| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Agent.VB.1624 und TR/Drop.Injector.filwWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.08.2012, 12:20
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  TR/Agent.VB.1624 und TR/Drop.Injector.filw Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.08.2012, 13:28
| #17 |
 | TR/Agent.VB.1624 und TR/Drop.Injector.filw Hallo Arne,
__________________hier das Log vom TDSS Killer: Code:
ATTFilter 14:21:36.0869 5940 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
14:21:36.0879 5940 ============================================================
14:21:36.0879 5940 Current date / time: 2012/08/09 14:21:36.0879
14:21:36.0889 5940 SystemInfo:
14:21:36.0889 5940
14:21:36.0889 5940 OS Version: 6.1.7601 ServicePack: 1.0
14:21:36.0889 5940 Product type: Workstation
14:21:36.0889 5940 ComputerName: ***-PC
14:21:36.0889 5940 UserName: ***
14:21:36.0889 5940 Windows directory: C:\Windows
14:21:36.0889 5940 System windows directory: C:\Windows
14:21:36.0889 5940 Running under WOW64
14:21:36.0889 5940 Processor architecture: Intel x64
14:21:36.0889 5940 Number of processors: 2
14:21:36.0889 5940 Page size: 0x1000
14:21:36.0889 5940 Boot type: Normal boot
14:21:36.0889 5940 ============================================================
14:21:37.0409 5940 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:21:37.0409 5940 ============================================================
14:21:37.0409 5940 \Device\Harddisk0\DR0:
14:21:37.0409 5940 MBR partitions:
14:21:37.0409 5940 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x13986
14:21:37.0409 5940 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
14:21:37.0409 5940 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
14:21:37.0409 5940 ============================================================
14:21:37.0439 5940 C: <-> \Device\Harddisk0\DR0\Partition2
14:21:37.0439 5940 V: <-> \Device\Harddisk0\DR0\Partition0
14:21:37.0439 5940 ============================================================
14:21:37.0439 5940 Initialize success
14:21:37.0439 5940 ============================================================
14:22:18.0369 0888 ============================================================
14:22:18.0369 0888 Scan started
14:22:18.0369 0888 Mode: Manual; SigCheck; TDLFS;
14:22:18.0369 0888 ============================================================
14:22:19.0659 0888 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:22:19.0769 0888 1394ohci - ok
14:22:19.0829 0888 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:22:19.0869 0888 ACPI - ok
14:22:19.0919 0888 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:22:19.0979 0888 AcpiPmi - ok
14:22:20.0169 0888 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:22:20.0189 0888 AdobeFlashPlayerUpdateSvc - ok
14:22:20.0279 0888 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:22:20.0329 0888 adp94xx - ok
14:22:20.0399 0888 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:22:20.0459 0888 adpahci - ok
14:22:20.0509 0888 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:22:20.0539 0888 adpu320 - ok
14:22:20.0569 0888 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:22:20.0699 0888 AeLookupSvc - ok
14:22:20.0829 0888 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\AESTSr64.exe
14:22:20.0879 0888 AESTFilters - ok
14:22:20.0979 0888 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:22:21.0069 0888 AFD - ok
14:22:21.0129 0888 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:22:21.0159 0888 agp440 - ok
14:22:21.0779 0888 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
14:22:21.0779 0888 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
14:22:21.0789 0888 Akamai ( HiddenFile.Multi.Generic ) - warning
14:22:21.0789 0888 Akamai - detected HiddenFile.Multi.Generic (1)
14:22:21.0929 0888 aksdf (44f360b65c37a42eb5b71c2e5179fdd5) C:\Windows\system32\drivers\aksdf.sys
14:22:21.0979 0888 aksdf - ok
14:22:22.0019 0888 aksfridge (43415af4f20e9867974623840a22fe98) C:\Windows\system32\drivers\aksfridge.sys
14:22:22.0039 0888 aksfridge - ok
14:22:22.0059 0888 akshasp (a56f1b0f967aef8a82d7771e6d166def) C:\Windows\system32\DRIVERS\akshasp.sys
14:22:22.0099 0888 akshasp - ok
14:22:22.0129 0888 aksusb (27f2e2c89a1855b063fcac21eb7d6a73) C:\Windows\system32\DRIVERS\aksusb.sys
14:22:22.0169 0888 aksusb - ok
14:22:22.0209 0888 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:22:22.0279 0888 ALG - ok
14:22:22.0329 0888 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:22:22.0359 0888 aliide - ok
