.2012, 09:34   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 23.04.2012, 17:28   #17
Broid
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Hier das Posting:

18:20:23.0124 1028 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
18:20:23.0330 1028 ============================================================
18:20:23.0330 1028 Current date / time: 2012/04/23 18:20:23.0330
18:20:23.0330 1028 SystemInfo:
18:20:23.0330 1028
18:20:23.0330 1028 OS Version: 6.1.7601 ServicePack: 1.0
18:20:23.0330 1028 Product type: Workstation
18:20:23.0331 1028 ComputerName: MATTHIAS-PC
18:20:23.0331 1028 UserName: Matthias
18:20:23.0331 1028 Windows directory: C:\Windows
18:20:23.0331 1028 System windows directory: C:\Windows
18:20:23.0331 1028 Processor architecture: Intel x86
18:20:23.0331 1028 Number of processors: 2
18:20:23.0331 1028 Page size: 0x1000
18:20:23.0331 1028 Boot type: Normal boot
18:20:23.0331 1028 ============================================================
18:20:23.0953 1028 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:20:23.0964 1028 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:20:32.0117 1028 \Device\Harddisk0\DR0:
18:20:32.0132 1028 MBR partitions:
18:20:32.0132 1028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1000800, BlocksNum 0x8FDED03
18:20:32.0132 1028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9FDF503, BlocksNum 0x123C62A1
18:20:32.0146 1028 \Device\Harddisk1\DR1:
18:20:32.0146 1028 MBR partitions:
18:20:32.0146 1028 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706D70
18:20:32.0181 1028 C: <-> \Device\Harddisk0\DR0\Partition0
18:20:32.0211 1028 E: <-> \Device\Harddisk0\DR0\Partition1
18:20:32.0233 1028 L: <-> \Device\Harddisk1\DR1\Partition0
18:20:32.0233 1028 Initialize success
18:20:32.0233 1028 ============================================================
18:21:22.0397 4656 ============================================================
18:21:22.0397 4656 Scan started
18:21:22.0397 4656 Mode: Manual; SigCheck; TDLFS;
18:21:22.0397 4656 ============================================================
18:21:23.0255 4656 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:21:23.0367 4656 1394ohci - ok
18:21:23.0461 4656 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
18:21:23.0500 4656 acedrv11 - ok
18:21:23.0562 4656 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:21:23.0585 4656 ACPI - ok
18:21:23.0649 4656 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:21:23.0704 4656 AcpiPmi - ok
18:21:23.0813 4656 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
18:21:23.0832 4656 Adobe Version Cue CS3 - ok
18:21:23.0941 4656 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:21:23.0958 4656 AdobeFlashPlayerUpdateSvc - ok
18:21:24.0041 4656 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:21:24.0073 4656 adp94xx - ok
18:21:24.0115 4656 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:21:24.0139 4656 adpahci - ok
18:21:24.0167 4656 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:21:24.0188 4656 adpu320 - ok
18:21:24.0241 4656 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:21:24.0366 4656 AeLookupSvc - ok
18:21:24.0468 4656 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:21:24.0516 4656 AFD - ok
18:21:24.0560 4656 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:21:24.0578 4656 agp440 - ok
18:21:24.0623 4656 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:21:24.0642 4656 aic78xx - ok
18:21:24.0683 4656 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:21:24.0734 4656 ALG - ok
18:21:24.0788 4656 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:21:24.0804 4656 aliide - ok
18:21:24.0854 4656 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:21:24.0873 4656 amdagp - ok
18:21:24.0906 4656 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:21:24.0922 4656 amdide - ok
18:21:24.0973 4656 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:21:25.0003 4656 AmdK8 - ok
18:21:25.0036 4656 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:21:25.0076 4656 AmdPPM - ok
18:21:25.0124 4656 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:21:25.0143 4656 amdsata - ok
18:21:25.0209 4656 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:21:25.0246 4656 amdsbs - ok
18:21:25.0358 4656 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:21:25.0375 4656 amdxata - ok
18:21:25.0461 4656 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:21:25.0478 4656 AntiVirSchedulerService - ok
18:21:25.0520 4656 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:21:25.0535 4656 AntiVirService - ok
18:21:25.0619 4656 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
18:21:25.0633 4656 AOL ACS - ok
18:21:25.0739 4656 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:21:25.0790 4656 AppID - ok
18:21:25.0837 4656 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:21:25.0889 4656 AppIDSvc - ok
18:21:25.0950 4656 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
18:21:25.0996 4656 Appinfo - ok
18:21:26.0091 4656 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:21:26.0105 4656 Apple Mobile Device - ok
18:21:26.0197 4656 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:21:26.0216 4656 arc - ok
18:21:26.0248 4656 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:21:26.0266 4656 arcsas - ok
18:21:26.0369 4656 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:21:26.0394 4656 aspnet_state - ok
18:21:26.0470 4656 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:21:26.0576 4656 AsyncMac - ok
18:21:26.0635 4656 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:21:26.0652 4656 atapi - ok
18:21:26.0710 4656 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
18:21:26.0731 4656 atksgt - ok
18:21:26.0792 4656 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:21:26.0845 4656 AudioEndpointBuilder - ok
18:21:26.0875 4656 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:21:26.0916 4656 Audiosrv - ok
18:21:26.0946 4656 Automatisches LiveUpdate - Scheduler - ok
18:21:27.0062 4656 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
18:21:27.0077 4656 avgntflt - ok
18:21:27.0141 4656 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
18:21:27.0158 4656 avipbb - ok
18:21:27.0242 4656 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
18:21:27.0256 4656 avkmgr - ok
18:21:27.0311 4656 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
18:21:27.0349 4656 AxInstSV - ok
18:21:27.0418 4656 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:21:27.0461 4656 b06bdrv - ok
18:21:27.0523 4656 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:21:27.0544 4656 b57nd60x - ok
18:21:27.0590 4656 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:21:27.0634 4656 BDESVC - ok
18:21:27.0690 4656 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:21:27.0739 4656 Beep - ok
18:21:27.0826 4656 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
18:21:27.0880 4656 BFE - ok
18:21:27.0966 4656 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
18:21:28.0020 4656 BITS - ok
18:21:28.0102 4656 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:21:28.0127 4656 blbdrive - ok
18:21:28.0206 4656 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:21:28.0228 4656 Bonjour Service - ok
18:21:28.0321 4656 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:21:28.0364 4656 bowser - ok
18:21:28.0397 4656 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:21:28.0425 4656 BrFiltLo - ok
18:21:28.0492 4656 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:21:28.0530 4656 BrFiltUp - ok
18:21:28.0590 4656 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
18:21:28.0649 4656 Browser - ok
18:21:28.0706 4656 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:21:28.0764 4656 Brserid - ok
18:21:28.0800 4656 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:21:28.0834 4656 BrSerWdm - ok
18:21:28.0850 4656 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:21:28.0881 4656 BrUsbMdm - ok
18:21:28.0894 4656 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:21:28.0930 4656 BrUsbSer - ok
18:21:29.0029 4656 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:21:29.0060 4656 BTHMODEM - ok
18:21:29.0115 4656 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:21:29.0163 4656 bthserv - ok
18:21:29.0253 4656 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:21:29.0299 4656 cdfs - ok
18:21:29.0434 4656 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
18:21:29.0467 4656 cdrom - ok
18:21:29.0530 4656 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:21:29.0577 4656 CertPropSvc - ok
18:21:29.0615 4656 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:21:29.0636 4656 circlass - ok
18:21:29.0708 4656 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:21:29.0731 4656 CLFS - ok
18:21:29.0784 4656 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:21:29.0799 4656 clr_optimization_v2.0.50727_32 - ok
18:21:29.0859 4656 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:21:29.0892 4656 clr_optimization_v4.0.30319_32 - ok
18:21:29.0956 4656 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:21:29.0983 4656 CmBatt - ok
18:21:30.0036 4656 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:21:30.0052 4656 cmdide - ok
18:21:30.0105 4656 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
18:21:30.0147 4656 CNG - ok
18:21:30.0200 4656 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:21:30.0217 4656 Compbatt - ok
18:21:30.0272 4656 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:21:30.0309 4656 CompositeBus - ok
18:21:30.0389 4656 COMSysApp - ok
18:21:30.0451 4656 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:21:30.0467 4656 crcdisk - ok
18:21:30.0525 4656 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
18:21:30.0571 4656 CryptSvc - ok
18:21:30.0633 4656 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:21:30.0695 4656 DcomLaunch - ok
18:21:30.0743 4656 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:21:30.0791 4656 defragsvc - ok
18:21:30.0863 4656 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:21:30.0906 4656 DfsC - ok
18:21:31.0002 4656 dgderdrv - ok
18:21:31.0060 4656 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
18:21:31.0107 4656 Dhcp - ok
18:21:31.0179 4656 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:21:31.0231 4656 discache - ok
18:21:31.0345 4656 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:21:31.0364 4656 Disk - ok
18:21:31.0394 4656 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
18:21:31.0465 4656 Dnscache - ok
18:21:31.0541 4656 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
18:21:31.0589 4656 dot3svc - ok
18:21:31.0648 4656 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
18:21:31.0710 4656 DPS - ok
18:21:31.0820 4656 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:21:31.0847 4656 drmkaud - ok
18:21:31.0925 4656 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:21:31.0968 4656 DXGKrnl - ok
18:21:32.0011 4656 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:21:32.0063 4656 EapHost - ok
18:21:32.0237 4656 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:21:32.0362 4656 ebdrv - ok
18:21:32.0435 4656 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
18:21:32.0482 4656 EFS - ok
18:21:32.0551 4656 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:21:32.0590 4656 elxstor - ok
18:21:32.0661 4656 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:21:32.0692 4656 ErrDev - ok
18:21:32.0755 4656 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:21:32.0803 4656 EventSystem - ok
18:21:32.0902 4656 ewusbnet - ok
18:21:32.0960 4656 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:21:33.0008 4656 exfat - ok
18:21:33.0086 4656 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:21:33.0135 4656 fastfat - ok
18:21:33.0231 4656 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
18:21:33.0280 4656 Fax - ok
18:21:33.0359 4656 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:21:33.0387 4656 fdc - ok
18:21:33.0433 4656 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:21:33.0481 4656 fdPHost - ok
18:21:33.0539 4656 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:21:33.0583 4656 FDResPub - ok
18:21:33.0688 4656 FETND6V (403bedad0226653ba8d05aefc3f04a0c) C:\Windows\system32\DRIVERS\fetnd6v.sys
18:21:33.0715 4656 FETND6V - ok
18:21:33.0761 4656 FETNDIS (f5cb6cb6d12f495516be27cffccde4bf) C:\Windows\system32\DRIVERS\fetnd6.sys
18:21:33.0798 4656 FETNDIS - ok
18:21:33.0891 4656 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:21:33.0909 4656 FileInfo - ok
18:21:33.0945 4656 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:21:33.0991 4656 Filetrace - ok
18:21:34.0066 4656 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:21:34.0097 4656 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0097 4656 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
18:21:34.0190 4656 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:21:34.0208 4656 flpydisk - ok
18:21:34.0242 4656 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:21:34.0261 4656 FltMgr - ok
18:21:34.0335 4656 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
18:21:34.0410 4656 FontCache - ok
18:21:34.0455 4656 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:21:34.0469 4656 FontCache3.0.0.0 - ok
18:21:34.0542 4656 Freemake Improver (37c2ff67a2565286f1c1c1072be74678) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:21:34.0565 4656 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0565 4656 Freemake Improver - detected UnsignedFile.Multi.Generic (1)
18:21:34.0672 4656 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:21:34.0691 4656 FsDepends - ok
18:21:34.0769 4656 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS
18:21:34.0788 4656 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0788 4656 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
18:21:34.0837 4656 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
18:21:34.0854 4656 Fs_Rec - ok
18:21:34.0923 4656 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:21:34.0948 4656 fvevol - ok
18:21:35.0013 4656 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:21:35.0032 4656 gagp30kx - ok
18:21:35.0085 4656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:21:35.0097 4656 GEARAspiWDM - ok
18:21:35.0154 4656 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
18:21:35.0218 4656 gpsvc - ok
18:21:35.0315 4656 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:21:35.0357 4656 hcw85cir - ok
18:21:35.0455 4656 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:21:35.0502 4656 HdAudAddService - ok
18:21:35.0576 4656 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:21:35.0608 4656 HDAudBus - ok
18:21:35.0640 4656 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:21:35.0673 4656 HidBatt - ok
18:21:35.0756 4656 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:21:35.0791 4656 HidBth - ok
18:21:35.0832 4656 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:21:35.0853 4656 HidIr - ok
18:21:35.0894 4656 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
18:21:35.0944 4656 hidserv - ok
18:21:36.0064 4656 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
18:21:36.0082 4656 HidUsb - ok
18:21:36.0132 4656 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
18:21:36.0181 4656 hkmsvc - ok
18:21:36.0243 4656 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
18:21:36.0289 4656 HomeGroupListener - ok
18:21:36.0336 4656 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
18:21:36.0373 4656 HomeGroupProvider - ok
18:21:36.0443 4656 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:21:36.0461 4656 HpSAMD - ok
18:21:36.0527 4656 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:21:36.0573 4656 HTTP - ok
18:21:36.0617 4656 hwdatacard - ok
18:21:36.0670 4656 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:21:36.0690 4656 hwpolicy - ok
18:21:36.0733 4656 hwusbdev - ok
18:21:36.0797 4656 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:21:36.0831 4656 i8042prt - ok
18:21:36.0904 4656 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:21:36.0929 4656 iaStorV - ok
18:21:37.0008 4656 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:21:37.0029 4656 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:21:37.0030 4656 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:21:37.0138 4656 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:21:37.0187 4656 idsvc - ok
18:21:37.0256 4656 IGDCTRL (e28602c9e17b0ddce9f5deb3b3e2a635) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
