| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Antivir Warnungen aber ohne Fund/mpnrs.comWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
24.05.2012, 21:56
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Antivir Warnungen aber ohne Fund/mpnrs.com Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.05.2012, 16:10
| #2 |
 | Antivir Warnungen aber ohne Fund/mpnrs.comCode:
ATTFilter 17:00:57.0697 5192 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
17:00:57.0790 5192 ============================================================
17:00:57.0790 5192 Current date / time: 2012/05/25 17:00:57.0790
17:00:57.0790 5192 SystemInfo:
17:00:57.0790 5192
17:00:57.0790 5192 OS Version: 6.1.7601 ServicePack: 1.0
17:00:57.0790 5192 Product type: Workstation
17:00:57.0790 5192 ComputerName: MeinPC
17:00:57.0790 5192 UserName: MeinName
17:00:57.0790 5192 Windows directory: C:\Windows
17:00:57.0790 5192 System windows directory: C:\Windows
17:00:57.0790 5192 Running under WOW64
17:00:57.0790 5192 Processor architecture: Intel x64
17:00:57.0790 5192 Number of processors: 4
17:00:57.0790 5192 Page size: 0x1000
17:00:57.0790 5192 Boot type: Normal boot
17:00:57.0790 5192 ============================================================
17:00:59.0085 5192 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:00:59.0101 5192 ============================================================
17:00:59.0101 5192 \Device\Harddisk0\DR0:
17:00:59.0101 5192 MBR partitions:
17:00:59.0101 5192 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C5E800, BlocksNum 0x2E935000
17:00:59.0101 5192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x30593800, BlocksNum 0x44172800
17:00:59.0101 5192 ============================================================
17:00:59.0147 5192 C: <-> \Device\Harddisk0\DR0\Partition0
17:00:59.0179 5192 D: <-> \Device\Harddisk0\DR0\Partition1
17:00:59.0179 5192 ============================================================
17:00:59.0179 5192 Initialize success
17:00:59.0179 5192 ============================================================
17:07:33.0981 5512 ============================================================
17:07:33.0981 5512 Scan started
17:07:33.0981 5512 Mode: Manual; SigCheck; TDLFS;
17:07:33.0981 5512 ============================================================
17:07:35.0697 5512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:07:35.0838 5512 1394ohci - ok
17:07:35.0916 5512 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:07:35.0978 5512 ACDaemon - ok
17:07:35.0994 5512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:07:36.0025 5512 ACPI - ok
17:07:36.0025 5512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:07:36.0087 5512 AcpiPmi - ok
17:07:36.0134 5512 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:07:36.0150 5512 AdobeARMservice - ok
17:07:36.0259 5512 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:07:36.0275 5512 AdobeFlashPlayerUpdateSvc - ok
17:07:36.0306 5512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:07:36.0353 5512 adp94xx - ok
17:07:36.0384 5512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:07:36.0399 5512 adpahci - ok
17:07:36.0415 5512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:07:36.0431 5512 adpu320 - ok
17:07:36.0477 5512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:07:36.0555 5512 AeLookupSvc - ok
17:07:36.0602 5512 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
17:07:36.0618 5512 Afc - ok
17:07:36.0665 5512 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:07:36.0711 5512 AFD - ok
17:07:36.0727 5512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:07:36.0743 5512 agp440 - ok
17:07:36.0758 5512 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:07:36.0789 5512 ALG - ok
17:07:36.0821 5512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:07:36.0836 5512 aliide - ok
17:07:36.0852 5512 AMD External Events Utility (310f88a93c3b02e3d1f906fb57b9e01e) C:\Windows\system32\atiesrxx.exe
17:07:36.0930 5512 AMD External Events Utility - ok
17:07:36.0992 5512 AMD FUEL Service - ok
17:07:37.0023 5512 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\Windows\system32\DRIVERS\amdhub30.sys
17:07:37.0039 5512 amdhub30 - ok
17:07:37.0055 5512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:07:37.0070 5512 amdide - ok
17:07:37.0086 5512 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\drivers\amdiox64.sys
17:07:37.0101 5512 amdiox64 - ok
17:07:37.0117 5512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:07:37.0179 5512 AmdK8 - ok
17:07:37.0538 5512 amdkmdag (62ddf55680f8c53e4b8dde4189ada0b8) C:\Windows\system32\DRIVERS\atikmdag.sys
17:07:37.0741 5512 amdkmdag - ok
17:07:37.0866 5512 amdkmdap (51f027dffedfb8d763fabffa06b56e6d) C:\Windows\system32\DRIVERS\atikmpag.sys
17:07:37.0913 5512 amdkmdap - ok
17:07:37.0913 5512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:07:37.0944 5512 AmdPPM - ok
17:07:37.0959 5512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:07:37.0975 5512 amdsata - ok
17:07:38.0006 5512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:07:38.0022 5512 amdsbs - ok
17:07:38.0022 5512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:07:38.0037 5512 amdxata - ok
17:07:38.0053 5512 amdxhc (321533578132c811ec834a1b741c994c) C:\Windows\system32\drivers\amdxhc.sys
17:07:38.0069 5512 amdxhc - ok
17:07:38.0131 5512 AMD_RAIDXpert (0d0c13dd91f0c49814f314b78e21c6b9) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
17:07:38.0147 5512 AMD_RAIDXpert - ok
17:07:38.0209 5512 Amsp (e8494519bcb9e3b1b72e5604993a76e3) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
17:07:38.0240 5512 Amsp - ok
17:07:38.0318 5512 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:07:38.0334 5512 AntiVirSchedulerService - ok
17:07:38.0381 5512 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:07:38.0412 5512 AntiVirService - ok
17:07:38.0427 5512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:07:38.0583 5512 AppID - ok
17:07:38.0599 5512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:07:38.0646 5512 AppIDSvc - ok
17:07:38.0646 5512 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:07:38.0693 5512 Appinfo - ok
17:07:38.0708 5512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:07:38.0724 5512 arc - ok
17:07:38.0739 5512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:07:38.0739 5512 arcsas - ok
17:07:38.0833 5512 asComSvc (6e3f4538b33bc19259e99be1826286a3) C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
17:07:38.0864 5512 asComSvc - ok
17:07:38.0911 5512 asHmComSvc (a63173897ea1a73a75d0e65036de5b15) C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
17:07:38.0942 5512 asHmComSvc - ok
17:07:39.0036 5512 ASInsHelp (edaa17ce771c696655b6585f7cad2100) C:\Windows\SysWow64\drivers\AsInsHelp64.sys
17:07:39.0051 5512 ASInsHelp - ok
17:07:39.0067 5512 AsIO (fef9dd9ea587f8886ade43c1befbdafe) C:\Windows\syswow64\drivers\AsIO.sys
17:07:39.0083 5512 AsIO - ok
17:07:39.0145 5512 AsSysCtrlService (5c31dfb196cb3a488a041881634d86d2) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
17:07:39.0176 5512 AsSysCtrlService - ok
17:07:39.0192 5512 AsUpIO (1392b92179b07b672720763d9b1028a5) C:\Windows\syswow64\drivers\AsUpIO.sys
17:07:39.0207 5512 AsUpIO - ok
17:07:39.0270 5512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:07:39.0348 5512 AsyncMac - ok
17:07:39.0363 5512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:07:39.0379 5512 atapi - ok
17:07:39.0441 5512 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
17:07:39.0457 5512 AtiHDAudioService - ok
17:07:39.0504 5512 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:07:39.0551 5512 AudioEndpointBuilder - ok
17:07:39.0566 5512 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:07:39.0597 5512 AudioSrv - ok
17:07:39.0660 5512 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
17:07:39.0691 5512 avgntflt - ok
17:07:39.0722 5512 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
17:07:39.0738 5512 avipbb - ok
17:07:39.0753 5512 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
17:07:39.0769 5512 avkmgr - ok
17:07:39.0800 5512 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:07:39.0847 5512 AxInstSV - ok
17:07:39.0894 5512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:07:39.0972 5512 b06bdrv - ok
17:07:40.0003 5512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:07:40.0034 5512 b57nd60a - ok
17:07:40.0112 5512 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:07:40.0143 5512 BBSvc - ok
17:07:40.0159 5512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:07:40.0175 5512 BDESVC - ok
17:07:40.0206 5512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:07:40.0237 5512 Beep - ok
17:07:40.0315 5512 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:07:40.0362 5512 BFE - ok
17:07:40.0424 5512 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:07:40.0502 5512 BITS - ok
17:07:40.0549 5512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:07:40.0580 5512 blbdrive - ok
17:07:40.0643 5512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:07:40.0705 5512 bowser - ok
17:07:40.0721 5512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:07:40.0752 5512 BrFiltLo - ok
17:07:40.0752 5512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:07:40.0783 5512 BrFiltUp - ok
17:07:40.0799 5512 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:07:40.0861 5512 Browser - ok
17:07:40.0892 5512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:07:40.0923 5512 Brserid - ok
17:07:40.0939 5512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:07:40.0955 5512 BrSerWdm - ok
17:07:40.0970 5512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:07:40.0986 5512 BrUsbMdm - ok
17:07:41.0001 5512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:07:41.0017 5512 BrUsbSer - ok
17:07:41.0048 5512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:07:41.0064 5512 BTHMODEM - ok
17:07:41.0079 5512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:07:41.0111 5512 bthserv - ok
17:07:41.0126 5512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:07:41.0173 5512 cdfs - ok
17:07:41.0204 5512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:07:41.0235 5512 cdrom - ok
17:07:41.0251 5512 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:07:41.0282 5512 CertPropSvc - ok
17:07:41.0298 5512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:07:41.0313 5512 circlass - ok
17:07:41.0329 5512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:07:41.0360 5512 CLFS - ok
17:07:41.0423 5512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:07:41.0454 5512 clr_optimization_v2.0.50727_32 - ok
17:07:41.0501 5512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:07:41.0532 5512 clr_optimization_v2.0.50727_64 - ok
17:07:41.0579 5512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:07:41.0594 5512 clr_optimization_v4.0.30319_32 - ok
17:07:41.0625 5512 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:07:41.0641 5512 clr_optimization_v4.0.30319_64 - ok
17:07:41.0657 5512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:07:41.0688 5512 CmBatt - ok
17:07:41.0688 5512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:07:41.0703 5512 cmdide - ok
17:07:41.0750 5512 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:07:41.0781 5512 CNG - ok
17:07:41.0797 5512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:07:41.0813 5512 Compbatt - ok
17:07:41.0828 5512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:07:41.0859 5512 CompositeBus - ok
17:07:41.0859 5512 COMSysApp - ok
17:07:41.0875 5512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:07:41.0891 5512 crcdisk - ok
17:07:41.0906 5512 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:07:41.0937 5512 CryptSvc - ok
17:07:41.0969 5512 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:07:42.0031 5512 DcomLaunch - ok
17:07:42.0078 5512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:07:42.0140 5512 defragsvc - ok
17:07:42.0203 5512 Device Handle Service (0a403702cb00432ac818523cd416bf67) C:\Windows\SysWOW64\AsHookDevice.exe
17:07:42.0218 5512 Device Handle Service - ok
17:07:42.0249 5512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:07:42.0312 5512 DfsC - ok
17:07:42.0343 5512 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:07:42.0390 5512 Dhcp - ok
17:07:42.0405 5512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:07:42.0452 5512 discache - ok
17:07:42.0452 5512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:07:42.0468 5512 Disk - ok
17:07:42.0483 5512 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:07:42.0530 5512 Dnscache - ok
17:07:42.0561 5512 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:07:42.0608 5512 dot3svc - ok
17:07:42.0639 5512 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:07:42.0671 5512 DPS - ok
17:07:42.0702 5512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:07:42.0717 5512 drmkaud - ok
17:07:42.0764 5512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:07:42.0780 5512 DXGKrnl - ok
17:07:42.0811 5512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:07:42.0858 5512 EapHost - ok
17:07:43.0014 5512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:07:43.0139 5512 ebdrv - ok
17:07:43.0232 5512 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:07:43.0263 5512 EFS - ok
17:07:43.0357 5512 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:07:43.0451 5512 ehRecvr - ok
17:07:43.0466 5512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:07:43.0497 5512 ehSched - ok
17:07:43.0560 5512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:07:43.0607 5512 elxstor - ok
17:07:43.0622 5512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:07:43.0638 5512 ErrDev - ok
17:07:43.0685 5512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:07:43.0731 5512 EventSystem - ok
17:07:43.0778 5512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:07:43.0841 5512 exfat - ok
17:07:43.0919 5512 Fabs - ok
17:07:43.0950 5512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:07:44.0028 5512 fastfat - ok
17:07:44.0090 5512 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:07:44.0121 5512 Fax - ok
17:07:44.0137 5512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:07:44.0184 5512 fdc - ok
17:07:44.0199 5512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:07:44.0246 5512 fdPHost - ok
17:07:44.0277 5512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:07:44.0309 5512 FDResPub - ok
17:07:44.0309 5512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:07:44.0309 5512 FileInfo - ok
17:07:44.0324 5512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:07:44.0371 5512 Filetrace - ok
17:07:44.0527 5512 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
17:07:44.0621 5512 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
17:07:44.0621 5512 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
17:07:44.0699 5512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:07:44.0730 5512 flpydisk - ok
17:07:44.0761 5512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:07:44.0792 5512 FltMgr - ok
17:07:44.0855 5512 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:07:44.0917 5512 FontCache - ok
17:07:44.0964 5512 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:07:44.0995 5512 FontCache3.0.0.0 - ok
17:07:45.0011 5512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:07:45.0026 5512 FsDepends - ok
17:07:45.0057 5512 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
17:07:45.0073 5512 fssfltr - ok
17:07:45.0167 5512 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:07:45.0213 5512 fsssvc - ok
17:07:45.0276 5512 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:07:45.0291 5512 Fs_Rec - ok
17:07:45.0323 5512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:07:45.0338 5512 fvevol - ok
17:07:45.0369 5512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:07:45.0385 5512 gagp30kx - ok
17:07:45.0447 5512 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:07:45.0494 5512 gpsvc - ok
17:07:45.0510 5512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:07:45.0557 5512 hcw85cir - ok
17:07:45.0603 5512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:07:45.0650 5512 HdAudAddService - ok
17:07:45.0666 5512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:07:45.0697 5512 HDAudBus - ok
17:07:45.0713 5512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:07:45.0744 5512 HidBatt - ok
17:07:45.0759 5512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:07:45.0806 5512 HidBth - ok
17:07:45.0822 5512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:07:45.0837 5512 HidIr - ok
17:07:45.0853 5512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:07:45.0900 5512 hidserv - ok
17:07:45.0931 5512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:07:45.0931 5512 HidUsb - ok
17:07:45.0947 5512 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:07:46.0025 5512 hkmsvc - ok
17:07:46.0056 5512 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:07:46.0071 5512 HomeGroupListener - ok
17:07:46.0103 5512 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:07:46.0118 5512 HomeGroupProvider - ok
17:07:46.0149 5512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:07:46.0149 5512 HpSAMD - ok
17:07:46.0212 5512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:07:46.0274 5512 HTTP - ok
17:07:46.0290 5512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:07:46.0305 5512 hwpolicy - ok
17:07:46.0337 5512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:07:46.0352 5512 i8042prt - ok
17:07:46.0383 5512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:07:46.0415 5512 iaStorV - ok
17:07:46.0508 5512 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:07:46.0555 5512 idsvc - ok
17:07:46.0571 5512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:07:46.0586 5512 iirsp - ok
17:07:46.0617 5512 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:07:46.0680 5512 IKEEXT - ok
17:07:46.0711 5512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:07:46.0727 5512 intelide - ok
17:07:46.0727 5512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:07:46.0758 5512 intelppm - ok
17:07:46.0773 5512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:07:46.0805 5512 IPBusEnum - ok
17:07:46.0820 5512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:07:46.0867 5512 IpFilterDriver - ok
17:07:46.0898 5512 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:07:46.0961 5512 iphlpsvc - ok
17:07:46.0976 5512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:07:47.0007 5512 IPMIDRV - ok
17:07:47.0039 5512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:07:47.0101 5512 IPNAT - ok
17:07:47.0101 5512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:07:47.0117 5512 IRENUM - ok
17:07:47.0148 5512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:07:47.0148 5512 isapnp - ok
17:07:47.0179 5512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:07:47.0210 5512 iScsiPrt - ok
17:07:47.0226 5512 IT9135BDA (0c6635413077e415ca31ad2f4e648fc1) C:\Windows\system32\Drivers\IT9135BDA.sys
17:07:47.0273 5512 IT9135BDA - ok
17:07:47.0288 5512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:07:47.0319 5512 kbdclass - ok
17:07:47.0319 5512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:07:47.0335 5512 kbdhid - ok
17:07:47.0351 5512 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:07:47.0366 5512 KeyIso - ok
17:07:47.0382 5512 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:07:47.0397 5512 KSecDD - ok