18:21:37.0270 4656 IGDCTRL - ok
18:21:37.0375 4656 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:21:37.0394 4656 iirsp - ok
18:21:37.0453 4656 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
18:21:37.0517 4656 IKEEXT - ok
18:21:37.0663 4656 IntcAzAudAddService (4a705bf2a6f7972f2f2ad8a0d8079f95) C:\Windows\system32\drivers\RTKVHDA.sys
18:21:37.0741 4656 IntcAzAudAddService - ok
18:21:37.0846 4656 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:21:37.0863 4656 intelide - ok
18:21:37.0901 4656 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:21:37.0935 4656 intelppm - ok
18:21:38.0004 4656 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:21:38.0043 4656 IPBusEnum - ok
18:21:38.0116 4656 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:21:38.0168 4656 IpFilterDriver - ok
18:21:38.0246 4656 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
18:21:38.0313 4656 iphlpsvc - ok
18:21:38.0375 4656 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:21:38.0408 4656 IPMIDRV - ok
18:21:38.0452 4656 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:21:38.0505 4656 IPNAT - ok
18:21:38.0606 4656 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
18:21:38.0635 4656 iPod Service - ok
18:21:38.0735 4656 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:21:38.0756 4656 IRENUM - ok
18:21:38.0794 4656 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:21:38.0812 4656 isapnp - ok
18:21:38.0843 4656 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:21:38.0866 4656 iScsiPrt - ok
18:21:38.0912 4656 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:21:38.0929 4656 kbdclass - ok
18:21:38.0969 4656 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
18:21:38.0999 4656 kbdhid - ok
18:21:39.0033 4656 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:39.0050 4656 KeyIso - ok
18:21:39.0091 4656 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
18:21:39.0109 4656 KSecDD - ok
18:21:39.0147 4656 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
18:21:39.0167 4656 KSecPkg - ok
18:21:39.0229 4656 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:21:39.0287 4656 KtmRm - ok
18:21:39.0379 4656 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
18:21:39.0432 4656 LanmanServer - ok
18:21:39.0486 4656 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
18:21:39.0524 4656 LanmanWorkstation - ok
18:21:39.0611 4656 LightScribeService (ccad2aae36e24346488b0f54a049de78) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:21:39.0624 4656 LightScribeService - ok
18:21:39.0716 4656 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
18:21:39.0730 4656 lirsgt - ok
18:21:39.0783 4656 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:21:39.0829 4656 lltdio - ok
18:21:39.0895 4656 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:21:39.0937 4656 lltdsvc - ok
18:21:39.0960 4656 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:21:40.0012 4656 lmhosts - ok
18:21:40.0074 4656 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:21:40.0093 4656 LSI_FC - ok
18:21:40.0130 4656 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:21:40.0150 4656 LSI_SAS - ok
18:21:40.0194 4656 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:21:40.0212 4656 LSI_SAS2 - ok
18:21:40.0247 4656 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:21:40.0267 4656 LSI_SCSI - ok
18:21:40.0308 4656 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:21:40.0345 4656 luafv - ok
18:21:40.0396 4656 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:21:40.0414 4656 megasas - ok
18:21:40.0445 4656 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:21:40.0468 4656 MegaSR - ok
18:21:40.0504 4656 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:21:40.0574 4656 MMCSS - ok
18:21:40.0667 4656 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:21:40.0720 4656 Modem - ok
18:21:40.0802 4656 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:21:40.0834 4656 monitor - ok
18:21:40.0888 4656 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:21:40.0907 4656 mouclass - ok
18:21:40.0961 4656 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:21:40.0997 4656 mouhid - ok
18:21:41.0071 4656 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:21:41.0088 4656 mountmgr - ok
18:21:41.0145 4656 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:21:41.0165 4656 mpio - ok
18:21:41.0205 4656 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:21:41.0249 4656 mpsdrv - ok
18:21:41.0330 4656 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
18:21:41.0395 4656 MpsSvc - ok
18:21:41.0450 4656 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:21:41.0475 4656 MRxDAV - ok
18:21:41.0556 4656 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:21:41.0591 4656 mrxsmb - ok
18:21:41.0628 4656 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:21:41.0664 4656 mrxsmb10 - ok
18:21:41.0720 4656 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:21:41.0754 4656 mrxsmb20 - ok
18:21:41.0806 4656 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:21:41.0824 4656 msahci - ok
18:21:41.0858 4656 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:21:41.0877 4656 msdsm - ok
18:21:41.0910 4656 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:21:41.0944 4656 MSDTC - ok
18:21:42.0039 4656 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:21:42.0075 4656 Msfs - ok
18:21:42.0097 4656 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:21:42.0143 4656 mshidkmdf - ok
18:21:42.0197 4656 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:21:42.0213 4656 msisadrv - ok
18:21:42.0272 4656 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:21:42.0319 4656 MSiSCSI - ok
18:21:42.0360 4656 msiserver - ok
18:21:42.0453 4656 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:21:42.0505 4656 MSKSSRV - ok
18:21:42.0608 4656 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:21:42.0652 4656 MSPCLOCK - ok
18:21:42.0748 4656 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:21:42.0799 4656 MSPQM - ok
18:21:42.0871 4656 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:21:42.0891 4656 MsRPC - ok
18:21:42.0953 4656 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:21:42.0970 4656 mssmbios - ok
18:21:43.0054 4656 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:21:43.0090 4656 MSTEE - ok
18:21:43.0155 4656 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:21:43.0181 4656 MTConfig - ok
18:21:43.0249 4656 MTSBDA (f87e160bed37ad7e2e5394cf4bce7839) C:\Windows\system32\Drivers\MtsBda.sys
18:21:43.0267 4656 MTSBDA - ok
18:21:43.0311 4656 MtsHID (dae8572b995a67e90633a28d7b204a4f) C:\Windows\system32\drivers\MtsHID.sys
18:21:43.0324 4656 MtsHID - ok
18:21:43.0370 4656 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:21:43.0387 4656 Mup - ok
18:21:43.0430 4656 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
18:21:43.0496 4656 napagent - ok
18:21:43.0600 4656 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:21:43.0627 4656 NativeWifiP - ok
18:21:43.0743 4656 NBService (5836b9e91863a00ec1b8e785efd86ecb) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:21:43.0790 4656 NBService - ok
18:21:43.0889 4656 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:21:43.0927 4656 NDIS - ok
18:21:43.0972 4656 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:21:44.0021 4656 NdisCap - ok
18:21:44.0115 4656 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:21:44.0161 4656 NdisTapi - ok
18:21:44.0275 4656 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:21:44.0319 4656 Ndisuio - ok
18:21:44.0392 4656 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:21:44.0437 4656 NdisWan - ok
18:21:44.0491 4656 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:21:44.0527 4656 NDProxy - ok
18:21:44.0590 4656 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:21:44.0643 4656 NetBIOS - ok
18:21:44.0740 4656 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:21:44.0791 4656 NetBT - ok
18:21:44.0863 4656 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:44.0881 4656 Netlogon - ok
18:21:44.0939 4656 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:21:45.0000 4656 Netman - ok
18:21:45.0109 4656 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0132 4656 NetMsmqActivator - ok
18:21:45.0175 4656 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0193 4656 NetPipeActivator - ok
18:21:45.0274 4656 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:21:45.0341 4656 netprofm - ok
18:21:45.0443 4656 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0458 4656 NetTcpActivator - ok
18:21:45.0464 4656 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0480 4656 NetTcpPortSharing - ok
18:21:45.0556 4656 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:21:45.0576 4656 nfrd960 - ok
18:21:45.0617 4656 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
18:21:45.0677 4656 NlaSvc - ok
18:21:45.0771 4656 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:21:45.0791 4656 NMIndexingService - ok
18:21:45.0827 4656 NovacomD (085440078813949c51c33589557bfd29) C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
18:21:45.0845 4656 NovacomD ( UnsignedFile.Multi.Generic ) - warning
18:21:45.0845 4656 NovacomD - detected UnsignedFile.Multi.Generic (1)
18:21:45.0965 4656 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
18:21:45.0978 4656 NPF - ok
18:21:46.0041 4656 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:21:46.0087 4656 Npfs - ok
18:21:46.0146 4656 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:21:46.0203 4656 nsi - ok
18:21:46.0251 4656 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:21:46.0301 4656 nsiproxy - ok
18:21:46.0385 4656 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:21:46.0453 4656 Ntfs - ok
18:21:46.0498 4656 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:21:46.0535 4656 Null - ok
18:21:46.0829 4656 nvlddmkm (847b1755f7757f825305a1ffe6dac3e9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:21:47.0080 4656 nvlddmkm - ok
18:21:47.0189 4656 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:21:47.0209 4656 nvraid - ok
18:21:47.0232 4656 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:21:47.0252 4656 nvstor - ok
18:21:47.0332 4656 nvsvc (7c732aff202dcd06c3d262966d71604c) C:\Windows\system32\nvvsvc.exe
18:21:47.0363 4656 nvsvc - ok
18:21:47.0508 4656 nvUpdatusService (262d2fbf211a88dcb84249df0f6ef6e7) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:21:47.0591 4656 nvUpdatusService - ok
18:21:47.0681 4656 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:21:47.0701 4656 nv_agp - ok
18:21:47.0783 4656 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:21:47.0809 4656 odserv - ok
18:21:47.0908 4656 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:21:47.0941 4656 ohci1394 - ok
18:21:48.0015 4656 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:21:48.0033 4656 ose - ok
18:21:48.0103 4656 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:21:48.0131 4656 p2pimsvc - ok
18:21:48.0154 4656 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:21:48.0180 4656 p2psvc - ok
18:21:48.0268 4656 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:21:48.0297 4656 Parport - ok
18:21:48.0359 4656 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:21:48.0376 4656 partmgr - ok
18:21:48.0422 4656 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:21:48.0456 4656 Parvdm - ok
18:21:48.0513 4656 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:21:48.0539 4656 PcaSvc - ok
18:21:48.0586 4656 pccsmcfd - ok
18:21:48.0624 4656 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:21:48.0644 4656 pci - ok
18:21:48.0703 4656 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:21:48.0719 4656 pciide - ok
18:21:48.0783 4656 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:21:48.0804 4656 pcmcia - ok
18:21:48.0851 4656 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:21:48.0869 4656 pcw - ok
18:21:48.0902 4656 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:21:48.0969 4656 PEAUTH - ok
18:21:49.0077 4656 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys
18:21:49.0092 4656 pfc ( UnsignedFile.Multi.Generic ) - warning
18:21:49.0092 4656 pfc - detected UnsignedFile.Multi.Generic (1)
18:21:49.0172 4656 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
18:21:49.0268 4656 pla - ok
18:21:49.0358 4656 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
18:21:49.0391 4656 PlugPlay - ok
18:21:49.0431 4656 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:21:49.0461 4656 PNRPAutoReg - ok
18:21:49.0510 4656 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:21:49.0535 4656 PNRPsvc - ok
18:21:49.0605 4656 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
18:21:49.0655 4656 PolicyAgent - ok
18:21:49.0720 4656 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
18:21:49.0774 4656 Power - ok
18:21:49.0848 4656 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:21:49.0897 4656 PptpMiniport - ok
18:21:49.0971 4656 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:21:50.0004 4656 Processor - ok
18:21:50.0057 4656 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
18:21:50.0096 4656 ProfSvc - ok
18:21:50.0161 4656 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:50.0179 4656 ProtectedStorage - ok
18:21:50.0239 4656 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:21:50.0278 4656 Psched - ok
18:21:50.0341 4656 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
18:21:50.0360 4656 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
18:21:50.0360 4656 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
18:21:50.0448 4656 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:21:50.0515 4656 ql2300 - ok
18:21:50.0590 4656 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:21:50.0610 4656 ql40xx - ok
18:21:50.0658 4656 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:21:50.0694 4656 QWAVE - ok
18:21:50.0755 4656 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:21:50.0778 4656 QWAVEdrv - ok
18:21:50.0817 4656 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:21:50.0883 4656 RasAcd - ok
18:21:50.0969 4656 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:21:51.0017 4656 RasAgileVpn - ok
18:21:51.0078 4656 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:21:51.0117 4656 RasAuto - ok
18:21:51.0215 4656 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:21:51.0261 4656 Rasl2tp - ok
18:21:51.0346 4656 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
18:21:51.0398 4656 RasMan - ok
18:21:51.0474 4656 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:21:51.0527 4656 RasPppoe - ok
18:21:51.0625 4656 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:21:51.0670 4656 RasSstp - ok
18:21:51.0764 4656 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:21:51.0811 4656 rdbss - ok
18:21:51.0875 4656 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:21:51.0905 4656 rdpbus - ok
18:21:51.0957 4656 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:21:52.0000 4656 RDPCDD - ok
18:21:52.0105 4656 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:21:52.0151 4656 RDPENCDD - ok
18:21:52.0221 4656 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:21:52.0264 4656 RDPREFMP - ok
18:21:52.0339 4656 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
18:21:52.0370 4656 RDPWD - ok
18:21:52.0438 4656 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:21:52.0459 4656 rdyboost - ok
18:21:52.0496 4656 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:21:52.0532 4656 RemoteAccess - ok
18:21:52.0596 4656 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:21:52.0636 4656 RemoteRegistry - ok
18:21:52.0754 4656 RichVideo (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:21:52.0773 4656 RichVideo - ok
18:21:52.0867 4656 RoxMediaDB9 (9c19e4419a6acf8fff53f1dd1c305e9e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:21:52.0916 4656 RoxMediaDB9 - ok
18:21:52.0950 4656 RoxWatch9 (9d95da35ec22511a1ceb38a8c3a0bc7e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
18:21:52.0965 4656 RoxWatch9 - ok
18:21:53.0020 4656 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
18:21:53.0036 4656 rpcapd - ok
18:21:53.0106 4656 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:21:53.0153 4656 RpcEptMapper - ok
18:21:53.0213 4656 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:21:53.0247 4656 RpcLocator - ok
18:21:53.0289 4656 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:21:53.0332 4656 RpcSs - ok