17:07:47.0413 5512 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:07:47.0429 5512 KSecPkg - ok
17:07:47.0444 5512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:07:47.0491 5512 ksthunk - ok
17:07:47.0522 5512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:07:47.0585 5512 KtmRm - ok
17:07:47.0616 5512 L1C (173666119d217e3739205c169e2bf0e5) C:\Windows\system32\DRIVERS\L1C62x64.sys
17:07:47.0647 5512 L1C - ok
17:07:47.0678 5512 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:07:47.0803 5512 LanmanServer - ok
17:07:47.0834 5512 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:07:47.0881 5512 LanmanWorkstation - ok
17:07:47.0897 5512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:07:47.0928 5512 lltdio - ok
17:07:47.0959 5512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:07:48.0006 5512 lltdsvc - ok
17:07:48.0021 5512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:07:48.0084 5512 lmhosts - ok
17:07:48.0115 5512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:07:48.0131 5512 LSI_FC - ok
17:07:48.0131 5512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:07:48.0146 5512 LSI_SAS - ok
17:07:48.0162 5512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:07:48.0177 5512 LSI_SAS2 - ok
17:07:48.0193 5512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:07:48.0193 5512 LSI_SCSI - ok
17:07:48.0224 5512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:07:48.0255 5512 luafv - ok
17:07:48.0318 5512 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
17:07:48.0349 5512 MBAMProtector - ok
17:07:48.0427 5512 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware (2)\mbamservice.exe
17:07:48.0458 5512 MBAMService - ok
17:07:48.0474 5512 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:07:48.0489 5512 Mcx2Svc - ok
17:07:48.0505 5512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:07:48.0505 5512 megasas - ok
17:07:48.0536 5512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:07:48.0552 5512 MegaSR - ok
17:07:48.0567 5512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:07:48.0645 5512 MMCSS - ok
17:07:48.0677 5512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:07:48.0755 5512 Modem - ok
17:07:48.0786 5512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:07:48.0817 5512 monitor - ok
17:07:48.0833 5512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:07:48.0848 5512 mouclass - ok
17:07:48.0864 5512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:07:48.0895 5512 mouhid - ok
17:07:48.0911 5512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:07:48.0926 5512 mountmgr - ok
17:07:48.0957 5512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:07:48.0973 5512 mpio - ok
17:07:48.0989 5512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:07:49.0035 5512 mpsdrv - ok
17:07:49.0098 5512 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:07:49.0129 5512 MpsSvc - ok
17:07:49.0145 5512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:07:49.0191 5512 MRxDAV - ok
17:07:49.0207 5512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:07:49.0254 5512 mrxsmb - ok
17:07:49.0301 5512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:07:49.0347 5512 mrxsmb10 - ok
17:07:49.0363 5512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:07:49.0379 5512 mrxsmb20 - ok
17:07:49.0394 5512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:07:49.0410 5512 msahci - ok
17:07:49.0410 5512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:07:49.0425 5512 msdsm - ok
17:07:49.0441 5512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:07:49.0457 5512 MSDTC - ok
17:07:49.0472 5512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:07:49.0519 5512 Msfs - ok
17:07:49.0535 5512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:07:49.0566 5512 mshidkmdf - ok
17:07:49.0581 5512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:07:49.0581 5512 msisadrv - ok
17:07:49.0613 5512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:07:49.0659 5512 MSiSCSI - ok
17:07:49.0659 5512 msiserver - ok
17:07:49.0675 5512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:07:49.0706 5512 MSKSSRV - ok
17:07:49.0722 5512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:07:49.0753 5512 MSPCLOCK - ok
17:07:49.0769 5512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:07:49.0784 5512 MSPQM - ok
17:07:49.0831 5512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:07:49.0847 5512 MsRPC - ok
17:07:49.0862 5512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:07:49.0878 5512 mssmbios - ok
17:07:49.0893 5512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:07:49.0925 5512 MSTEE - ok
17:07:49.0940 5512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:07:49.0956 5512 MTConfig - ok
17:07:49.0971 5512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:07:49.0987 5512 Mup - ok
17:07:50.0018 5512 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:07:50.0127 5512 napagent - ok
17:07:50.0174 5512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:07:50.0252 5512 NativeWifiP - ok
17:07:50.0315 5512 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:07:50.0346 5512 NDIS - ok
17:07:50.0377 5512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:07:50.0408 5512 NdisCap - ok
17:07:50.0439 5512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:07:50.0455 5512 NdisTapi - ok
17:07:50.0486 5512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:07:50.0502 5512 Ndisuio - ok
17:07:50.0517 5512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:07:50.0564 5512 NdisWan - ok
17:07:50.0611 5512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:07:50.0673 5512 NDProxy - ok
17:07:50.0720 5512 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
17:07:50.0736 5512 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:07:50.0736 5512 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:07:50.0751 5512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:07:50.0798 5512 NetBIOS - ok
17:07:50.0829 5512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:07:50.0861 5512 NetBT - ok
17:07:50.0892 5512 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:07:50.0907 5512 Netlogon - ok
17:07:50.0954 5512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:07:51.0001 5512 Netman - ok
17:07:51.0032 5512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:07:51.0079 5512 netprofm - ok
17:07:51.0141 5512 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:07:51.0157 5512 NetTcpPortSharing - ok
17:07:51.0188 5512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:07:51.0204 5512 nfrd960 - ok
17:07:51.0235 5512 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:07:51.0282 5512 NlaSvc - ok
17:07:51.0313 5512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:07:51.0344 5512 Npfs - ok
17:07:51.0360 5512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:07:51.0391 5512 nsi - ok
17:07:51.0391 5512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:07:51.0422 5512 nsiproxy - ok
17:07:51.0500 5512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:07:51.0578 5512 Ntfs - ok
17:07:51.0641 5512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:07:51.0703 5512 Null - ok
17:07:51.0719 5512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:07:51.0734 5512 nvraid - ok
17:07:51.0750 5512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:07:51.0765 5512 nvstor - ok
17:07:51.0781 5512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:07:51.0797 5512 nv_agp - ok
17:07:51.0797 5512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:07:51.0828 5512 ohci1394 - ok
17:07:51.0859 5512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:07:51.0906 5512 p2pimsvc - ok
17:07:51.0953 5512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:07:51.0984 5512 p2psvc - ok
17:07:51.0999 5512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:07:52.0015 5512 Parport - ok
17:07:52.0031 5512 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:07:52.0046 5512 partmgr - ok
17:07:52.0077 5512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:07:52.0093 5512 PcaSvc - ok
17:07:52.0109 5512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:07:52.0124 5512 pci - ok
17:07:52.0140 5512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:07:52.0155 5512 pciide - ok
17:07:52.0171 5512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:07:52.0187 5512 pcmcia - ok
17:07:52.0202 5512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:07:52.0218 5512 pcw - ok
17:07:52.0249 5512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:07:52.0327 5512 PEAUTH - ok
17:07:52.0405 5512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:07:52.0436 5512 PerfHost - ok
17:07:52.0545 5512 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:07:52.0623 5512 pla - ok
17:07:52.0655 5512 PLCNDIS5 - ok
17:07:52.0686 5512 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:07:52.0701 5512 PlugPlay - ok
17:07:52.0748 5512 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
17:07:52.0779 5512 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:07:52.0779 5512 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:07:52.0795 5512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:07:52.0826 5512 PNRPAutoReg - ok
17:07:52.0857 5512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:07:52.0889 5512 PNRPsvc - ok
17:07:52.0935 5512 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:07:52.0998 5512 PolicyAgent - ok
17:07:53.0013 5512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:07:53.0045 5512 Power - ok
17:07:53.0091 5512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:07:53.0123 5512 PptpMiniport - ok
17:07:53.0154 5512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:07:53.0185 5512 Processor - ok