18:21:53.0426 4656 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:21:53.0472 4656 rspndr - ok
18:21:53.0569 4656 RTL8187 (99c27fceb21347daf3ee9e8c205314d6) C:\Windows\system32\DRIVERS\wg111v2.sys
18:21:53.0611 4656 RTL8187 - ok
18:21:53.0659 4656 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:53.0679 4656 SamSs - ok
18:21:53.0745 4656 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:21:53.0765 4656 sbp2port - ok
18:21:53.0801 4656 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:21:53.0855 4656 SCardSvr - ok
18:21:53.0943 4656 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:21:53.0992 4656 scfilter - ok
18:21:54.0045 4656 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
18:21:54.0118 4656 Schedule - ok
18:21:54.0191 4656 SCMNdisP (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys
18:21:54.0205 4656 SCMNdisP - ok
18:21:54.0255 4656 SCM_Service (42660bbed859ac22dfd12ae598a8ffaa) C:\Windows\System32\WinService.exe
18:21:54.0277 4656 SCM_Service ( UnsignedFile.Multi.Generic ) - warning
18:21:54.0277 4656 SCM_Service - detected UnsignedFile.Multi.Generic (1)
18:21:54.0334 4656 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:21:54.0370 4656 SCPolicySvc - ok
18:21:54.0416 4656 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
18:21:54.0458 4656 SDRSVC - ok
18:21:54.0511 4656 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:21:54.0547 4656 secdrv - ok
18:21:54.0608 4656 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:21:54.0661 4656 seclogon - ok
18:21:54.0707 4656 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
18:21:54.0760 4656 SENS - ok
18:21:54.0825 4656 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:21:54.0867 4656 SensrSvc - ok
18:21:54.0925 4656 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:21:54.0952 4656 Serenum - ok
18:21:55.0012 4656 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:21:55.0040 4656 Serial - ok
18:21:55.0093 4656 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:21:55.0126 4656 sermouse - ok
18:21:55.0191 4656 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
18:21:55.0228 4656 SessionEnv - ok
18:21:55.0309 4656 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:21:55.0336 4656 sffdisk - ok
18:21:55.0357 4656 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:21:55.0389 4656 sffp_mmc - ok
18:21:55.0463 4656 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:21:55.0486 4656 sffp_sd - ok
18:21:55.0536 4656 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:21:55.0562 4656 sfloppy - ok
18:21:55.0629 4656 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:21:55.0686 4656 SharedAccess - ok
18:21:55.0766 4656 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
18:21:55.0819 4656 ShellHWDetection - ok
18:21:55.0879 4656 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:21:55.0898 4656 sisagp - ok
18:21:55.0974 4656 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:21:55.0992 4656 SiSRaid2 - ok
18:21:56.0015 4656 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:21:56.0035 4656 SiSRaid4 - ok
18:21:56.0072 4656 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:21:56.0110 4656 Smb - ok
18:21:56.0195 4656 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:21:56.0215 4656 SNMPTRAP - ok
18:21:56.0305 4656 SplashtopRemoteService (ccf611a259882d8cf4dbabae2341ee31) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
18:21:56.0331 4656 SplashtopRemoteService - ok
18:21:56.0421 4656 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:21:56.0439 4656 spldr - ok
18:21:56.0496 4656 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
18:21:56.0563 4656 Spooler - ok
18:21:56.0711 4656 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
18:21:56.0838 4656 sppsvc - ok
18:21:56.0901 4656 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
18:21:56.0952 4656 sppuinotify - ok
18:21:57.0012 4656 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:21:57.0057 4656 srv - ok
18:21:57.0109 4656 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:21:57.0139 4656 srv2 - ok
18:21:57.0218 4656 SrvCDEject (9e0e4c777bf358b7863d22a8ca56b189) C:\Program Files\Packard Bell\SrvCDEject.exe
18:21:57.0245 4656 SrvCDEject ( UnsignedFile.Multi.Generic ) - warning
18:21:57.0245 4656 SrvCDEject - detected UnsignedFile.Multi.Generic (1)
18:21:57.0339 4656 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:21:57.0358 4656 srvnet - ok
18:21:57.0395 4656 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:21:57.0435 4656 SSDPSRV - ok
18:21:57.0514 4656 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:21:57.0526 4656 ssmdrv - ok
18:21:57.0558 4656 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:21:57.0597 4656 SstpSvc - ok
18:21:57.0686 4656 SSUService (1cfa4a1f3c7bb4c8f299e00428eb8677) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
18:21:57.0707 4656 SSUService - ok
18:21:57.0773 4656 Steam Client Service - ok
18:21:57.0864 4656 Stereo Service (a2abc52cd8a5b60262b220a17a92eb31) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:21:57.0883 4656 Stereo Service - ok
18:21:57.0980 4656 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:21:57.0997 4656 stexstor - ok
18:21:58.0041 4656 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
18:21:58.0092 4656 StiSvc - ok
18:21:58.0164 4656 stllssvr (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:21:58.0184 4656 stllssvr ( UnsignedFile.Multi.Generic ) - warning
18:21:58.0184 4656 stllssvr - detected UnsignedFile.Multi.Generic (1)
18:21:58.0287 4656 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:21:58.0303 4656 swenum - ok
18:21:58.0341 4656 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:21:58.0396 4656 swprv - ok
18:21:58.0478 4656 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
18:21:58.0541 4656 SysMain - ok
18:21:58.0586 4656 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
18:21:58.0613 4656 TabletInputService - ok
18:21:58.0666 4656 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
18:21:58.0731 4656 TapiSrv - ok
18:21:58.0791 4656 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:21:58.0845 4656 TBS - ok
18:21:58.0977 4656 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
18:21:59.0043 4656 Tcpip - ok
18:21:59.0161 4656 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
18:21:59.0205 4656 TCPIP6 - ok
18:21:59.0300 4656 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:21:59.0351 4656 tcpipreg - ok
18:21:59.0445 4656 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:21:59.0471 4656 TDPIPE - ok
18:21:59.0515 4656 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
18:21:59.0549 4656 TDTCP - ok
18:21:59.0629 4656 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:21:59.0676 4656 tdx - ok
18:21:59.0819 4656 TeamViewer5 (2a64c802f4c8aa00ac8472c771688e00) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
18:21:59.0908 4656 TeamViewer5 - ok
18:22:00.0014 4656 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:22:00.0035 4656 TermDD - ok
18:22:00.0096 4656 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
18:22:00.0142 4656 TermService - ok
18:22:00.0217 4656 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:22:00.0243 4656 Themes - ok
18:22:00.0278 4656 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:22:00.0315 4656 THREADORDER - ok
18:22:00.0381 4656 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:22:00.0436 4656 TrkWks - ok
18:22:00.0483 4656 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
18:22:00.0531 4656 TrustedInstaller - ok
18:22:00.0612 4656 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:22:00.0647 4656 tssecsrv - ok
18:22:00.0738 4656 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:22:00.0760 4656 TsUsbFlt - ok
18:22:00.0812 4656 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:22:00.0849 4656 tunnel - ok
18:22:00.0890 4656 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:22:00.0908 4656 uagp35 - ok
18:22:00.0949 4656 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:22:00.0997 4656 udfs - ok
18:22:01.0072 4656 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:22:01.0106 4656 UI0Detect - ok
18:22:01.0175 4656 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:22:01.0193 4656 uliagpkx - ok
18:22:01.0256 4656 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:22:01.0284 4656 umbus - ok
18:22:01.0339 4656 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:22:01.0368 4656 UmPass - ok
18:22:01.0425 4656 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:22:01.0479 4656 upnphost - ok
18:22:01.0541 4656 USB28xxBGA (599a5d2f536f64ff4502f9b0d61e57c6) C:\Windows\system32\DRIVERS\emBDA.sys
18:22:01.0574 4656 USB28xxBGA - ok
18:22:01.0680 4656 USB28xxOEM (6ec3f4024514ce503789e80833b452a8) C:\Windows\system32\DRIVERS\emOEM.sys
18:22:01.0708 4656 USB28xxOEM - ok
18:22:01.0758 4656 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
18:22:01.0798 4656 USBAAPL - ok
18:22:01.0886 4656 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
18:22:01.0918 4656 usbaudio - ok
18:22:01.0972 4656 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
18:22:02.0002 4656 usbccgp - ok
18:22:02.0056 4656 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:22:02.0078 4656 usbcir - ok
18:22:02.0133 4656 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:22:02.0152 4656 usbehci - ok
18:22:02.0229 4656 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:22:02.0266 4656 usbhub - ok
18:22:02.0310 4656 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
18:22:02.0328 4656 usbohci - ok
18:22:02.0374 4656 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:22:02.0395 4656 usbprint - ok
18:22:02.0439 4656 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
18:22:02.0469 4656 usbscan - ok
18:22:02.0525 4656 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:22:02.0567 4656 USBSTOR - ok
18:22:02.0645 4656 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:22:02.0663 4656 usbuhci - ok
18:22:02.0702 4656 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:22:02.0750 4656 UxSms - ok
18:22:02.0821 4656 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:22:02.0839 4656 VaultSvc - ok
18:22:02.0925 4656 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:22:02.0943 4656 vdrvroot - ok
18:22:03.0000 4656 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
18:22:03.0052 4656 vds - ok
18:22:03.0154 4656 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:22:03.0174 4656 vga - ok
18:22:03.0223 4656 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:22:03.0260 4656 VgaSave - ok
18:22:03.0363 4656 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:22:03.0384 4656 vhdmp - ok
18:22:03.0428 4656 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:22:03.0447 4656 viaagp - ok
18:22:03.0505 4656 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:22:03.0533 4656 ViaC7 - ok
18:22:03.0590 4656 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:22:03.0610 4656 viaide - ok
18:22:03.0649 4656 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:22:03.0666 4656 volmgr - ok
18:22:03.0734 4656 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:22:03.0757 4656 volmgrx - ok
18:22:03.0816 4656 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:22:03.0836 4656 volsnap - ok
18:22:03.0891 4656 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:22:03.0912 4656 vsmraid - ok
18:22:03.0984 4656 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
18:22:04.0054 4656 VSS - ok
18:22:04.0129 4656 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
18:22:04.0162 4656 vwifibus - ok
18:22:04.0225 4656 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:22:04.0268 4656 W32Time - ok
18:22:04.0351 4656 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:22:04.0381 4656 WacomPen - ok
18:22:04.0481 4656 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:22:04.0516 4656 WANARP - ok
18:22:04.0540 4656 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:22:04.0573 4656 Wanarpv6 - ok
18:22:04.0638 4656 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
18:22:04.0718 4656 wbengine - ok
18:22:04.0795 4656 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:22:04.0849 4656 WbioSrvc - ok
18:22:04.0894 4656 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
18:22:04.0945 4656 wcncsvc - ok
18:22:04.0974 4656 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:22:05.0021 4656 WcsPlugInService - ok
18:22:05.0084 4656 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:22:05.0102 4656 Wd - ok
18:22:05.0148 4656 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:22:05.0185 4656 Wdf01000 - ok
18:22:05.0256 4656 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:22:05.0299 4656 WdiServiceHost - ok
18:22:05.0315 4656 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:22:05.0339 4656 WdiSystemHost - ok
18:22:05.0416 4656 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
18:22:05.0459 4656 WebClient - ok
18:22:05.0494 4656 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:22:05.0536 4656 Wecsvc - ok
18:22:05.0585 4656 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:22:05.0636 4656 wercplsupport - ok
18:22:05.0739 4656 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:22:05.0779 4656 WerSvc - ok
18:22:05.0849 4656 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:22:05.0885 4656 WfpLwf - ok
18:22:05.0944 4656 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:22:05.0961 4656 WIMMount - ok
18:22:06.0029 4656 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:22:06.0082 4656 WinDefend - ok
18:22:06.0094 4656 WinHttpAutoProxySvc - ok
18:22:06.0203 4656 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:22:06.0250 4656 Winmgmt - ok
18:22:06.0320 4656 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
18:22:06.0407 4656 WinRM - ok
18:22:06.0530 4656 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
18:22:06.0559 4656 WinUsb - ok
18:22:06.0609 4656 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:22:06.0659 4656 Wlansvc - ok
18:22:06.0772 4656 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:22:06.0838 4656 wlidsvc - ok
18:22:06.0934 4656 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:22:06.0954 4656 WmiAcpi - ok
18:22:07.0036 4656 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:22:07.0056 4656 wmiApSrv - ok
18:22:07.0143 4656 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:22:07.0208 4656 WMPNetworkSvc - ok
18:22:07.0271 4656 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:22:07.0300 4656 WPCSvc - ok
18:22:07.0341 4656 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
18:22:07.0378 4656 WPDBusEnum - ok
18:22:07.0477 4656 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:22:07.0526 4656 ws2ifsl - ok
18:22:07.0584 4656 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
18:22:07.0623 4656 wscsvc - ok
18:22:07.0635 4656 WSearch - ok
18:22:07.0724 4656 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
18:22:07.0821 4656 wuauserv - ok
18:22:07.0871 4656 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:22:07.0909 4656 WudfPf - ok
18:22:08.0011 4656 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:22:08.0047 4656 WUDFRd - ok
18:22:08.0125 4656 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
18:22:08.0164 4656 wudfsvc - ok
18:22:08.0213 4656 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:22:08.0254 4656 WwanSvc - ok
18:22:08.0316 4656 xusb21 (c26c68bcbac1f33f890c226769759209) C:\Windows\system32\DRIVERS\xusb21.sys
18:22:08.0344 4656 xusb21 - ok
18:22:08.0379 4656 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:22:08.0517 4656 \Device\Harddisk0\DR0 - ok
18:22:08.0523 4656 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
18:22:08.0627 4656 \Device\Harddisk1\DR1 - ok
18:22:08.0649 4656 Boot (0x1200) (2161ede224ba40d5a38958512178ff54) \Device\Harddisk0\DR0\Partition0
18:22:08.0650 4656 \Device\Harddisk0\DR0\Partition0 - ok
18:22:08.0655 4656 Boot (0x1200) (b9709801f07bfef5ac160c75a705b7c0) \Device\Harddisk0\DR0\Partition1
18:22:08.0657 4656 \Device\Harddisk0\DR0\Partition1 - ok
18:22:08.0665 4656 Boot (0x1200) (f55078df5ffb4d1cc2922c6214e153e6) \Device\Harddisk1\DR1\Partition0
18:22:08.0666 4656 \Device\Harddisk1\DR1\Partition0 - ok
18:22:08.0668 4656 ============================================================
18:22:08.0668 4656 Scan finished
18:22:08.0668 4656 ============================================================
18:22:08.0697 2512 Detected object count: 10
18:22:08.0697 2512 Actual detected object count: 10
__________________