17:07:53.0201 5512 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:07:53.0263 5512 ProfSvc - ok
17:07:53.0279 5512 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:07:53.0294 5512 ProtectedStorage - ok
17:07:53.0325 5512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:07:53.0372 5512 Psched - ok
17:07:53.0466 5512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:07:53.0513 5512 ql2300 - ok
17:07:53.0591 5512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:07:53.0622 5512 ql40xx - ok
17:07:53.0637 5512 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:07:53.0669 5512 QWAVE - ok
17:07:53.0684 5512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:07:53.0700 5512 QWAVEdrv - ok
17:07:53.0700 5512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:07:53.0747 5512 RasAcd - ok
17:07:53.0762 5512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:07:53.0793 5512 RasAgileVpn - ok
17:07:53.0809 5512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:07:53.0840 5512 RasAuto - ok
17:07:53.0856 5512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:07:53.0903 5512 Rasl2tp - ok
17:07:53.0934 5512 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:07:53.0981 5512 RasMan - ok
17:07:54.0012 5512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:07:54.0059 5512 RasPppoe - ok
17:07:54.0074 5512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:07:54.0121 5512 RasSstp - ok
17:07:54.0152 5512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:07:54.0183 5512 rdbss - ok
17:07:54.0199 5512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:07:54.0215 5512 rdpbus - ok
17:07:54.0230 5512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:07:54.0277 5512 RDPCDD - ok
17:07:54.0293 5512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:07:54.0339 5512 RDPENCDD - ok
17:07:54.0355 5512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:07:54.0386 5512 RDPREFMP - ok
17:07:54.0417 5512 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:07:54.0449 5512 RDPWD - ok
17:07:54.0480 5512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:07:54.0495 5512 rdyboost - ok
17:07:54.0558 5512 Realtek11nSU (e1a6731867765fbc01b37150aefc00f3) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
17:07:54.0573 5512 Realtek11nSU ( UnsignedFile.Multi.Generic ) - warning
17:07:54.0573 5512 Realtek11nSU - detected UnsignedFile.Multi.Generic (1)
17:07:54.0589 5512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:07:54.0651 5512 RemoteAccess - ok
17:07:54.0683 5512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:07:54.0714 5512 RemoteRegistry - ok
17:07:54.0714 5512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:07:54.0745 5512 RpcEptMapper - ok
17:07:54.0792 5512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:07:54.0823 5512 RpcLocator - ok
17:07:54.0885 5512 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:07:54.0932 5512 RpcSs - ok
17:07:54.0948 5512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:07:54.0995 5512 rspndr - ok
17:07:55.0041 5512 RTL2832UBDA (b88880586acd3edefcd0f9c2a6c1ee27) C:\Windows\system32\drivers\RTL2832UBDA.sys
17:07:55.0057 5512 RTL2832UBDA - ok
17:07:55.0088 5512 RTL2832UUSB (4c04300ee6a5e780fd4e2f0806aeca0e) C:\Windows\system32\Drivers\RTL2832UUSB.sys
17:07:55.0104 5512 RTL2832UUSB - ok
17:07:55.0119 5512 RTL2832U_IRHID (19faa5e7cf3d5263f4e79450a03e50ca) C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
17:07:55.0135 5512 RTL2832U_IRHID - ok
17:07:55.0182 5512 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
17:07:55.0213 5512 RTL8192su - ok
17:07:55.0244 5512 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:07:55.0244 5512 SamSs - ok
17:07:55.0260 5512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:07:55.0275 5512 sbp2port - ok
17:07:55.0307 5512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:07:55.0353 5512 SCardSvr - ok
17:07:55.0353 5512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:07:55.0385 5512 scfilter - ok
17:07:55.0447 5512 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:07:55.0509 5512 Schedule - ok
17:07:55.0525 5512 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:07:55.0556 5512 SCPolicySvc - ok
17:07:55.0587 5512 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:07:55.0603 5512 SDRSVC - ok
17:07:55.0681 5512 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:07:55.0712 5512 SeaPort - ok
17:07:55.0743 5512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:07:55.0790 5512 secdrv - ok
17:07:55.0806 5512 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:07:55.0853 5512 seclogon - ok
17:07:55.0853 5512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:07:55.0899 5512 SENS - ok
17:07:55.0899 5512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:07:55.0946 5512 SensrSvc - ok
17:07:55.0962 5512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:07:55.0977 5512 Serenum - ok
17:07:55.0993 5512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:07:56.0024 5512 Serial - ok
17:07:56.0055 5512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:07:56.0087 5512 sermouse - ok
17:07:56.0118 5512 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:07:56.0165 5512 SessionEnv - ok
17:07:56.0180 5512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:07:56.0196 5512 sffdisk - ok
17:07:56.0211 5512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:07:56.0227 5512 sffp_mmc - ok
17:07:56.0243 5512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:07:56.0274 5512 sffp_sd - ok
17:07:56.0289 5512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:07:56.0305 5512 sfloppy - ok
17:07:56.0352 5512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:07:56.0399 5512 SharedAccess - ok
17:07:56.0430 5512 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:07:56.0477 5512 ShellHWDetection - ok
17:07:56.0508 5512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:07:56.0508 5512 SiSRaid2 - ok
17:07:56.0523 5512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:07:56.0539 5512 SiSRaid4 - ok
17:07:56.0570 5512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:07:56.0617 5512 Smb - ok
17:07:56.0648 5512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:07:56.0679 5512 SNMPTRAP - ok
17:07:56.0711 5512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:07:56.0711 5512 spldr - ok
17:07:56.0757 5512 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:07:56.0789 5512 Spooler - ok
17:07:56.0960 5512 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:07:57.0101 5512 sppsvc - ok
17:07:57.0179 5512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:07:57.0241 5512 sppuinotify - ok
17:07:57.0288 5512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:07:57.0335 5512 srv - ok
17:07:57.0366 5512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:07:57.0413 5512 srv2 - ok
17:07:57.0428 5512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:07:57.0459 5512 srvnet - ok
17:07:57.0491 5512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:07:57.0553 5512 SSDPSRV - ok
17:07:57.0569 5512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:07:57.0600 5512 SstpSvc - ok
17:07:57.0615 5512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:07:57.0631 5512 stexstor - ok
17:07:57.0678 5512 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:07:57.0725 5512 stisvc - ok
17:07:57.0725 5512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:07:57.0740 5512 swenum - ok
17:07:57.0771 5512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:07:57.0849 5512 swprv - ok
17:07:57.0943 5512 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:07:57.0990 5512 SysMain - ok
17:07:58.0037 5512 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:07:58.0052 5512 TabletInputService - ok
17:07:58.0083 5512 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:07:58.0146 5512 TapiSrv - ok
17:07:58.0161 5512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:07:58.0193 5512 TBS - ok
17:07:58.0317 5512 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:07:58.0395 5512 Tcpip - ok
17:07:58.0536 5512 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:07:58.0567 5512 TCPIP6 - ok
17:07:58.0614 5512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:07:58.0661 5512 tcpipreg - ok
17:07:58.0676 5512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:07:58.0707 5512 TDPIPE - ok
17:07:58.0739 5512 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:07:58.0754 5512 TDTCP - ok
17:07:58.0785 5512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:07:58.0817 5512 tdx - ok
17:07:58.0832 5512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:07:58.0848 5512 TermDD - ok
17:07:58.0879 5512 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:07:58.0941 5512 TermService - ok
17:07:58.0957 5512 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:07:58.0973 5512 Themes - ok
17:07:59.0004 5512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:07:59.0035 5512 THREADORDER - ok
17:07:59.0082 5512 TiMiniService (69d76ce06bb629b69165c81d83a4b03e) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
17:07:59.0113 5512 TiMiniService - ok
17:07:59.0144 5512 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
17:07:59.0160 5512 tmactmon - ok
17:07:59.0175 5512 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
17:07:59.0191 5512 tmcomm - ok
17:07:59.0191 5512 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
17:07:59.0207 5512 tmevtmgr - ok
17:07:59.0238 5512 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
17:07:59.0238 5512 tmtdi - ok
17:07:59.0253 5512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:07:59.0285 5512 TrkWks - ok
17:07:59.0331 5512 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:07:59.0363 5512 TrustedInstaller - ok