Alt 23.04.2012, 21:18   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Poste die Logs bitte in CODE-Tags umschlossen!
Das TDSS-Killer-Log ist unvollständig, die untere Zusammenfassung fehlt
__________________
__________________

Alt 23.04.2012, 21:34   #19
Broid
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Okay, sorry. Ist mir nicht aufgefallen, dass etwas fehlt. Hier nun vollständig und als Code

Code:
ATTFilter
18:20:23.0124 1028	TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
18:20:23.0330 1028	============================================================
18:20:23.0330 1028	Current date / time: 2012/04/23 18:20:23.0330
18:20:23.0330 1028	SystemInfo:
18:20:23.0330 1028	
18:20:23.0330 1028	OS Version: 6.1.7601 ServicePack: 1.0
18:20:23.0330 1028	Product type: Workstation
18:20:23.0331 1028	ComputerName: MATTHIAS-PC
18:20:23.0331 1028	UserName: Matthias
18:20:23.0331 1028	Windows directory: C:\Windows
18:20:23.0331 1028	System windows directory: C:\Windows
18:20:23.0331 1028	Processor architecture: Intel x86
18:20:23.0331 1028	Number of processors: 2
18:20:23.0331 1028	Page size: 0x1000
18:20:23.0331 1028	Boot type: Normal boot
18:20:23.0331 1028	============================================================
18:20:23.0953 1028	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:20:23.0964 1028	Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:20:32.0117 1028	\Device\Harddisk0\DR0:
18:20:32.0132 1028	MBR partitions:
18:20:32.0132 1028	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1000800, BlocksNum 0x8FDED03
18:20:32.0132 1028	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9FDF503, BlocksNum 0x123C62A1
18:20:32.0146 1028	\Device\Harddisk1\DR1:
18:20:32.0146 1028	MBR partitions:
18:20:32.0146 1028	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706D70
18:20:32.0181 1028	C: <-> \Device\Harddisk0\DR0\Partition0
18:20:32.0211 1028	E: <-> \Device\Harddisk0\DR0\Partition1
18:20:32.0233 1028	L: <-> \Device\Harddisk1\DR1\Partition0
18:20:32.0233 1028	Initialize success
18:20:32.0233 1028	============================================================
18:21:22.0397 4656	============================================================
18:21:22.0397 4656	Scan started
18:21:22.0397 4656	Mode: Manual; SigCheck; TDLFS; 
18:21:22.0397 4656	============================================================
18:21:23.0255 4656	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:21:23.0367 4656	1394ohci - ok
18:21:23.0461 4656	acedrv11        (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys
18:21:23.0500 4656	acedrv11 - ok
18:21:23.0562 4656	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:21:23.0585 4656	ACPI - ok
18:21:23.0649 4656	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:21:23.0704 4656	AcpiPmi - ok
18:21:23.0813 4656	Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
18:21:23.0832 4656	Adobe Version Cue CS3 - ok
18:21:23.0941 4656	AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:21:23.0958 4656	AdobeFlashPlayerUpdateSvc - ok
18:21:24.0041 4656	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:21:24.0073 4656	adp94xx - ok
18:21:24.0115 4656	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:21:24.0139 4656	adpahci - ok
18:21:24.0167 4656	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:21:24.0188 4656	adpu320 - ok
18:21:24.0241 4656	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:21:24.0366 4656	AeLookupSvc - ok
18:21:24.0468 4656	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:21:24.0516 4656	AFD - ok
18:21:24.0560 4656	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:21:24.0578 4656	agp440 - ok
18:21:24.0623 4656	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:21:24.0642 4656	aic78xx - ok
18:21:24.0683 4656	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:21:24.0734 4656	ALG - ok
18:21:24.0788 4656	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:21:24.0804 4656	aliide - ok
18:21:24.0854 4656	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:21:24.0873 4656	amdagp - ok
18:21:24.0906 4656	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:21:24.0922 4656	amdide - ok
18:21:24.0973 4656	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:21:25.0003 4656	AmdK8 - ok
18:21:25.0036 4656	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:21:25.0076 4656	AmdPPM - ok
18:21:25.0124 4656	amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:21:25.0143 4656	amdsata - ok
18:21:25.0209 4656	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:21:25.0246 4656	amdsbs - ok
18:21:25.0358 4656	amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:21:25.0375 4656	amdxata - ok
18:21:25.0461 4656	AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:21:25.0478 4656	AntiVirSchedulerService - ok
18:21:25.0520 4656	AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:21:25.0535 4656	AntiVirService - ok
18:21:25.0619 4656	AOL ACS         (85180cf88c5ebad73b452a43a004ca51) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
18:21:25.0633 4656	AOL ACS - ok
18:21:25.0739 4656	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:21:25.0790 4656	AppID - ok
18:21:25.0837 4656	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:21:25.0889 4656	AppIDSvc - ok
18:21:25.0950 4656	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
18:21:25.0996 4656	Appinfo - ok
18:21:26.0091 4656	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:21:26.0105 4656	Apple Mobile Device - ok
18:21:26.0197 4656	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:21:26.0216 4656	arc - ok
18:21:26.0248 4656	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:21:26.0266 4656	arcsas - ok
18:21:26.0369 4656	aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:21:26.0394 4656	aspnet_state - ok
18:21:26.0470 4656	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:21:26.0576 4656	AsyncMac - ok
18:21:26.0635 4656	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:21:26.0652 4656	atapi - ok
18:21:26.0710 4656	atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
18:21:26.0731 4656	atksgt - ok
18:21:26.0792 4656	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:21:26.0845 4656	AudioEndpointBuilder - ok
18:21:26.0875 4656	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:21:26.0916 4656	Audiosrv - ok
18:21:26.0946 4656	Automatisches LiveUpdate - Scheduler - ok
18:21:27.0062 4656	avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
18:21:27.0077 4656	avgntflt - ok
18:21:27.0141 4656	avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
18:21:27.0158 4656	avipbb - ok
18:21:27.0242 4656	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
18:21:27.0256 4656	avkmgr - ok
18:21:27.0311 4656	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
18:21:27.0349 4656	AxInstSV - ok
18:21:27.0418 4656	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:21:27.0461 4656	b06bdrv - ok
18:21:27.0523 4656	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:21:27.0544 4656	b57nd60x - ok
18:21:27.0590 4656	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:21:27.0634 4656	BDESVC - ok
18:21:27.0690 4656	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:21:27.0739 4656	Beep - ok
18:21:27.0826 4656	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
18:21:27.0880 4656	BFE - ok
18:21:27.0966 4656	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
18:21:28.0020 4656	BITS - ok
18:21:28.0102 4656	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:21:28.0127 4656	blbdrive - ok
18:21:28.0206 4656	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
18:21:28.0228 4656	Bonjour Service - ok
18:21:28.0321 4656	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:21:28.0364 4656	bowser - ok
18:21:28.0397 4656	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:21:28.0425 4656	BrFiltLo - ok
18:21:28.0492 4656	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:21:28.0530 4656	BrFiltUp - ok
18:21:28.0590 4656	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
18:21:28.0649 4656	Browser - ok
18:21:28.0706 4656	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:21:28.0764 4656	Brserid - ok
18:21:28.0800 4656	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:21:28.0834 4656	BrSerWdm - ok
18:21:28.0850 4656	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:21:28.0881 4656	BrUsbMdm - ok
18:21:28.0894 4656	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:21:28.0930 4656	BrUsbSer - ok
18:21:29.0029 4656	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:21:29.0060 4656	BTHMODEM - ok
18:21:29.0115 4656	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:21:29.0163 4656	bthserv - ok
18:21:29.0253 4656	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:21:29.0299 4656	cdfs - ok
18:21:29.0434 4656	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
18:21:29.0467 4656	cdrom - ok
18:21:29.0530 4656	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:21:29.0577 4656	CertPropSvc - ok
18:21:29.0615 4656	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:21:29.0636 4656	circlass - ok
18:21:29.0708 4656	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:21:29.0731 4656	CLFS - ok
18:21:29.0784 4656	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:21:29.0799 4656	clr_optimization_v2.0.50727_32 - ok
18:21:29.0859 4656	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:21:29.0892 4656	clr_optimization_v4.0.30319_32 - ok
18:21:29.0956 4656	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:21:29.0983 4656	CmBatt - ok
18:21:30.0036 4656	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:21:30.0052 4656	cmdide - ok
18:21:30.0105 4656	CNG             (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
18:21:30.0147 4656	CNG - ok
18:21:30.0200 4656	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:21:30.0217 4656	Compbatt - ok
18:21:30.0272 4656	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:21:30.0309 4656	CompositeBus - ok
18:21:30.0389 4656	COMSysApp - ok
18:21:30.0451 4656	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:21:30.0467 4656	crcdisk - ok
18:21:30.0525 4656	CryptSvc        (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
18:21:30.0571 4656	CryptSvc - ok
18:21:30.0633 4656	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:21:30.0695 4656	DcomLaunch - ok
18:21:30.0743 4656	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:21:30.0791 4656	defragsvc - ok
18:21:30.0863 4656	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:21:30.0906 4656	DfsC - ok
18:21:31.0002 4656	dgderdrv - ok
18:21:31.0060 4656	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
18:21:31.0107 4656	Dhcp - ok
18:21:31.0179 4656	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:21:31.0231 4656	discache - ok
18:21:31.0345 4656	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:21:31.0364 4656	Disk - ok
18:21:31.0394 4656	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
18:21:31.0465 4656	Dnscache - ok
18:21:31.0541 4656	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
18:21:31.0589 4656	dot3svc - ok
18:21:31.0648 4656	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
18:21:31.0710 4656	DPS - ok
18:21:31.0820 4656	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:21:31.0847 4656	drmkaud - ok
18:21:31.0925 4656	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:21:31.0968 4656	DXGKrnl - ok
18:21:32.0011 4656	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:21:32.0063 4656	EapHost - ok
18:21:32.0237 4656	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:21:32.0362 4656	ebdrv - ok
18:21:32.0435 4656	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
18:21:32.0482 4656	EFS - ok
18:21:32.0551 4656	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:21:32.0590 4656	elxstor - ok
18:21:32.0661 4656	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:21:32.0692 4656	ErrDev - ok
18:21:32.0755 4656	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:21:32.0803 4656	EventSystem - ok
18:21:32.0902 4656	ewusbnet - ok
18:21:32.0960 4656	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:21:33.0008 4656	exfat - ok
18:21:33.0086 4656	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:21:33.0135 4656	fastfat - ok
18:21:33.0231 4656	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
18:21:33.0280 4656	Fax - ok
18:21:33.0359 4656	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:21:33.0387 4656	fdc - ok
18:21:33.0433 4656	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:21:33.0481 4656	fdPHost - ok
18:21:33.0539 4656	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:21:33.0583 4656	FDResPub - ok
18:21:33.0688 4656	FETND6V         (403bedad0226653ba8d05aefc3f04a0c) C:\Windows\system32\DRIVERS\fetnd6v.sys
18:21:33.0715 4656	FETND6V - ok
18:21:33.0761 4656	FETNDIS         (f5cb6cb6d12f495516be27cffccde4bf) C:\Windows\system32\DRIVERS\fetnd6.sys
18:21:33.0798 4656	FETNDIS - ok
18:21:33.0891 4656	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:21:33.0909 4656	FileInfo - ok
18:21:33.0945 4656	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:21:33.0991 4656	Filetrace - ok
18:21:34.0066 4656	FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:21:34.0097 4656	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0097 4656	FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
18:21:34.0190 4656	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:21:34.0208 4656	flpydisk - ok
18:21:34.0242 4656	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:21:34.0261 4656	FltMgr - ok
18:21:34.0335 4656	FontCache       (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
18:21:34.0410 4656	FontCache - ok
18:21:34.0455 4656	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:21:34.0469 4656	FontCache3.0.0.0 - ok
18:21:34.0542 4656	Freemake Improver (37c2ff67a2565286f1c1c1072be74678) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:21:34.0565 4656	Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0565 4656	Freemake Improver - detected UnsignedFile.Multi.Generic (1)
18:21:34.0672 4656	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:21:34.0691 4656	FsDepends - ok
18:21:34.0769 4656	FsUsbExDisk     (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS
18:21:34.0788 4656	FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
18:21:34.0788 4656	FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
18:21:34.0837 4656	Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
18:21:34.0854 4656	Fs_Rec - ok
18:21:34.0923 4656	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:21:34.0948 4656	fvevol - ok
18:21:35.0013 4656	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:21:35.0032 4656	gagp30kx - ok
18:21:35.0085 4656	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:21:35.0097 4656	GEARAspiWDM - ok
18:21:35.0154 4656	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
18:21:35.0218 4656	gpsvc - ok
18:21:35.0315 4656	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:21:35.0357 4656	hcw85cir - ok
18:21:35.0455 4656	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:21:35.0502 4656	HdAudAddService - ok
18:21:35.0576 4656	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:21:35.0608 4656	HDAudBus - ok
18:21:35.0640 4656	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:21:35.0673 4656	HidBatt - ok
18:21:35.0756 4656	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:21:35.0791 4656	HidBth - ok
18:21:35.0832 4656	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:21:35.0853 4656	HidIr - ok
18:21:35.0894 4656	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
18:21:35.0944 4656	hidserv - ok
18:21:36.0064 4656	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
18:21:36.0082 4656	HidUsb - ok
18:21:36.0132 4656	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
18:21:36.0181 4656	hkmsvc - ok
18:21:36.0243 4656	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
18:21:36.0289 4656	HomeGroupListener - ok
18:21:36.0336 4656	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
18:21:36.0373 4656	HomeGroupProvider - ok
18:21:36.0443 4656	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:21:36.0461 4656	HpSAMD - ok
18:21:36.0527 4656	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:21:36.0573 4656	HTTP - ok
18:21:36.0617 4656	hwdatacard - ok
18:21:36.0670 4656	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:21:36.0690 4656	hwpolicy - ok
18:21:36.0733 4656	hwusbdev - ok
18:21:36.0797 4656	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:21:36.0831 4656	i8042prt - ok
18:21:36.0904 4656	iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:21:36.0929 4656	iaStorV - ok
18:21:37.0008 4656	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:21:37.0029 4656	IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:21:37.0030 4656	IDriverT - detected UnsignedFile.Multi.Generic (1)
18:21:37.0138 4656	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:21:37.0187 4656	idsvc - ok
18:21:37.0256 4656	IGDCTRL         (e28602c9e17b0ddce9f5deb3b3e2a635) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
18:21:37.0270 4656	IGDCTRL - ok
18:21:37.0375 4656	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:21:37.0394 4656	iirsp - ok
18:21:37.0453 4656	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
18:21:37.0517 4656	IKEEXT - ok