17:07:59.0363 5512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:07:59.0409 5512 tssecsrv - ok
17:07:59.0441 5512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:07:59.0472 5512 TsUsbFlt - ok
17:07:59.0487 5512 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:07:59.0503 5512 TsUsbGD - ok
17:07:59.0534 5512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:07:59.0581 5512 tunnel - ok
17:07:59.0597 5512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:07:59.0612 5512 uagp35 - ok
17:07:59.0628 5512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:07:59.0659 5512 udfs - ok
17:07:59.0675 5512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:07:59.0706 5512 UI0Detect - ok
17:07:59.0753 5512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:07:59.0753 5512 uliagpkx - ok
17:07:59.0784 5512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:07:59.0815 5512 umbus - ok
17:07:59.0831 5512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:07:59.0877 5512 UmPass - ok
17:07:59.0909 5512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:07:59.0955 5512 upnphost - ok
17:07:59.0987 5512 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:08:00.0002 5512 usbaudio - ok
17:08:00.0018 5512 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:08:00.0080 5512 usbccgp - ok
17:08:00.0111 5512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:08:00.0143 5512 usbcir - ok
17:08:00.0158 5512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:08:00.0174 5512 usbehci - ok
17:08:00.0205 5512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:08:00.0236 5512 usbhub - ok
17:08:00.0252 5512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:08:00.0267 5512 usbohci - ok
17:08:00.0283 5512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:08:00.0314 5512 usbprint - ok
17:08:00.0345 5512 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:08:00.0392 5512 usbscan - ok
17:08:00.0408 5512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:08:00.0439 5512 USBSTOR - ok
17:08:00.0455 5512 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:08:00.0486 5512 usbuhci - ok
17:08:00.0501 5512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:08:00.0564 5512 UxSms - ok
17:08:00.0595 5512 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:08:00.0611 5512 VaultSvc - ok
17:08:00.0611 5512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:08:00.0626 5512 vdrvroot - ok
17:08:00.0657 5512 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:08:00.0704 5512 vds - ok
17:08:00.0720 5512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:08:00.0735 5512 vga - ok
17:08:00.0751 5512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:08:00.0782 5512 VgaSave - ok
17:08:00.0813 5512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:08:00.0813 5512 vhdmp - ok
17:08:00.0954 5512 VIAHdAudAddService (84ffc3cca60a1b52a021bc894d529735) C:\Windows\system32\drivers\viahduaa.sys
17:08:01.0001 5512 VIAHdAudAddService - ok
17:08:01.0063 5512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:08:01.0079 5512 viaide - ok
17:08:01.0094 5512 VIAKaraokeService (f4310278e6ce1c507b5555b662369e26) C:\Windows\system32\viakaraokesrv.exe
17:08:01.0110 5512 VIAKaraokeService - ok
17:08:01.0110 5512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:08:01.0125 5512 volmgr - ok
17:08:01.0157 5512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:08:01.0172 5512 volmgrx - ok
17:08:01.0203 5512 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
17:08:01.0219 5512 volsnap - ok
17:08:01.0266 5512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:08:01.0281 5512 vsmraid - ok
17:08:01.0359 5512 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:08:01.0422 5512 VSS - ok
17:08:01.0484 5512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:08:01.0515 5512 vwifibus - ok
17:08:01.0547 5512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:08:01.0578 5512 vwififlt - ok
17:08:01.0625 5512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:08:01.0656 5512 W32Time - ok
17:08:01.0687 5512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:08:01.0718 5512 WacomPen - ok
17:08:01.0734 5512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:08:01.0781 5512 WANARP - ok
17:08:01.0781 5512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:08:01.0812 5512 Wanarpv6 - ok
17:08:01.0890 5512 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:08:01.0999 5512 wbengine - ok
17:08:02.0046 5512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:08:02.0077 5512 WbioSrvc - ok
17:08:02.0093 5512 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:08:02.0124 5512 wcncsvc - ok
17:08:02.0139 5512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:08:02.0155 5512 WcsPlugInService - ok
17:08:02.0186 5512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:08:02.0186 5512 Wd - ok
17:08:02.0233 5512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:08:02.0249 5512 Wdf01000 - ok
17:08:02.0264 5512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:08:02.0358 5512 WdiServiceHost - ok
17:08:02.0358 5512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:08:02.0373 5512 WdiSystemHost - ok
17:08:02.0405 5512 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:08:02.0436 5512 WebClient - ok
17:08:02.0467 5512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:08:02.0498 5512 Wecsvc - ok
17:08:02.0529 5512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:08:02.0561 5512 wercplsupport - ok
17:08:02.0576 5512 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:08:02.0607 5512 WerSvc - ok
17:08:02.0623 5512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:08:02.0654 5512 WfpLwf - ok
17:08:02.0670 5512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:08:02.0685 5512 WIMMount - ok
17:08:02.0717 5512 WinDefend - ok
17:08:02.0717 5512 WinHttpAutoProxySvc - ok
17:08:02.0779 5512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:08:02.0826 5512 Winmgmt - ok
17:08:02.0935 5512 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:08:02.0997 5512 WinRM - ok
17:08:03.0122 5512 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:08:03.0169 5512 WinUsb - ok
17:08:03.0231 5512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:08:03.0263 5512 Wlansvc - ok
17:08:03.0325 5512 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:08:03.0356 5512 wlcrasvc - ok
17:08:03.0512 5512 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:08:03.0559 5512 wlidsvc - ok
17:08:03.0621 5512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:08:03.0653 5512 WmiAcpi - ok
17:08:03.0684 5512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:08:03.0699 5512 wmiApSrv - ok
17:08:03.0715 5512 WMPNetworkSvc - ok
17:08:03.0731 5512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:08:03.0746 5512 WPCSvc - ok
17:08:03.0777 5512 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:08:03.0793 5512 WPDBusEnum - ok
17:08:03.0793 5512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:08:03.0840 5512 ws2ifsl - ok
17:08:03.0871 5512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:08:03.0887 5512 wscsvc - ok
17:08:03.0887 5512 WSearch - ok
17:08:03.0996 5512 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:08:04.0105 5512 wuauserv - ok
17:08:04.0136 5512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:08:04.0183 5512 WudfPf - ok
17:08:04.0199 5512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:08:04.0245 5512 WUDFRd - ok
17:08:04.0261 5512 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:08:04.0292 5512 wudfsvc - ok
17:08:04.0323 5512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:08:04.0339 5512 WwanSvc - ok
17:08:04.0370 5512 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:08:04.0698 5512 \Device\Harddisk0\DR0 - ok
17:08:04.0745 5512 Boot (0x1200) (6efb70c07cd1ba1edca2b603cc988eec) \Device\Harddisk0\DR0\Partition0
17:08:04.0776 5512 \Device\Harddisk0\DR0\Partition0 - ok
17:08:04.0791 5512 Boot (0x1200) (60ac426d1eba97774f052e637196341a) \Device\Harddisk0\DR0\Partition1
17:08:04.0791 5512 \Device\Harddisk0\DR0\Partition1 - ok
17:08:04.0791 5512 ============================================================
17:08:04.0791 5512 Scan finished
17:08:04.0791 5512 ============================================================
17:08:04.0823 6040 Detected object count: 4
17:08:04.0823 6040 Actual detected object count: 4
17:08:27.0848 6040 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:27.0848 6040 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:27.0848 6040 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:27.0848 6040 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:27.0848 6040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:27.0864 6040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:27.0864 6040 Realtek11nSU ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:27.0864 6040 Realtek11nSU ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
25.05.2012, 23:02
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir Warnungen aber ohne Fund/mpnrs.com Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
26.05.2012, 21:56
| #4 |
| | Antivir Warnungen aber ohne Fund/mpnrs.comCode:
ATTFilter ComboFix 12-05-26.02 - MeinName 26.05.2012 20:38:23.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.7657.6094 [GMT 2:00]
ausgeführt von:: c:\users\MeinName\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\SysWow64\system32
c:\windows\SysWow64\system32\DRIVERS\RTL2832U_IRHID.sys
c:\windows\SysWow64\system32\DRIVERS\RTL2832UBDA.sys
c:\windows\SysWow64\system32\DRIVERS\RTL2832UUSB.sys
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-04-26 bis 2012-05-26 ))))))))))))))))))))))))))))))
.
.
2012-05-26 19:30 . 2012-05-26 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-25 14:59 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24F1A184-CCCC-48B8-B5EC-C07A073E646F}\mpengine.dll
2012-05-24 12:17 . 2012-05-24 12:17 -------- d-----w- C:\_OTL
2012-05-16 23:38 . 2012-05-16 23:38 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-16 23:38 . 2012-05-16 23:38 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-16 20:49 . 2012-05-16 20:49 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-16 20:49 . 2012-05-16 20:49 -------- d-----w- c:\windows\system32\Macromed
2012-05-13 07:05 . 2012-05-13 07:05 -------- d-----w- c:\program files (x86)\ESET
2012-05-13 07:05 . 2012-05-13 07:05 -------- d--h--w- c:\windows\AxInstSV
2012-05-12 08:33 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-12 08:33 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-12 08:33 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-12 08:33 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-12 08:33 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-12 08:33 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-12 08:32 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-12 08:32 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-12 08:30 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-12 08:30 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 08:30 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-12 08:30 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-12 08:30 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 15:17 . 2012-05-09 15:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware (2)
2012-05-09 15:17 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-07 16:06 . 2012-05-07 16:06 -------- d-----w- c:\program files (x86)\XMedia Recode
2012-05-07 13:37 . 2012-05-07 13:37 -------- d-----w- c:\users\MeinName\AppData\Roaming\Amazon
2012-05-07 12:50 . 2012-05-07 12:50 -------- d-----w- c:\program files (x86)\Amazon
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-16 20:49 . 2011-08-11 01:19 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-08 15:37 . 2012-04-15 11:54 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 15:37 . 2012-04-15 11:54 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-01 06:46 . 2012-04-12 19:35 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-12 19:35 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-12 19:35 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-12 19:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-12 19:35 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-12 19:35 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-12 19:35 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-12 19:37 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-12 19:37 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-12 19:37 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-12 19:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-12 19:37 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-12 19:37 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-12 19:37 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-12 19:37 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-29 336384]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-05-06 3037296]
"RunAIShell"="c:\program files (x86)\ASUS\AI Manager\AsShellApplication.exe" [2009-12-23 232064]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-09-05 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware (2)\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-8-11 548528]
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-12-28 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 257696]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-06-29 365568]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2010-11-28 128904]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
S2 Device Handle Service;Device Handle Service;c:\windows\SysWOW64\AsHookDevice.exe [2009-12-23 203392]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware (2)\mbamservice.exe [2012-04-04 654408]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [2010-01-21 45056]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 20:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKLM-Run-IR_SERVER - c:\progra~2\Realtek\REALTE~1\IR_SERVER.exe
Toolbar-Locked - (no file)
AddRemove-XMedia Recode - c:\program files (x86)\XMedia Recode\uninst.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-05-26 21:35:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-05-26 19:35
.
Vor Suchlauf: 12 Verzeichnis(se), 315.977.859.072 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 315.836.301.312 Bytes frei
.
- - End Of File - - EBC6F8B032EE24A6ED4355D080CAAF86
|
|
28.05.2012, 14:36
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir Warnungen aber ohne Fund/mpnrs.comZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.06.2012, 13:54
| #6 | |
| | Antivir Warnungen aber ohne Fund/mpnrs.comZitat:
Tut mir leid, dass es so lange gedauert hat, ich hatte so viel zu tun. Avira habe ich installiert, macht Avira Desktop da einen Unterschied? Über die Suche habe ich unter dem Begriff "Avira Dektop" jedenfalls nichts gefunden. Und Trend micro Titanium Internet Security war denke ich schon auf dem PC, als ich ihn das erste Mal gestartet habe. |
|
07.06.2012, 15:36
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir Warnungen aber ohne Fund/mpnrs.com Ja aber wenn das eine schon installiert ist, deinstalliert man es bevor man Avira drauf macht! Runter mit Trendmicro!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.06.2012, 16:27
| #8 |
| | Antivir Warnungen aber ohne Fund/mpnrs.com Das habe ich jetzt getan. |
|
10.06.2012, 00:22
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir Warnungen aber ohne Fund/mpnrs.com Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.06.2012, 13:38
| #10 |
| | Antivir Warnungen aber ohne Fund/mpnrs.com Hier einmal Osam: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 14:20:38 on 10.06.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ASInsHelp" (ASInsHelp) - ? - C:\Windows\SysWow64\drivers\AsInsHelp64.sys (File found, but it contains no detailed information) "AsIO" (AsIO) - ? - C:\Windows\SysWow64\drivers\AsIO.sys (File found, but it contains no detailed information) "AsUpIO" (AsUpIO) - ? - C:\Windows\SysWow64\drivers\AsUpIO.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "PLCNDIS5 NDIS Protocol Driver" (PLCNDIS5) - ? - C:\Windows\system32\plcndis5.sys (File not found) "PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\Windows\SysWOW64\drivers\Afc.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout64" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~2\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll Locked "Locked" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "AsusVibeLauncher.lnk" - ? - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "TMMonitor.lnk" - "ArcSoft, Inc." - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (Shortcut exists | File exists) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "ArcSoft Connection Service" - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "HDAudDeck" - "VIA" - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware (2)\mbamgui.exe" /starttray "RunAIShell" - "ASUSTeK Computer Inc." - C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "WinampAgent" - "Nullsoft, Inc." - "C:\Program Files (x86)\Winamp\winampa.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "AMD FUEL Service" (AMD FUEL Service) - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe "AMD RAIDXpert" (AMD_RAIDXpert) - "AMD" - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe "ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe "ASUS Com Service" (asComSvc) - ? - C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe (File found, but it contains no detailed information) "ASUS HM Com Service" (asHmComSvc) - ? - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe (File found, but it contains no detailed information) "ASUS System Control Service" (AsSysCtrlService) - ? - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe (File found, but it contains no detailed information) "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE "Device Handle Service" (Device Handle Service) - "ASUSTeK Computer Inc." - C:\Windows\SysWOW64\AsHookDevice.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware (2)\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Realtek11nSU" (Realtek11nSU) - "Realtek" - C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe "SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-10 14:25:14
-----------------------------
14:25:14.288 OS Version: Windows x64 6.1.7601 Service Pack 1
14:25:14.288 Number of processors: 4 586 0x100
14:25:14.288 ComputerName: MeinPC UserName: MeinName
14:25:16.051 Initialize success
14:26:49.562 AVAST engine defs: 12061000
14:27:00.809 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:27:00.809 Disk 0 Vendor: WDC_WD20EARX-22PASB0 51.0AB51 Size: 1907729MB BusType: 3
14:27:00.840 Disk 0 MBR read successfully
14:27:00.840 Disk 0 MBR scan
14:27:00.840 Disk 0 Windows 7 default MBR code
14:27:00.856 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 14524 MB offset 2048
14:27:00.872 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 381546 MB offset 29747200
14:27:00.903 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 557797 MB offset 811153408
14:27:00.950 Disk 0 scanning C:\Windows\system32\drivers
14:27:07.970 Service scanning
14:27:22.790 Modules scanning
14:27:22.805 Disk 0 trace - called modules:
14:27:22.821 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:27:22.837 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800748c060]