18:21:37.0663 4656	IntcAzAudAddService (4a705bf2a6f7972f2f2ad8a0d8079f95) C:\Windows\system32\drivers\RTKVHDA.sys
18:21:37.0741 4656	IntcAzAudAddService - ok
18:21:37.0846 4656	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:21:37.0863 4656	intelide - ok
18:21:37.0901 4656	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:21:37.0935 4656	intelppm - ok
18:21:38.0004 4656	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:21:38.0043 4656	IPBusEnum - ok
18:21:38.0116 4656	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:21:38.0168 4656	IpFilterDriver - ok
18:21:38.0246 4656	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
18:21:38.0313 4656	iphlpsvc - ok
18:21:38.0375 4656	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:21:38.0408 4656	IPMIDRV - ok
18:21:38.0452 4656	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:21:38.0505 4656	IPNAT - ok
18:21:38.0606 4656	iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
18:21:38.0635 4656	iPod Service - ok
18:21:38.0735 4656	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:21:38.0756 4656	IRENUM - ok
18:21:38.0794 4656	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:21:38.0812 4656	isapnp - ok
18:21:38.0843 4656	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:21:38.0866 4656	iScsiPrt - ok
18:21:38.0912 4656	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:21:38.0929 4656	kbdclass - ok
18:21:38.0969 4656	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
18:21:38.0999 4656	kbdhid - ok
18:21:39.0033 4656	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:39.0050 4656	KeyIso - ok
18:21:39.0091 4656	KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
18:21:39.0109 4656	KSecDD - ok
18:21:39.0147 4656	KSecPkg         (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
18:21:39.0167 4656	KSecPkg - ok
18:21:39.0229 4656	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:21:39.0287 4656	KtmRm - ok
18:21:39.0379 4656	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
18:21:39.0432 4656	LanmanServer - ok
18:21:39.0486 4656	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
18:21:39.0524 4656	LanmanWorkstation - ok
18:21:39.0611 4656	LightScribeService (ccad2aae36e24346488b0f54a049de78) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:21:39.0624 4656	LightScribeService - ok
18:21:39.0716 4656	lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
18:21:39.0730 4656	lirsgt - ok
18:21:39.0783 4656	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:21:39.0829 4656	lltdio - ok
18:21:39.0895 4656	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:21:39.0937 4656	lltdsvc - ok
18:21:39.0960 4656	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:21:40.0012 4656	lmhosts - ok
18:21:40.0074 4656	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:21:40.0093 4656	LSI_FC - ok
18:21:40.0130 4656	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:21:40.0150 4656	LSI_SAS - ok
18:21:40.0194 4656	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:21:40.0212 4656	LSI_SAS2 - ok
18:21:40.0247 4656	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:21:40.0267 4656	LSI_SCSI - ok
18:21:40.0308 4656	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:21:40.0345 4656	luafv - ok
18:21:40.0396 4656	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:21:40.0414 4656	megasas - ok
18:21:40.0445 4656	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:21:40.0468 4656	MegaSR - ok
18:21:40.0504 4656	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:21:40.0574 4656	MMCSS - ok
18:21:40.0667 4656	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:21:40.0720 4656	Modem - ok
18:21:40.0802 4656	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:21:40.0834 4656	monitor - ok
18:21:40.0888 4656	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:21:40.0907 4656	mouclass - ok
18:21:40.0961 4656	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:21:40.0997 4656	mouhid - ok
18:21:41.0071 4656	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:21:41.0088 4656	mountmgr - ok
18:21:41.0145 4656	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:21:41.0165 4656	mpio - ok
18:21:41.0205 4656	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:21:41.0249 4656	mpsdrv - ok
18:21:41.0330 4656	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
18:21:41.0395 4656	MpsSvc - ok
18:21:41.0450 4656	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:21:41.0475 4656	MRxDAV - ok
18:21:41.0556 4656	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:21:41.0591 4656	mrxsmb - ok
18:21:41.0628 4656	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:21:41.0664 4656	mrxsmb10 - ok
18:21:41.0720 4656	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:21:41.0754 4656	mrxsmb20 - ok
18:21:41.0806 4656	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:21:41.0824 4656	msahci - ok
18:21:41.0858 4656	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:21:41.0877 4656	msdsm - ok
18:21:41.0910 4656	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:21:41.0944 4656	MSDTC - ok
18:21:42.0039 4656	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:21:42.0075 4656	Msfs - ok
18:21:42.0097 4656	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:21:42.0143 4656	mshidkmdf - ok
18:21:42.0197 4656	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:21:42.0213 4656	msisadrv - ok
18:21:42.0272 4656	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:21:42.0319 4656	MSiSCSI - ok
18:21:42.0360 4656	msiserver - ok
18:21:42.0453 4656	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:21:42.0505 4656	MSKSSRV - ok
18:21:42.0608 4656	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:21:42.0652 4656	MSPCLOCK - ok
18:21:42.0748 4656	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:21:42.0799 4656	MSPQM - ok
18:21:42.0871 4656	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:21:42.0891 4656	MsRPC - ok
18:21:42.0953 4656	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:21:42.0970 4656	mssmbios - ok
18:21:43.0054 4656	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:21:43.0090 4656	MSTEE - ok
18:21:43.0155 4656	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:21:43.0181 4656	MTConfig - ok
18:21:43.0249 4656	MTSBDA          (f87e160bed37ad7e2e5394cf4bce7839) C:\Windows\system32\Drivers\MtsBda.sys
18:21:43.0267 4656	MTSBDA - ok
18:21:43.0311 4656	MtsHID          (dae8572b995a67e90633a28d7b204a4f) C:\Windows\system32\drivers\MtsHID.sys
18:21:43.0324 4656	MtsHID - ok
18:21:43.0370 4656	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:21:43.0387 4656	Mup - ok
18:21:43.0430 4656	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
18:21:43.0496 4656	napagent - ok
18:21:43.0600 4656	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:21:43.0627 4656	NativeWifiP - ok
18:21:43.0743 4656	NBService       (5836b9e91863a00ec1b8e785efd86ecb) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:21:43.0790 4656	NBService - ok
18:21:43.0889 4656	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:21:43.0927 4656	NDIS - ok
18:21:43.0972 4656	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:21:44.0021 4656	NdisCap - ok
18:21:44.0115 4656	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:21:44.0161 4656	NdisTapi - ok
18:21:44.0275 4656	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:21:44.0319 4656	Ndisuio - ok
18:21:44.0392 4656	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:21:44.0437 4656	NdisWan - ok
18:21:44.0491 4656	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:21:44.0527 4656	NDProxy - ok
18:21:44.0590 4656	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:21:44.0643 4656	NetBIOS - ok
18:21:44.0740 4656	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:21:44.0791 4656	NetBT - ok
18:21:44.0863 4656	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:44.0881 4656	Netlogon - ok
18:21:44.0939 4656	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:21:45.0000 4656	Netman - ok
18:21:45.0109 4656	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0132 4656	NetMsmqActivator - ok
18:21:45.0175 4656	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0193 4656	NetPipeActivator - ok
18:21:45.0274 4656	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:21:45.0341 4656	netprofm - ok
18:21:45.0443 4656	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0458 4656	NetTcpActivator - ok
18:21:45.0464 4656	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:21:45.0480 4656	NetTcpPortSharing - ok
18:21:45.0556 4656	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:21:45.0576 4656	nfrd960 - ok
18:21:45.0617 4656	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
18:21:45.0677 4656	NlaSvc - ok
18:21:45.0771 4656	NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:21:45.0791 4656	NMIndexingService - ok
18:21:45.0827 4656	NovacomD        (085440078813949c51c33589557bfd29) C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
18:21:45.0845 4656	NovacomD ( UnsignedFile.Multi.Generic ) - warning
18:21:45.0845 4656	NovacomD - detected UnsignedFile.Multi.Generic (1)
18:21:45.0965 4656	NPF             (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
18:21:45.0978 4656	NPF - ok
18:21:46.0041 4656	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:21:46.0087 4656	Npfs - ok
18:21:46.0146 4656	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:21:46.0203 4656	nsi - ok
18:21:46.0251 4656	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:21:46.0301 4656	nsiproxy - ok
18:21:46.0385 4656	Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:21:46.0453 4656	Ntfs - ok
18:21:46.0498 4656	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:21:46.0535 4656	Null - ok
18:21:46.0829 4656	nvlddmkm        (847b1755f7757f825305a1ffe6dac3e9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:21:47.0080 4656	nvlddmkm - ok
18:21:47.0189 4656	nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:21:47.0209 4656	nvraid - ok
18:21:47.0232 4656	nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:21:47.0252 4656	nvstor - ok
18:21:47.0332 4656	nvsvc           (7c732aff202dcd06c3d262966d71604c) C:\Windows\system32\nvvsvc.exe
18:21:47.0363 4656	nvsvc - ok
18:21:47.0508 4656	nvUpdatusService (262d2fbf211a88dcb84249df0f6ef6e7) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:21:47.0591 4656	nvUpdatusService - ok
18:21:47.0681 4656	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:21:47.0701 4656	nv_agp - ok
18:21:47.0783 4656	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:21:47.0809 4656	odserv - ok
18:21:47.0908 4656	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:21:47.0941 4656	ohci1394 - ok
18:21:48.0015 4656	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:21:48.0033 4656	ose - ok
18:21:48.0103 4656	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:21:48.0131 4656	p2pimsvc - ok
18:21:48.0154 4656	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:21:48.0180 4656	p2psvc - ok
18:21:48.0268 4656	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:21:48.0297 4656	Parport - ok
18:21:48.0359 4656	partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:21:48.0376 4656	partmgr - ok
18:21:48.0422 4656	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:21:48.0456 4656	Parvdm - ok
18:21:48.0513 4656	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:21:48.0539 4656	PcaSvc - ok
18:21:48.0586 4656	pccsmcfd - ok
18:21:48.0624 4656	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:21:48.0644 4656	pci - ok
18:21:48.0703 4656	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:21:48.0719 4656	pciide - ok
18:21:48.0783 4656	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:21:48.0804 4656	pcmcia - ok
18:21:48.0851 4656	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:21:48.0869 4656	pcw - ok
18:21:48.0902 4656	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:21:48.0969 4656	PEAUTH - ok
18:21:49.0077 4656	pfc             (957b82ec80ad7ead64e5e47df6b0dc40) C:\Windows\system32\drivers\pfc.sys
18:21:49.0092 4656	pfc ( UnsignedFile.Multi.Generic ) - warning
18:21:49.0092 4656	pfc - detected UnsignedFile.Multi.Generic (1)
18:21:49.0172 4656	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
18:21:49.0268 4656	pla - ok
18:21:49.0358 4656	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
18:21:49.0391 4656	PlugPlay - ok
18:21:49.0431 4656	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:21:49.0461 4656	PNRPAutoReg - ok
18:21:49.0510 4656	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:21:49.0535 4656	PNRPsvc - ok
18:21:49.0605 4656	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
18:21:49.0655 4656	PolicyAgent - ok
18:21:49.0720 4656	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
18:21:49.0774 4656	Power - ok
18:21:49.0848 4656	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:21:49.0897 4656	PptpMiniport - ok
18:21:49.0971 4656	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:21:50.0004 4656	Processor - ok
18:21:50.0057 4656	ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
18:21:50.0096 4656	ProfSvc - ok
18:21:50.0161 4656	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:50.0179 4656	ProtectedStorage - ok
18:21:50.0239 4656	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:21:50.0278 4656	Psched - ok
18:21:50.0341 4656	PxHelp20        (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
18:21:50.0360 4656	PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
18:21:50.0360 4656	PxHelp20 - detected UnsignedFile.Multi.Generic (1)
18:21:50.0448 4656	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:21:50.0515 4656	ql2300 - ok
18:21:50.0590 4656	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:21:50.0610 4656	ql40xx - ok
18:21:50.0658 4656	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:21:50.0694 4656	QWAVE - ok
18:21:50.0755 4656	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:21:50.0778 4656	QWAVEdrv - ok
18:21:50.0817 4656	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:21:50.0883 4656	RasAcd - ok
18:21:50.0969 4656	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:21:51.0017 4656	RasAgileVpn - ok
18:21:51.0078 4656	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:21:51.0117 4656	RasAuto - ok
18:21:51.0215 4656	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:21:51.0261 4656	Rasl2tp - ok
18:21:51.0346 4656	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
18:21:51.0398 4656	RasMan - ok
18:21:51.0474 4656	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:21:51.0527 4656	RasPppoe - ok
18:21:51.0625 4656	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:21:51.0670 4656	RasSstp - ok
18:21:51.0764 4656	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:21:51.0811 4656	rdbss - ok
18:21:51.0875 4656	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:21:51.0905 4656	rdpbus - ok
18:21:51.0957 4656	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:21:52.0000 4656	RDPCDD - ok
18:21:52.0105 4656	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:21:52.0151 4656	RDPENCDD - ok
18:21:52.0221 4656	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:21:52.0264 4656	RDPREFMP - ok
18:21:52.0339 4656	RDPWD           (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
18:21:52.0370 4656	RDPWD - ok
18:21:52.0438 4656	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:21:52.0459 4656	rdyboost - ok
18:21:52.0496 4656	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:21:52.0532 4656	RemoteAccess - ok
18:21:52.0596 4656	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:21:52.0636 4656	RemoteRegistry - ok
18:21:52.0754 4656	RichVideo       (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:21:52.0773 4656	RichVideo - ok
18:21:52.0867 4656	RoxMediaDB9     (9c19e4419a6acf8fff53f1dd1c305e9e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:21:52.0916 4656	RoxMediaDB9 - ok
18:21:52.0950 4656	RoxWatch9       (9d95da35ec22511a1ceb38a8c3a0bc7e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
18:21:52.0965 4656	RoxWatch9 - ok
18:21:53.0020 4656	rpcapd          (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
18:21:53.0036 4656	rpcapd - ok
18:21:53.0106 4656	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:21:53.0153 4656	RpcEptMapper - ok
18:21:53.0213 4656	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:21:53.0247 4656	RpcLocator - ok
18:21:53.0289 4656	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:21:53.0332 4656	RpcSs - ok
18:21:53.0426 4656	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:21:53.0472 4656	rspndr - ok
18:21:53.0569 4656	RTL8187         (99c27fceb21347daf3ee9e8c205314d6) C:\Windows\system32\DRIVERS\wg111v2.sys
18:21:53.0611 4656	RTL8187 - ok
18:21:53.0659 4656	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:21:53.0679 4656	SamSs - ok
18:21:53.0745 4656	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:21:53.0765 4656	sbp2port - ok
18:21:53.0801 4656	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:21:53.0855 4656	SCardSvr - ok
18:21:53.0943 4656	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:21:53.0992 4656	scfilter - ok
18:21:54.0045 4656	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
18:21:54.0118 4656	Schedule - ok
18:21:54.0191 4656	SCMNdisP        (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys
18:21:54.0205 4656	SCMNdisP - ok
18:21:54.0255 4656	SCM_Service     (42660bbed859ac22dfd12ae598a8ffaa) C:\Windows\System32\WinService.exe
18:21:54.0277 4656	SCM_Service ( UnsignedFile.Multi.Generic ) - warning
18:21:54.0277 4656	SCM_Service - detected UnsignedFile.Multi.Generic (1)
18:21:54.0334 4656	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:21:54.0370 4656	SCPolicySvc - ok
18:21:54.0416 4656	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
18:21:54.0458 4656	SDRSVC - ok
18:21:54.0511 4656	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:21:54.0547 4656	secdrv - ok
18:21:54.0608 4656	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:21:54.0661 4656	seclogon - ok
18:21:54.0707 4656	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
18:21:54.0760 4656	SENS - ok
18:21:54.0825 4656	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:21:54.0867 4656	SensrSvc - ok
18:21:54.0925 4656	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:21:54.0952 4656	Serenum - ok
18:21:55.0012 4656	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:21:55.0040 4656	Serial - ok
18:21:55.0093 4656	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:21:55.0126 4656	sermouse - ok
18:21:55.0191 4656	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
18:21:55.0228 4656	SessionEnv - ok
18:21:55.0309 4656	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:21:55.0336 4656	sffdisk - ok
18:21:55.0357 4656	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:21:55.0389 4656	sffp_mmc - ok
18:21:55.0463 4656	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:21:55.0486 4656	sffp_sd - ok
18:21:55.0536 4656	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:21:55.0562 4656	sfloppy - ok
18:21:55.0629 4656	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:21:55.0686 4656	SharedAccess - ok
18:21:55.0766 4656	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
18:21:55.0819 4656	ShellHWDetection - ok
18:21:55.0879 4656	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:21:55.0898 4656	sisagp - ok
18:21:55.0974 4656	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:21:55.0992 4656	SiSRaid2 - ok
18:21:56.0015 4656	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:21:56.0035 4656	SiSRaid4 - ok
18:21:56.0072 4656	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:21:56.0110 4656	Smb - ok
18:21:56.0195 4656	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:21:56.0215 4656	SNMPTRAP - ok
18:21:56.0305 4656	SplashtopRemoteService (ccf611a259882d8cf4dbabae2341ee31) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
18:21:56.0331 4656	SplashtopRemoteService - ok
18:21:56.0421 4656	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:21:56.0439 4656	spldr - ok
18:21:56.0496 4656	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
18:21:56.0563 4656	Spooler - ok
18:21:56.0711 4656	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
18:21:56.0838 4656	sppsvc - ok
18:21:56.0901 4656	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
18:21:56.0952 4656	sppuinotify - ok
18:21:57.0012 4656	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:21:57.0057 4656	srv - ok
18:21:57.0109 4656	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:21:57.0139 4656	srv2 - ok
18:21:57.0218 4656	SrvCDEject      (9e0e4c777bf358b7863d22a8ca56b189) C:\Program Files\Packard Bell\SrvCDEject.exe
18:21:57.0245 4656	SrvCDEject ( UnsignedFile.Multi.Generic ) - warning
18:21:57.0245 4656	SrvCDEject - detected UnsignedFile.Multi.Generic (1)
18:21:57.0339 4656	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:21:57.0358 4656	srvnet - ok
18:21:57.0395 4656	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:21:57.0435 4656	SSDPSRV - ok
18:21:57.0514 4656	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:21:57.0526 4656	ssmdrv - ok
18:21:57.0558 4656	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:21:57.0597 4656	SstpSvc - ok
18:21:57.0686 4656	SSUService      (1cfa4a1f3c7bb4c8f299e00428eb8677) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
18:21:57.0707 4656	SSUService - ok
18:21:57.0773 4656	Steam Client Service - ok
18:21:57.0864 4656	Stereo Service  (a2abc52cd8a5b60262b220a17a92eb31) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:21:57.0883 4656	Stereo Service - ok
18:21:57.0980 4656	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:21:57.0997 4656	stexstor - ok
18:21:58.0041 4656	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
18:21:58.0092 4656	StiSvc - ok
18:21:58.0164 4656	stllssvr        (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:21:58.0184 4656	stllssvr ( UnsignedFile.Multi.Generic ) - warning
18:21:58.0184 4656	stllssvr - detected UnsignedFile.Multi.Generic (1)
18:21:58.0287 4656	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:21:58.0303 4656	swenum - ok
18:21:58.0341 4656	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:21:58.0396 4656	swprv - ok
18:21:58.0478 4656	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
18:21:58.0541 4656	SysMain - ok
18:21:58.0586 4656	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
18:21:58.0613 4656	TabletInputService - ok
18:21:58.0666 4656	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
18:21:58.0731 4656	TapiSrv - ok
18:21:58.0791 4656	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:21:58.0845 4656	TBS - ok
18:21:58.0977 4656	Tcpip           (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
18:21:59.0043 4656	Tcpip - ok
18:21:59.0161 4656	TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
18:21:59.0205 4656	TCPIP6 - ok
18:21:59.0300 4656	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:21:59.0351 4656	tcpipreg - ok
18:21:59.0445 4656	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:21:59.0471 4656	TDPIPE - ok
18:21:59.0515 4656	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
18:21:59.0549 4656	TDTCP - ok
18:21:59.0629 4656	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:21:59.0676 4656	tdx - ok
18:21:59.0819 4656	TeamViewer5     (2a64c802f4c8aa00ac8472c771688e00) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
18:21:59.0908 4656	TeamViewer5 - ok
18:22:00.0014 4656	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:22:00.0035 4656	TermDD - ok
18:22:00.0096 4656	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
18:22:00.0142 4656	TermService - ok
18:22:00.0217 4656	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:22:00.0243 4656	Themes - ok
18:22:00.0278 4656	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:22:00.0315 4656	THREADORDER - ok
18:22:00.0381 4656	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:22:00.0436 4656	TrkWks - ok
18:22:00.0483 4656	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
18:22:00.0531 4656	TrustedInstaller - ok
18:22:00.0612 4656	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:22:00.0647 4656	tssecsrv - ok
18:22:00.0738 4656	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:22:00.0760 4656	TsUsbFlt - ok
18:22:00.0812 4656	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:22:00.0849 4656	tunnel - ok
18:22:00.0890 4656	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:22:00.0908 4656	uagp35 - ok
18:22:00.0949 4656	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:22:00.0997 4656	udfs - ok
18:22:01.0072 4656	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:22:01.0106 4656	UI0Detect - ok
18:22:01.0175 4656	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:22:01.0193 4656	uliagpkx - ok
18:22:01.0256 4656	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:22:01.0284 4656	umbus - ok
18:22:01.0339 4656	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:22:01.0368 4656	UmPass - ok
18:22:01.0425 4656	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:22:01.0479 4656	upnphost - ok
18:22:01.0541 4656	USB28xxBGA      (599a5d2f536f64ff4502f9b0d61e57c6) C:\Windows\system32\DRIVERS\emBDA.sys
18:22:01.0574 4656	USB28xxBGA - ok
18:22:01.0680 4656	USB28xxOEM      (6ec3f4024514ce503789e80833b452a8) C:\Windows\system32\DRIVERS\emOEM.sys
18:22:01.0708 4656	USB28xxOEM - ok
18:22:01.0758 4656	USBAAPL         (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
18:22:01.0798 4656	USBAAPL - ok
18:22:01.0886 4656	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
18:22:01.0918 4656	usbaudio - ok
18:22:01.0972 4656	usbccgp         (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
18:22:02.0002 4656	usbccgp - ok
18:22:02.0056 4656	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:22:02.0078 4656	usbcir - ok
18:22:02.0133 4656	usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:22:02.0152 4656	usbehci - ok
18:22:02.0229 4656	usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:22:02.0266 4656	usbhub - ok
18:22:02.0310 4656	usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
18:22:02.0328 4656	usbohci - ok
18:22:02.0374 4656	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:22:02.0395 4656	usbprint - ok
18:22:02.0439 4656	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
18:22:02.0469 4656	usbscan - ok
18:22:02.0525 4656	USBSTOR         (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:22:02.0567 4656	USBSTOR - ok
18:22:02.0645 4656	usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:22:02.0663 4656	usbuhci - ok
18:22:02.0702 4656	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:22:02.0750 4656	UxSms - ok
18:22:02.0821 4656	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:22:02.0839 4656	VaultSvc - ok
18:22:02.0925 4656	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:22:02.0943 4656	vdrvroot - ok
18:22:03.0000 4656	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
18:22:03.0052 4656	vds - ok
18:22:03.0154 4656	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:22:03.0174 4656	vga - ok
18:22:03.0223 4656	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:22:03.0260 4656	VgaSave - ok
18:22:03.0363 4656	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:22:03.0384 4656	vhdmp - ok
18:22:03.0428 4656	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:22:03.0447 4656	viaagp - ok
18:22:03.0505 4656	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:22:03.0533 4656	ViaC7 - ok
18:22:03.0590 4656	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:22:03.0610 4656	viaide - ok
18:22:03.0649 4656	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:22:03.0666 4656	volmgr - ok
18:22:03.0734 4656	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:22:03.0757 4656	volmgrx - ok
18:22:03.0816 4656	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:22:03.0836 4656	volsnap - ok
18:22:03.0891 4656	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:22:03.0912 4656	vsmraid - ok
18:22:03.0984 4656	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
18:22:04.0054 4656	VSS - ok
18:22:04.0129 4656	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
18:22:04.0162 4656	vwifibus - ok
18:22:04.0225 4656	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:22:04.0268 4656	W32Time - ok
18:22:04.0351 4656	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:22:04.0381 4656	WacomPen - ok
18:22:04.0481 4656	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:22:04.0516 4656	WANARP - ok
18:22:04.0540 4656	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:22:04.0573 4656	Wanarpv6 - ok
18:22:04.0638 4656	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
18:22:04.0718 4656	wbengine - ok
18:22:04.0795 4656	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:22:04.0849 4656	WbioSrvc - ok
18:22:04.0894 4656	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
18:22:04.0945 4656	wcncsvc - ok
18:22:04.0974 4656	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:22:05.0021 4656	WcsPlugInService - ok
18:22:05.0084 4656	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:22:05.0102 4656	Wd - ok
18:22:05.0148 4656	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:22:05.0185 4656	Wdf01000 - ok
18:22:05.0256 4656	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:22:05.0299 4656	WdiServiceHost - ok
18:22:05.0315 4656	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:22:05.0339 4656	WdiSystemHost - ok
18:22:05.0416 4656	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
18:22:05.0459 4656	WebClient - ok
18:22:05.0494 4656	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:22:05.0536 4656	Wecsvc - ok
18:22:05.0585 4656	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:22:05.0636 4656	wercplsupport - ok
18:22:05.0739 4656	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:22:05.0779 4656	WerSvc - ok
18:22:05.0849 4656	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:22:05.0885 4656	WfpLwf - ok
18:22:05.0944 4656	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:22:05.0961 4656	WIMMount - ok
18:22:06.0029 4656	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:22:06.0082 4656	WinDefend - ok
18:22:06.0094 4656	WinHttpAutoProxySvc - ok
18:22:06.0203 4656	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:22:06.0250 4656	Winmgmt - ok
18:22:06.0320 4656	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
18:22:06.0407 4656	WinRM - ok
18:22:06.0530 4656	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
18:22:06.0559 4656	WinUsb - ok
18:22:06.0609 4656	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:22:06.0659 4656	Wlansvc - ok
18:22:06.0772 4656	wlidsvc         (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:22:06.0838 4656	wlidsvc - ok
18:22:06.0934 4656	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:22:06.0954 4656	WmiAcpi - ok
18:22:07.0036 4656	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:22:07.0056 4656	wmiApSrv - ok
18:22:07.0143 4656	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:22:07.0208 4656	WMPNetworkSvc - ok
18:22:07.0271 4656	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:22:07.0300 4656	WPCSvc - ok
18:22:07.0341 4656	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
18:22:07.0378 4656	WPDBusEnum - ok
18:22:07.0477 4656	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:22:07.0526 4656	ws2ifsl - ok
18:22:07.0584 4656	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
18:22:07.0623 4656	wscsvc - ok
18:22:07.0635 4656	WSearch - ok
18:22:07.0724 4656	wuauserv        (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
18:22:07.0821 4656	wuauserv - ok
18:22:07.0871 4656	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:22:07.0909 4656	WudfPf - ok
18:22:08.0011 4656	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:22:08.0047 4656	WUDFRd - ok
18:22:08.0125 4656	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
18:22:08.0164 4656	wudfsvc - ok
18:22:08.0213 4656	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:22:08.0254 4656	WwanSvc - ok
18:22:08.0316 4656	xusb21          (c26c68bcbac1f33f890c226769759209) C:\Windows\system32\DRIVERS\xusb21.sys
18:22:08.0344 4656	xusb21 - ok
18:22:08.0379 4656	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:22:08.0517 4656	\Device\Harddisk0\DR0 - ok
18:22:08.0523 4656	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
18:22:08.0627 4656	\Device\Harddisk1\DR1 - ok
18:22:08.0649 4656	Boot (0x1200)   (2161ede224ba40d5a38958512178ff54) \Device\Harddisk0\DR0\Partition0
18:22:08.0650 4656	\Device\Harddisk0\DR0\Partition0 - ok
18:22:08.0655 4656	Boot (0x1200)   (b9709801f07bfef5ac160c75a705b7c0) \Device\Harddisk0\DR0\Partition1
18:22:08.0657 4656	\Device\Harddisk0\DR0\Partition1 - ok
18:22:08.0665 4656	Boot (0x1200)   (f55078df5ffb4d1cc2922c6214e153e6) \Device\Harddisk1\DR1\Partition0
18:22:08.0666 4656	\Device\Harddisk1\DR1\Partition0 - ok
18:22:08.0668 4656	============================================================
18:22:08.0668 4656	Scan finished
18:22:08.0668 4656	============================================================
18:22:08.0697 2512	Detected object count: 10
18:22:08.0697 2512	Actual detected object count: 10
18:25:15.0099 2512	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0100 2512	FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0102 2512	Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0102 2512	Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0105 2512	FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0105 2512	FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0108 2512	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0108 2512	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0110 2512	NovacomD ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0111 2512	NovacomD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0116 2512	pfc ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0116 2512	pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0118 2512	PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0118 2512	PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0120 2512	SCM_Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0121 2512	SCM_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0123 2512	SrvCDEject ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0123 2512	SrvCDEject ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:15.0125 2512	stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:15.0125 2512	stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:25:19.0692 2696	Deinitialize success
         