14:27:22.852 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa80071d2670]
14:27:22.852 5 ACPI.sys[fffff88000ec37a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80071e0060]
14:27:24.755 AVAST engine scan C:\Windows
14:27:28.109 AVAST engine scan C:\Windows\system32
14:29:27.403 AVAST engine scan C:\Windows\system32\drivers
14:29:37.215 AVAST engine scan C:\Users\MeinName
14:31:28.662 AVAST engine scan C:\ProgramData
14:33:34.772 Scan finished successfully
14:35:41.616 Disk 0 MBR has been saved successfully to "C:\Users\MeinName\Desktop\MBR.dat"
14:35:41.616 The log file has been saved successfully to "C:\Users\MeinName\Desktop\aswMBR.txt"
|
|
10.06.2012, 16:57
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir Warnungen aber ohne Fund/mpnrs.com Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2012, 17:18
| #12 |
| | Antivir Warnungen aber ohne Fund/mpnrs.com Diese lange Pause tut mir leid, aber jetzt geht es endlich weiter: Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.30.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 MeinName :: MeinPC [Administrator] Schutz: Aktiviert 30.06.2012 23:47:21 mbam-log-2012-06-30 (23-47-21).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 344018 Laufzeit: 43 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) SuperAntiSpyware: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/01/2012 at 05:56 PM
Application Version : 5.5.1006
Core Rules Database Version : 8827
Trace Rules Database Version: 6639
Scan type : Complete Scan
Total Scan Time : 01:02:42
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 843
Memory threats detected : 0
Registry items scanned : 63920
Registry threats detected : 0
File items scanned : 135894
File threats detected : 176
Adware.Tracking Cookie
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\D9MOZNPO.txt [ /ad4.adfarm1.adition.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\KJZGE14R.txt [ /fastclick.net ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\PIXGQYDJ.txt [ /ad.zanox.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\VQPGLR5M.txt [ /revsci.net ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\3UXI6RMK.txt [ /im.banner.t-online.de ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\S223APX7.txt [ /ad2.adfarm1.adition.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\3BJIW7WT.txt [ /ads.creative-serving.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\KUGJI072.txt [ /doubleclick.net ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\7AEJIU2L.txt [ /ad1.adfarm1.adition.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\TYXSZ40D.txt [ /apmebf.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\YSFQI96R.txt [ /mediaplex.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\XAQXUQ19.txt [ /webmasterplan.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\0WYIXY10.txt [ /xiti.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\8BWCI5Q3.txt [ /ad.360yield.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\J192L5CH.txt [ /accounts.google.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\I9UBWS14.txt [ /ad.dyntracker.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\94HRVYBH.txt [ /invitemedia.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\6GE1KX17.txt [ /zanox.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\XH03JFTI.txt [ /serving-sys.com ]
C:\Users\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\CTH3KKV3.txt [ /adfarm1.adition.com ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\XBW6H5T0.txt [ Cookie:MeinName@adtech.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\3MHSFRZV.txt [ Cookie:MeinName@adviva.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\RWLAU88L.txt [ Cookie:MeinName@unitymedia.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZPPARO0M.txt [ Cookie:MeinName@adserver.yopi.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\H6SZNS2Z.txt [ Cookie:MeinName@ad4.adfarm1.adition.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\PR2RKZ6C.txt [ Cookie:MeinName@ww251.smartadserver.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\UWPUA5GT.txt [ Cookie:MeinName@fastclick.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\G3VE7LHK.txt [ Cookie:MeinName@ad.zanox.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q6IMARZD.txt [ Cookie:MeinName@track.effiliation.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\PKX7R52P.txt [ Cookie:MeinName@tradedoubler.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\GRGHW8GD.txt [ Cookie:MeinName@ad.dyntracker.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\DQF9UH04.txt [ Cookie:MeinName@revsci.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZTCMK2LC.txt [ Cookie:MeinName@247activemedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\FT0C7RAE.txt [ Cookie:MeinName@interclick.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\256X1C8C.txt [ Cookie:MeinName@clicksor.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\M5F5RBUO.txt [ Cookie:MeinName@ad.adnet.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\SXOD4IA5.txt [ Cookie:MeinName@banner.electronic-arts.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\9EJQS9EL.txt [ Cookie:MeinName@accounts.youtube.com/accounts ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\UIDYLHM6.txt [ Cookie:MeinName@www.etracker.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\IZMR19I6.txt [ Cookie:MeinName@ad2.adfarm1.adition.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\NYB5RS16.txt [ Cookie:MeinName@adxpose.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\AB8XOB3G.txt [ Cookie:MeinName@www.google.com/accounts ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\U3JC6EAD.txt [ Cookie:MeinName@doubleclick.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\5FE4NY7J.txt [ Cookie:MeinName@ad1.adfarm1.adition.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\LKXG19XY.txt [ Cookie:MeinName@nextag.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\QKDNTZT5.txt [ Cookie:MeinName@questionmarket.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\SYVARJ9E.txt [ Cookie:MeinName@ad.yieldmanager.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\chiara@specificclick[1].txt [ Cookie:MeinName@specificclick.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\4N8BH3H2.txt [ Cookie:MeinName@track.effiliation.com/servlet/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\F1MU6PM9.txt [ Cookie:MeinName@mediaplex.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\4MYHBM4H.txt [ Cookie:MeinName@webmasterplan.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\chiara@imrworldwide[2].txt [ Cookie:MeinName@imrworldwide.com/cgi-bin ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\EF8WQ4ME.txt [ Cookie:MeinName@ar.atwola.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\IE9XQT2Z.txt [ Cookie:MeinName@www.moviepilot.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\URGGJYKH.txt [ Cookie:MeinName@a.revenuemax.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\9QY8FG3Q.txt [ Cookie:MeinName@media6degrees.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\0NSTDNFY.txt [ Cookie:MeinName@mediafire.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\CQ7RSEM2.txt [ Cookie:MeinName@adbrite.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\J70ZU6IY.txt [ Cookie:MeinName@cmpi.122.2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\NFQPBLHG.txt [ Cookie:MeinName@accounts.google.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\E66EDHNV.txt [ Cookie:MeinName@tracking.quisma.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\EX71OEE0.txt [ Cookie:MeinName@eyewonder.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\NGSAMO8A.txt [ Cookie:MeinName@invitemedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\HMKD005U.txt [ Cookie:MeinName@zanox-affiliate.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\MTW1QENA.txt [ Cookie:MeinName@casalemedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\TYKXLJPG.txt [ Cookie:MeinName@dyntracker.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\XZWXYWEA.txt [ Cookie:MeinName@traffictrack.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\0VG40ZU6.txt [ Cookie:MeinName@tracking.mindshare.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\F8RBPYTJ.txt [ Cookie:MeinName@c.gigcount.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\DJ36JJ2Q.txt [ Cookie:MeinName@adsrv1.admediate.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\MOJ3N79X.txt [ Cookie:MeinName@www.mediafire.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\685QNUFT.txt [ Cookie:MeinName@zanox.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\TOMF1WDD.txt [ Cookie:MeinName@serving-sys.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\IM8CLHSJ.txt [ Cookie:MeinName@2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\5P7F5NBA.txt [ Cookie:MeinName@lucidmedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\I2R1G65W.txt [ Cookie:MeinName@yieldmanager.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\KY7V3LIZ.txt [ Cookie:MeinName@adfarm1.adition.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\LD86WY2N.txt [ Cookie:MeinName@adform.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\QSPB9EJF.txt [ Cookie:MeinName@eas.apm.emediate.eu/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\J56ITW4K.txt [ Cookie:MeinName@tribalfusion.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZTU8JUVR.txt [ Cookie:MeinName@c.atdmt.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\1V9KOUG6.txt [ Cookie:MeinName@ad.adition.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\R503P8FF.txt [ Cookie:MeinName@yadro.ru/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\VJ3CIG10.txt [ Cookie:MeinName@www.multimediaxis.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\0779BLQA.txt [ Cookie:MeinName@tacoda.at.atwola.