Alt 23.04.2012, 21:36   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.04.2012, 04:38   #21
Broid
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Okay, Combofix lief problemlos und ohne irgendwelche Meldungen durch. Hier die Textdatei:

Code:
ATTFilter
ComboFix 12-04-23.03 - Matthias 24.04.2012   5:05.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3070.2303 [GMT 2:00]
ausgeführt von:: c:\users\Matthias\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\facemoods.com
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoods.crx
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoods.png
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsApp.dll
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsEng.dll
c:\program files\facemoods.com\facemoods\1.4.17.3\uninstall.exe
c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\avwfls0h.default\weave\toFetch
c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\avwfls0h.default\weave\toFetch\clients.json
c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\avwfls0h.default\weave\toFetch\tabs.json
c:\windows\system32\urttemp
c:\windows\system32\urttemp\regtlib.exe
L:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-24 bis 2012-04-24  ))))))))))))))))))))))))))))))
.
.
2016-03-23 16:11 . 2016-03-23 16:11	--------	d-----w-	c:\users\Matthias\AppData\Roaming\MAGIX
2016-03-23 16:08 . 2010-03-28 05:48	--------	d-----w-	c:\programdata\MAGIX
2016-03-23 16:07 . 2010-03-28 05:48	--------	d-----w-	c:\program files\MAGIX
2016-03-23 16:07 . 2007-04-27 09:43	120200	----a-w-	c:\windows\system32\DLLDEV32i.dll
2016-03-23 16:06 . 2010-03-28 05:46	--------	d-----w-	c:\program files\Common Files\MAGIX Services
2012-04-24 03:33 . 2012-04-24 03:33	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-04-24 03:33 . 2012-04-24 03:33	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-23 16:29 . 2012-04-23 16:29	--------	d-----w-	c:\program files\Common Files\Skype
2012-04-23 15:42 . 2012-04-23 15:42	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{23D8129C-567F-4718-A857-9F886D57752B}\offreg.dll
2012-04-22 08:24 . 2012-04-22 08:25	--------	d-----w-	c:\program files\DVR-Studio HD 2
2012-04-20 15:10 . 2012-04-13 07:36	6734704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{23D8129C-567F-4718-A857-9F886D57752B}\mpengine.dll
2012-04-12 20:11 . 2012-03-01 05:46	19824	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-04-12 20:11 . 2012-03-01 05:37	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-04-12 20:11 . 2012-03-01 05:33	159232	----a-w-	c:\windows\system32\imagehlp.dll
2012-04-12 20:11 . 2012-03-01 05:29	5120	----a-w-	c:\windows\system32\wmi.dll
2012-04-12 20:11 . 2012-03-06 05:59	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-04-12 20:11 . 2012-03-06 05:59	3913072	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-04-09 14:24 . 2012-04-09 14:24	--------	d-----w-	C:\_OTL
2012-04-08 04:52 . 2012-04-08 04:52	--------	d-----w-	c:\program files\ESET
2012-04-04 17:49 . 2012-04-04 17:49	--------	d-----w-	c:\users\Matthias\AppData\Roaming\Malwarebytes
2012-04-04 17:46 . 2012-04-04 17:46	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-04 17:46 . 2012-04-04 17:46	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-04-04 17:46 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-04-04 11:48 . 2012-04-13 18:44	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-03-29 17:29 . 2012-03-29 17:29	--------	d-----w-	c:\program files\Common Files\Java
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 18:44 . 2011-05-22 07:44	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-29 17:25 . 2010-11-18 16:25	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-02-29 19:21 . 2012-02-29 19:21	42392	----a-w-	c:\windows\system32\xfcodec.dll
2012-02-23 08:18 . 2009-11-13 08:07	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-17 18:04 . 2012-01-02 10:22	137416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-02-17 05:34 . 2012-03-13 17:24	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-13 17:24	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-13 17:24	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-02-15 10:01 . 2012-02-15 10:01	4547944	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-02-15 10:01 . 2012-02-15 10:01	43520	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2012-02-10 05:38 . 2012-03-13 21:02	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-02-07 09:02 . 2012-02-07 09:02	1070352	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2012-02-03 03:54 . 2012-03-13 21:02	2343424	----a-w-	c:\windows\system32\win32k.sys
2012-01-25 05:32 . 2012-03-13 17:24	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-01-25 05:32 . 2012-03-13 17:24	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-01-25 05:27 . 2012-03-13 17:24	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-20 16:38 . 2011-04-12 16:15	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 4390912]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-20 228088]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FRITZ!DSL Startcenter.lnk - c:\windows\Installer\{2457326B-C110-40C3-89B0-889CC913871A}\Icon2457326B4.exe [2009-11-12 29184]
Inhaltsmanager-Assistent für PlayStation(R).lnk - c:\program files\Sony\Content Manager Assistant\CMA.exe [2012-1-26 2520504]
NETGEAR WG111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v2\WG111v2.exe [2009-12-28 1261568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^Users^Matthias^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Partner]
c:\program files\WEB Partner\WEB Partner [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirVideoServer]
2010-09-22 01:03	4923784	----a-w-	c:\program files\AirVideoServer\AirVideoServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18	133432	----a-w-	c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-27 03:09	421736	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-03-14 20:01	71216	------w-	c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-12-02 74752]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 SrvCDEject;SrvCDEject;c:\program files\Packard Bell\SrvCDEject.exe [2006-07-25 613376]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 253088]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 SCM_Service;SCM_Service;c:\windows\System32\WinService.exe [2007-07-17 180224]
R4 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [2007-01-19 21728]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 36000]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE [2007-09-04 87344]
S2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacomd\x86\novacomd.exe [2011-03-15 61440]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files\Splashtop\Splashtop Remote\Server\SRService.exe [2012-02-09 531328]
S2 SSUService;Splashtop Software Updater Service;c:\program files\Splashtop\Splashtop Software Updater\SSUService.exe [2012-03-15 370504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520]
S3 MTSBDA;TechniSat CableStar HD2;c:\windows\system32\Drivers\MtsBda.sys [2009-07-15 265744]
S3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys [2009-07-15 23568]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 288768]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 79192321
*Deregistered* - 79192321
*Deregistered* - EraserUtilRebootDrv
*Deregistered* - hotcore3
*Deregistered* - IDSVix86
*Deregistered* - SPBBCDrv
*Deregistered* - SRTSPX
*Deregistered* - SYMDNS
*Deregistered* - SymEvent
*Deregistered* - SYMFW
*Deregistered* - SYMIDS
*Deregistered* - SYMNDISV
*Deregistered* - SYMREDRV
*Deregistered* - SYMTDI
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-12-05 11:27	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 18:44]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: An vorhandenes PDF anfügen - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Free YouTube Download - c:\users\Matthias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Matthias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\avwfls0h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - LEO Eng-Deu
FF - prefs.js: browser.startup.homepage - hxxp://web.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file)
MSConfigStartUp-FVDSuite - c:\program files\FVD Suite\fvdbox.exe
MSConfigStartUp-KiesTrayAgent - c:\program files\Samsung\Kies\/\KiesTrayAgent.exe
MSConfigStartUp-Remote Control Editor - c:\program files\Common Files\TerraTec\Remote\TTTvRc.exe
AddRemove-AOL Deinstallation - c:\program files\Common Files\AOL\uninstaller.exe
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.3\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-24  05:35:20
ComboFix-quarantined-files.txt  2012-04-24 03:35
.
Vor Suchlauf: 21 Verzeichnis(se), 18.051.694.592 Bytes frei
Nach Suchlauf: 31 Verzeichnis(se), 17.872.465.920 Bytes frei
.
- - End Of File - - F10E3257F2B4036F19BE0D85AAB2B32F
         

Alt 24.04.2012, 12:54   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.04.2012, 11:49   #23
Broid
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Hallo,

hat ein bißl gedauert, hier nun aber die drei Scans:

GMER:
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-04-30 10:12:47
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3320820AS rev.3.AAD
Running: xdopzmku.exe; Driver: C:\Users\Matthias\AppData\Local\Temp\fxddqkow.sys


---- System - GMER 1.0.15 ----

SSDT            90DD0BA6                                                                                                                      ZwCreateSection
SSDT            90DD0BB0                                                                                                                      ZwRequestWaitReplyPort
SSDT            90DD0BAB                                                                                                                      ZwSetContextThread
SSDT            90DD0BB5                                                                                                                      ZwSetSecurityObject
SSDT            90DD0BBA                                                                                                                      ZwSystemDebugControl
SSDT            90DD0B47                                                                                                                      ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKey + 13C1                                                                                                 82E48359 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                        82E81D52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 11F7                                                                                           82E88ECC 4 Bytes  [A6, 0B, DD, 90] {CMPSB ; OR EBX, EBP; NOP }
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1553                                                                                           82E89228 4 Bytes  [B0, 0B, DD, 90]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1597                                                                                           82E8926C 4 Bytes  [AB, 0B, DD, 90] {STOSD ; OR EBX, EBP; NOP }
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1613                                                                                           82E892E8 4 Bytes  [B5, 0B, DD, 90]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1667                                                                                           82E8933C 4 Bytes  [BA, 0B, DD, 90]
.text           ...                                                                                                                           
.vmp2           C:\Windows\system32\drivers\acedrv11.sys                                                                                      entry point in ".vmp2" section [0x9D9E469D]
.text           C:\Windows\system32\DRIVERS\atksgt.sys                                                                                        section is writeable [0x9F800300, 0x3B6D8, 0xE8000020]
.text           C:\Windows\system32\DRIVERS\lirsgt.sys                                                                                        section is writeable [0x9F843300, 0x1BEE, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                               [73E02437] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                          [73DE5600] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                         [73DE56BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                [73E024B2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                      [73DF8514] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                        [73DF4CC8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                       [73DF506F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                      [73DF5144] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]                             [73DF6671] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                       [73DF826B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                  [73DF87BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                [73DF901B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                      [73DFE1BE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[1780] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                          [73DF4BFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume6                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume7                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume8                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\ACPI_HAL \Device\0000004b                                                                                             halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume9                                                                                        fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \FileSystem\fastfat \Fat                                                                                                      fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ffwp\OpenWithProgids@Lucom GmbH.FormsForWeb\xae Filler 3.1  