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\4NLQ541P.txt [ Cookie:MeinName@aim4media.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\GAVQT4GO.txt [ Cookie:MeinName@edates.traffective-tracking.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\5GPHOA73.txt [ Cookie:MeinName@www.active-tracking.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\HFN1QH2F.txt [ Cookie:MeinName@as.xtendmedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\X394AFGO.txt [ Cookie:MeinName@solvemedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\HOGL1QDM.txt [ Cookie:MeinName@stats.zebralog.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\UROXSVJ2.txt [ Cookie:MeinName@ad.adnet.biz/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\RYF1UO9H.txt [ Cookie:MeinName@ehg-foxmovies.hitbox.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZKP9ZXD1.txt [ Cookie:MeinName@ad.servestats.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\VBRRU7NJ.txt [ Cookie:MeinName@superrtl.122.2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\GUF18A07.txt [ Cookie:MeinName@im.banner.t-online.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\FAM8L6JG.txt [ Cookie:MeinName@ads.saymedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\JBDHET3I.txt [ Cookie:MeinName@track.adform.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\08ZH0V0A.txt [ Cookie:MeinName@collective-media.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\UCTUKUNH.txt [ Cookie:MeinName@micklemedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\64MSWYX5.txt [ Cookie:MeinName@clickfuse.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZM62M0PI.txt [ Cookie:MeinName@media.gan-online.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\BR6ADUJF.txt [ Cookie:MeinName@c1.atdmt.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\NWMNJS6C.txt [ Cookie:MeinName@ads20.wwe-media.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\TM0W6FTV.txt [ Cookie:MeinName@ad.adserver01.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\G55GH6H0.txt [ Cookie:MeinName@xm.xtendmedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\SR9T1GXS.txt [ Cookie:MeinName@ru4.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y93BF59L.txt [ Cookie:MeinName@at.atwola.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\N3UQH3C7.txt [ Cookie:MeinName@server.adform.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\TVAR06P7.txt [ Cookie:MeinName@rts.pgmediaserve.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\268V2ZKI.txt [ Cookie:MeinName@tns-counter.ru/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\WGC3PDB0.txt [ Cookie:MeinName@de.sitestat.com/sueddeutsche/sueddeutsche/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\SX34I2NM.txt [ Cookie:MeinName@eaeacom.112.2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\EI44MDU9.txt [ Cookie:MeinName@dc.tremormedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZQOIZ3Y7.txt [ Cookie:MeinName@insightexpressai.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\29AIN802.txt [ Cookie:MeinName@mm.chitika.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\NXMRCA5L.txt [ Cookie:MeinName@ads.247activemedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\M130M1RL.txt [ Cookie:MeinName@de.sitestat.com/haba/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\SB3V3N41.txt [ Cookie:MeinName@statse.webtrendslive.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\TUXNP814.txt [ Cookie:MeinName@www.googleadservices.com/pagead/conversion/1070463314/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\LLZ7JYGE.txt [ Cookie:MeinName@msnportal.112.2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\IN5EZB3J.txt [ Cookie:MeinName@www.google.com/insights/search ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\9PL7IJVO.txt [ Cookie:MeinName@kanoodle.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\U5VJTN35.txt [ Cookie:MeinName@partners.webmasterplan.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\6QO4VMRK.txt [ Cookie:MeinName@steelhousemedia.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\W2V031JW.txt [ Cookie:MeinName@support.google.com/accounts/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\15FNMVK4.txt [ Cookie:MeinName@oms.122.2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\NEGL2PCV.txt [ Cookie:MeinName@kemmerzell-media.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\3OVR7G1O.txt [ Cookie:MeinName@moviepilot.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\WIDQRNZB.txt [ Cookie:MeinName@hitbox.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\3236QP9R.txt [ Cookie:MeinName@msnbc.112.2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\WHTQ4AVB.txt [ Cookie:MeinName@adserver.twitpic.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\I4GX2IRY.txt [ Cookie:MeinName@adserver.advertisingbox.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\5C6VD3DQ.txt [ Cookie:MeinName@horyzon-media.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\WCKHDW1I.txt [ Cookie:MeinName@vodafonegroup.122.2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\18HN1BQI.txt [ Cookie:MeinName@guj.122.2o7.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\TPIO86KW.txt [ Cookie:MeinName@ad.dyntracker.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\EJENT6JU.txt [ Cookie:MeinName@harrenmedianetwork.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\7N51ORJZ.txt [ Cookie:MeinName@burstnet.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\RG5HFAS2.txt [ Cookie:MeinName@e2.emediate.se/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\XLQT2LML.txt [ Cookie:MeinName@srv.clickfuse.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z2OMZF3T.txt [ Cookie:MeinName@linksynergy.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\B63Z8XCR.txt [ Cookie:MeinName@pfa.rotator.hadj7.adjuggler.net/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\95FVI8SS.txt [ Cookie:MeinName@komtrack.com/tr/101230 ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\FW6KK2Y6.txt [ Cookie:MeinName@komtrack.com/tr ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\8EBJQFGH.txt [ Cookie:MeinName@myroitracking.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\0AMY2PSN.txt [ Cookie:MeinName@quartermedia.de/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\QAHNVPSU.txt [ Cookie:MeinName@eas4.emediate.eu/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZK2SXVD2.txt [ Cookie:MeinName@unister-adservices.com/campaign/conversion/22 ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\13Q1100Q.txt [ Cookie:MeinName@www.burstnet.com/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\KJDVR820.txt [ Cookie:MeinName@unister-adservices.com/services/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZSLP0PJU.txt [ Cookie:MeinName@de.sitestat.com/daad/daad/ ]
C:\USERS\MeinName\AppData\Roaming\Microsoft\Windows\Cookies\Low\BIXP5A11.txt [ Cookie:MeinName@adlegend.com/ ]
C:\USERS\MeinName\Cookies\D9MOZNPO.txt [ Cookie:MeinName@ad4.adfarm1.adition.com/ ]
C:\USERS\MeinName\Cookies\KJZGE14R.txt [ Cookie:MeinName@fastclick.net/ ]
C:\USERS\MeinName\Cookies\PIXGQYDJ.txt [ Cookie:MeinName@ad.zanox.com/ ]
C:\USERS\MeinName\Cookies\VQPGLR5M.txt [ Cookie:MeinName@revsci.net/ ]
C:\USERS\MeinName\Cookies\3UXI6RMK.txt [ Cookie:MeinName@im.banner.t-online.de/ ]
C:\USERS\MeinName\Cookies\S223APX7.txt [ Cookie:MeinName@ad2.adfarm1.adition.com/ ]
C:\USERS\MeinName\Cookies\KUGJI072.txt [ Cookie:MeinName@doubleclick.net/ ]
C:\USERS\MeinName\Cookies\7AEJIU2L.txt [ Cookie:MeinName@ad1.adfarm1.adition.com/ ]
C:\USERS\MeinName\Cookies\YSFQI96R.txt [ Cookie:MeinName@mediaplex.com/ ]
C:\USERS\MeinName\Cookies\XAQXUQ19.txt [ Cookie:MeinName@webmasterplan.com/ ]
C:\USERS\MeinName\Cookies\J192L5CH.txt [ Cookie:MeinName@accounts.google.com/ ]
C:\USERS\MeinName\Cookies\I9UBWS14.txt [ Cookie:MeinName@ad.dyntracker.com/ ]
C:\USERS\MeinName\Cookies\94HRVYBH.txt [ Cookie:MeinName@invitemedia.com/ ]
C:\USERS\MeinName\Cookies\6GE1KX17.txt [ Cookie:MeinName@zanox.com/ ]
C:\USERS\MeinName\Cookies\XH03JFTI.txt [ Cookie:MeinName@serving-sys.com/ ]
C:\USERS\MeinName\Cookies\CTH3KKV3.txt [ Cookie:MeinName@adfarm1.adition.com/ ]
core.saymedia.com [ C:\USERS\MeinName\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NLXUULH6 ]
delivery.ibanner.de [ C:\USERS\MeinName\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NLXUULH6 ]
ia.media-imdb.com [ C:\USERS\MeinName\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NLXUULH6 ]
imagesrv.adition.com [ C:\USERS\MeinName\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NLXUULH6 ]
media.mtvnservices.com [ C:\USERS\MeinName\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NLXUULH6 ]
secure-us.imrworldwide.com [ C:\USERS\MeinName\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NLXUULH6 ]
video.unrulymedia.com [ C:\USERS\MeinName\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NLXUULH6 ]
|
|
02.07.2012, 10:12
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir Warnungen aber ohne Fund/mpnrs.com Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.07.2012, 21:51
| #14 |
| | Antivir Warnungen aber ohne Fund/mpnrs.com Alles wieder okay Vielen Dank! |
|
05.07.2012, 21:52
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antivir Warnungen aber ohne Fund/mpnrs.com Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => http://www.adobe.com/products/flashp...ribution3.html Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Antivir Warnungen aber ohne Fund/mpnrs.com |
| .com, alle zwei tage, antivir, brennen, dateien, defender, echtzeitscanner, ergebnis, gen, gesucht, infizierte, leerzeichen, maleware, meldung, niemals, panik, programme, scan, scanner, schlägt, seite, trojaner, versteckte, versteckte dateien, warnungen, windows |
Hybrid-Darstellung