---- EOF - GMER 1.0.15 ----
         
OSAM:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 12:44:56 on 30.04.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 11.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"SAT-1 30-04-2012 20-07-00 Der letzte Bulle.job" - ? - C:\Program Files\DVBViewer\Scheduler.exe
"SAT-1 30-04-2012 20-09-00 Der letzte Bulle.job" - ? - C:\Program Files\DVBViewer\Scheduler.exe
"ZDF (deu) 01-05-2012 01-43-00 Lewis.job" - ? - C:\Program Files\DVBViewer\Scheduler.exe
"ZDF (deu) 01-05-2012 01-45-00 Lewis.job" - ? - C:\Program Files\DVBViewer\Scheduler.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"CplMCDec.cpl" - "MainConcept AG" - C:\Windows\system32\CplMCDec.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"ISUSPM.cpl" - "InstallShield Software Corporation" - C:\Windows\system32\ISUSPM.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl
"RTSndMgr.cpl" - "Realtek Semiconductor Corp." - C:\Windows\system32\RTSndMgr.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Adobe Version Cue CS3" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.cpl
"CplMCDec" - "MainConcept AG" - C:\Windows\System32\CplMCDec.cpl
"CplMCDec_x86" - ? - C:\Windows\SysWOW64\CplMCDec.cpl  (File not found)
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"acedrv11" (acedrv11) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv11.sys
"aswMBR" (aswMBR) - ? - C:\Users\Matthias\AppData\Local\Temp\aswMBR.sys  (Hidden registry entry, rootkit activity | File not found)
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\Matthias\AppData\Local\Temp\catchme.sys  (File not found)
"dgderdrv" (dgderdrv) - ? - C:\Windows\System32\drivers\dgderdrv.sys  (File not found)
"FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS  (File found, but it contains no detailed information)
"fxddqkow" (fxddqkow) - ? - C:\Users\Matthias\AppData\Local\Temp\fxddqkow.sys  (Hidden registry entry, rootkit activity | File not found)
"Huawei DataCard USB Modem and USB Serial" (hwdatacard) - ? - C:\Windows\System32\DRIVERS\ewusbmdm.sys  (File not found)
"Huawei DataCard USB PNP Device" (hwusbdev) - ? - C:\Windows\System32\DRIVERS\ewusbdev.sys  (File not found)
"HUAWEI USB-NDIS miniport" (ewusbnet) - ? - C:\Windows\System32\DRIVERS\ewusbnet.sys  (File not found)
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"NetGroup Packet Filter Driver" (NPF) - "CACE Technologies, Inc." - C:\Windows\System32\drivers\npf.sys
"Padus ASPI Shell" (pfc) - "Padus, Inc." - C:\Windows\System32\drivers\pfc.sys
"PCCS Mode Change Filter Driver" (pccsmcfd) - ? - C:\Windows\System32\DRIVERS\pccsmcfd.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - "Realtek Semiconductor Corp." - C:\Windows\System32\drivers\RTKVHDA.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"TerraTec H5 Capture service" (USB28xxBGA) - "eMPIA Technology, Inc." - C:\Windows\System32\DRIVERS\emBDA.sys
"TerraTec H5 OEM service" (USB28xxOEM) - "eMPIA Technology, Inc." - C:\Windows\System32\DRIVERS\emOEM.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Program Files\DVR-Studio HD 2\Filters\mmfinfo.dll  (File found, but it contains no detailed information)
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll
{89C76D3A-6B6A-4CC5-A237-42D617C12896} "DVBViewer Recordings Property Handler" - "CM & V" - C:\PROGRA~1\COMMON~1\DVBVIE~1\DVBVPR~1.DLL
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Program Files\DVR-Studio HD 2\Filters\mmfinfo.dll  (File found, but it contains no detailed information)
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Program Files\DVR-Studio HD 2\Filters\mmfinfo.dll  (File found, but it contains no detailed information)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Program Files\DVR-Studio HD 2\Filters\mmfinfo.dll  (File found, but it contains no detailed information)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{7020EDF4-B454-4814-9AA4-1D604D3F1417} "TraXExCM" - ? - C:\PROGRA~1\TraXEx\INTEGR~1\TraXExCM.dll  (File not found)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
<binary data> "Grab Pro" - ? - C:\Program Files\Orbitdownloader\GrabPro.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
"ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
<binary data> "Grab Pro" - ? - C:\Program Files\Orbitdownloader\GrabPro.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll
{000123B4-9B42-4900-B3F7-F4B073EFC214} "Octh Class" - "Orbitdownloader.com" - C:\Program Files\Orbitdownloader\orbitcth.dll
{2B171655-A69C-5c18-B693-6CB5DC269D44} "Open FVD Suite Toolbar" - "www.flashvideodownloader.org/fvd-suite/" - C:\Program Files\FVD Suite\addons\IE\FVDToolbar.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"FRITZ!DSL Startcenter.lnk" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\StCenter.exe  (Shortcut exists | File exists)
"Inhaltsmanager-Assistent für PlayStation(R).lnk" - "Sony Computer Entertainment Inc." - C:\Program Files\Sony\Content Manager Assistant\CMA.exe  (Shortcut exists | File exists)
"NETGEAR WG111v2 Smart Wizard.lnk" - ? - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"MobileDocuments" - "Apple Inc." - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acrobat Assistant 8.0" - "Adobe Systems Inc." - "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"LanguageShortcut" - ? - "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
"NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"RoxWatchTray" - "Sonic Solutions" - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
"RtHDVCpl" - "Realtek Semiconductor" - RtHDVCpl.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Adobe PDF Port" - "Adobe Systems Incorporated." - C:\Windows\system32\AdobePDF.dll
"KM Language Monitor" - "KYOCERA MITA Corporation" - C:\Windows\system32\KMPJLMN.DLL
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Adobe Version Cue CS3 {de_DE} " (Adobe Version Cue CS3) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
"AOL Connectivity Service" (AOL ACS) - "AOL LLC" - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
"Automatisches LiveUpdate - Scheduler" (Automatisches LiveUpdate - Scheduler) - ? - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"  (File not found)
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"AVM IGD CTRL Service" (IGDCTRL) - "AVM Berlin" - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"Freemake Improver" (Freemake Improver) - "Freemake" - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
"NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Palm Novacom" (NovacomD) - "Palm" - C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
"Remote Packet Capture Protocol v.0 (experimental)" (rpcapd) - "CACE Technologies, Inc." - C:\Program Files\WinPcap\rpcapd.exe
"Roxio Hard Drive Watcher 9" (RoxWatch9) - "Sonic Solutions" - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
"RoxMediaDB9" (RoxMediaDB9) - "Sonic Solutions" - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe
"Splashtop Software Updater Service" (SSUService) - "Splashtop Inc." - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
"Splashtop® Remote Service" (SplashtopRemoteService) - "Splashtop Inc." - C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
"SrvCDEject" (SrvCDEject) - ? - C:\Program Files\Packard Bell\SrvCDEject.exe  (File found, but it contains no detailed information)
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
         
aswMBR
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-30 10:14:10
-----------------------------
10:14:10.482    OS Version: Windows 6.1.7601 Service Pack 1
10:14:10.482    Number of processors: 2 586 0xF02
10:14:10.483    ComputerName: MATTHIAS-PC  UserName: Matthias
10:14:11.039    Initialize success
10:15:14.772    AVAST engine defs: 12042901
10:16:08.327    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:16:08.327    Disk 0 Vendor: ST3320820AS 3.AAD Size: 305245MB BusType: 3
10:16:08.342    Disk 0 MBR read successfully
10:16:08.342    Disk 0 MBR scan
10:16:08.358    Disk 0 Windows 7 default MBR code
10:16:08.452    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS         8192 MB offset 2048
10:16:08.467    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        73661 MB offset 16779264
10:16:08.483    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       149388 MB offset 167638275
10:16:08.483    Disk 0 Partition - 00     0F Extended LBA             74000 MB offset 473587712
10:16:08.514    Disk 0 Partition - 00     05     Extended             73999 MB offset 473589759
10:16:08.530    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS        73999 MB offset 473589760
10:16:08.545    Disk 0 scanning sectors +625139712
10:16:08.827    Disk 0 scanning C:\Windows\system32\drivers
10:17:00.389    Service scanning
10:17:25.805    Modules scanning
10:18:33.080    Disk 0 trace - called modules:
10:18:33.095    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS viaide.sys PCIIDEX.SYS atapi.sys 
10:18:33.095    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86580030]
10:18:33.111    3 CLASSPNP.SYS[8b5a259e] -> nt!IofCallDriver -> [0x864ae328]
10:18:33.111    5 ACPI.sys[83abc3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x857bd908]
10:18:33.470    AVAST engine scan C:\Windows
10:18:44.347    AVAST engine scan C:\Windows\system32
10:22:11.439    AVAST engine scan C:\Windows\system32\drivers
10:22:34.489    AVAST engine scan C:\Users\Matthias
10:50:42.749    AVAST engine scan C:\ProgramData
10:56:34.186    Scan finished successfully
12:18:00.308    Disk 0 MBR has been saved successfully to "C:\Users\Matthias\Desktop\MBR.dat"
12:18:00.308    The log file has been saved successfully to "C:\Users\Matthias\Desktop\aswMBR.txt"
         
Liebe Grüße,

Broid

Alt 30.04.2012, 12:51   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.05.2012, 10:38   #25
Broid
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



So, geschafft. Endlich die Zeit gefunden, beide Scans durchzuführen. Hier die Ergebnisse:

Malewarebytes
Code:
ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.03.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Matthias :: MATTHIAS-PC [Administrator]

03.05.2012 19:13:58
mbam-log-2012-05-03 (19-13-58).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 428637
Laufzeit: 2 Stunde(n), 13 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
SuperAntiSpyware
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/05/2012 at 11:31 AM

Application Version : 5.0.1148

Core Rules Database Version : 8560
Trace Rules Database Version: 6372

Scan type       : Complete Scan
Total Scan Time : 01:48:24

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 780
Memory threats detected   : 0
Registry items scanned    : 39310
Registry threats detected : 0
File items scanned        : 189454
File threats detected     : 199

Adware.Tracking Cookie
	C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Cookies\7S1NSZKI.txt [ /mediaplex.com ]
	C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Cookies\5SSQV8OZ.txt [ /apmebf.com ]
	C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Cookies\G4RP6QW9.txt [ /tracking.quisma.com ]
	C:\USERS\MATTHIAS\Cookies\7S1NSZKI.txt [ Cookie:matthias@mediaplex.com/ ]
	C:\USERS\MATTHIAS\Cookies\5SSQV8OZ.txt [ Cookie:matthias@apmebf.com/ ]
	C:\USERS\MATTHIAS\Cookies\G4RP6QW9.txt [ Cookie:matthias@tracking.quisma.com/ ]
	delivery.ibanner.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\74FBR4VJ ]
	s0.2mdn.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\74FBR4VJ ]
	.questionmarket.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AVWFLS0H.DEFAULT\COOKIES.SQLITE ]
	.komtrack.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.richmedia.yahoo.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.ads.quartermedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tto2.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adinterax.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adinterax.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.discount24.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www9.discount24.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	a2.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	fr.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	fr.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	advertiser.contextmatters.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	server.cpmstar.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ads3.exp.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ads.gamingmedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adsrv.admediate.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adsrv.admediate.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	free-toplisten.at [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.free-toplisten.at [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.4stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.stats.paypal.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	fr.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	fr.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adserver.mmoga.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euroclick.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adultadworld.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adultadworld.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.shopica.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.chitika.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ads2.tuningsuche.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	zbox.zanox.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ads.gamingmedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.game-advertising-online.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ads3.net2day.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ads3.net2day.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ads3.net2day.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.highfi-stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.highfi-stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adserver.xboxuser.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.discount24.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.discount24.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.performance-adserver.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.himedia.individuad.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adsystem.netcomposer-nc04.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	optimize.indieclick.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.mynortonaccount.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.mynortonaccount.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	eas4.emediate.eu [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	1xxx.cqcounter.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.webstats4u.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.3gnet.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	stats.sevenmac.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.4stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	keyword-advertising.web.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	keyword-advertising.web.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	keyword-advertising.web.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	a7.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	dfb.stats.yum.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.multimediaxis.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.multimediaxis.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	a6.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ads.gamingmedia.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.media.photobucket.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.4stats.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.euros4click.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.medialand.ru [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.medialand.ru [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.medialand.ru [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	track.webtrekk.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	a3.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.kalypsomedia.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.kalypsomedia.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adserver.sevenload.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adserver.yopi.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	a7.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	a7.adserver01.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	keyword-advertising.web.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.mindshare.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adlegend.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adviva.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	cdn5.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	cdn5.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.iacas.adbureau.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.iacas.adbureau.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.content.yieldmanager.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	media.adrevolver.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	banner.slashcam.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]
	adserver.traffictrack.de [ C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YJHXRHZA.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-ImageDocFake
	F:\ASGLOBE\AS120\BUECHER\PERSONEN\IMAGE789.JPG

Trojan.Agent/Gen-Bancos
	C:\DVBDREAM\DEVICES\BDA_ALL.DEV
         

Alt 06.05.2012, 18:10   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Sieht ok aus, da wurden nur Cookies gefunden und zwei Fehlalarme waren bei SUPERAntiSpyware da noch
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )


Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.05.2012, 18:24   #27
Broid
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Ja, ich denke, es ist nun alles in Ordnung. Und nein, es gibt keine weiteren Probleme.

Danke sehr, für die sehr ausführliche Betreung. Wahnsinn!!



LG,

Broid

Alt 07.05.2012, 19:31   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spam-Versand über meinen Yahoo-Account - Standard

Spam-Versand über meinen Yahoo-Account



Dann wären wir durch!

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.


Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.


Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:

Adobe - Andere Version des Adobe Flash Player installieren

Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Spam-Versand über meinen Yahoo-Account
adresse, adressen, angemeldet, anleitung, antivirus, avira, checken, durchgeführt, ergebnis, file, free, interne, internet, laufen, passwort, sauber, schließe, spam-mails, spam-versand, system, sämtliche, touchpad, versand, verändert, virenscaner, wirklich, würde



Ähnliche Themen: Spam-Versand über meinen Yahoo-Account


  1. Nach Mailbox-Einbruch massiver Spam-Versand über gefakte Mails
    Überwachung, Datenschutz und Spam - 09.11.2015 (0)
  2. Spam Mail vom eigenen Yahoo Account erhalten - Account gehackt?
    Log-Analyse und Auswertung - 28.08.2015 (8)
  3. Spam-Versand unter meinem Namen - aber nicht über mein Account!
    Plagegeister aller Art und deren Bekämpfung - 25.08.2015 (24)
  4. Spam-Versand unter meinem Namen - aber nicht über mein Account!
    Plagegeister aller Art und deren Bekämpfung - 24.08.2015 (1)
  5. WIN 7: Keylogger? (verschickt Spam-Emails über meinen Account)
    Log-Analyse und Auswertung - 02.05.2015 (27)
  6. Spammail Versandt durch meinen Yahoo Account
    Überwachung, Datenschutz und Spam - 04.08.2014 (2)
  7. Spam-Mails vom Yahoo-Account
    Plagegeister aller Art und deren Bekämpfung - 26.07.2014 (13)
  8. Nettes Schreiben vom Internetprovider: Spam Versand von meinem Account
    Plagegeister aller Art und deren Bekämpfung - 15.05.2014 (9)
  9. Spam Versand über Outlook (AOL)
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (5)
  10. Spam-Versand über gehackte GMX-Konten
    Nachrichten - 10.07.2012 (0)
  11. Yahoo-Account versendet Spam-Links
    Log-Analyse und Auswertung - 28.06.2012 (2)
  12. Über meinen GMX Account werden Spam E-Mails verschickt
    Plagegeister aller Art und deren Bekämpfung - 08.05.2012 (1)
  13. Spam wird über meinen yahoo Account verschickt
    Log-Analyse und Auswertung - 25.01.2012 (10)
  14. Windows Mail verschickt Spam-Mails über meinen Account
    Plagegeister aller Art und deren Bekämpfung - 19.10.2011 (26)
  15. Spam-Versand von GMail-Account
    Log-Analyse und Auswertung - 13.05.2011 (21)
  16. Spam über Yahoo-Account und >Trojan.Dropper-27335< auf dem Mac - 2Probleme-1Ursache?
    Alles rund um Mac OSX & Linux - 11.02.2011 (3)
  17. Extrem zugemüllter PC, Spam-Versand über gespeicherte Mailadresse
    Log-Analyse und Auswertung - 02.10.2010 (1)

Zum Thema Spam-Versand über meinen Yahoo-Account - Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis : Bitte den Virenscanner abstellen bevor du den - Spam-Versand über meinen Yahoo-Account...
Archiv
Du betrachtest: Spam-Versand über meinen Yahoo-Account auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.