14:22:22.0369 0888 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:22:22.0379 0888 amdide - ok
14:22:22.0409 0888 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:22:22.0439 0888 AmdK8 - ok
14:22:22.0459 0888 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:22:22.0489 0888 AmdPPM - ok
14:22:22.0499 0888 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:22:22.0519 0888 amdsata - ok
14:22:22.0549 0888 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:22:22.0569 0888 amdsbs - ok
14:22:22.0589 0888 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:22:22.0599 0888 amdxata - ok
14:22:22.0709 0888 AntiVirSchedulerService (9015bc03f62940527ec92d45ee89e46f) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:22:22.0729 0888 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - warning
14:22:22.0729 0888 AntiVirSchedulerService - detected UnsignedFile.Multi.Generic (1)
14:22:22.0759 0888 AntiVirService (b8720a787c1223492e6f319465e996ce) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:22:22.0799 0888 AntiVirService ( UnsignedFile.Multi.Generic ) - warning
14:22:22.0799 0888 AntiVirService - detected UnsignedFile.Multi.Generic (1)
14:22:22.0859 0888 ApfiltrService (3cc4531f11648a6081a7ba3aa4924d04) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:22:22.0899 0888 ApfiltrService - ok
14:22:22.0939 0888 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:22:23.0009 0888 AppID - ok
14:22:23.0039 0888 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:22:23.0069 0888 AppIDSvc - ok
14:22:23.0119 0888 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:22:23.0159 0888 Appinfo - ok
14:22:23.0289 0888 Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:22:23.0299 0888 Apple Mobile Device - ok
14:22:23.0359 0888 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
14:22:23.0429 0888 AppMgmt - ok
14:22:23.0469 0888 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:22:23.0489 0888 arc - ok
14:22:23.0509 0888 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:22:23.0529 0888 arcsas - ok
14:22:23.0649 0888 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:22:23.0669 0888 aspnet_state - ok
14:22:23.0699 0888 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:22:23.0759 0888 AsyncMac - ok
14:22:23.0799 0888 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:22:23.0819 0888 atapi - ok
14:22:23.0909 0888 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:22:23.0989 0888 AudioEndpointBuilder - ok
14:22:23.0999 0888 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:22:24.0039 0888 AudioSrv - ok
14:22:24.0059 0888 avgntflt (c30b5fc0adcdfba7668e99baf0cbf58e) C:\Windows\system32\DRIVERS\avgntflt.sys
14:22:24.0079 0888 avgntflt - ok
14:22:24.0149 0888 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:22:24.0209 0888 AxInstSV - ok
14:22:24.0289 0888 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:22:24.0349 0888 b06bdrv - ok
14:22:24.0409 0888 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:22:24.0469 0888 b57nd60a - ok
14:22:24.0519 0888 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:22:24.0569 0888 BDESVC - ok
14:22:24.0589 0888 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:22:24.0659 0888 Beep - ok
14:22:24.0769 0888 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:22:24.0859 0888 BFE - ok
14:22:24.0949 0888 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:22:25.0039 0888 BITS - ok
14:22:25.0079 0888 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:22:25.0119 0888 blbdrive - ok
14:22:25.0149 0888 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:22:25.0189 0888 bowser - ok
14:22:25.0209 0888 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:22:25.0249 0888 BrFiltLo - ok
14:22:25.0259 0888 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:22:25.0279 0888 BrFiltUp - ok
14:22:25.0309 0888 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:22:25.0379 0888 Browser - ok
14:22:25.0409 0888 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:22:25.0459 0888 Brserid - ok
14:22:25.0529 0888 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:22:25.0569 0888 BrSerWdm - ok
14:22:25.0589 0888 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:22:25.0629 0888 BrUsbMdm - ok
14:22:25.0639 0888 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:22:25.0659 0888 BrUsbSer - ok
14:22:25.0709 0888 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:22:25.0769 0888 BthEnum - ok
14:22:25.0789 0888 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:22:25.0819 0888 BTHMODEM - ok
14:22:25.0849 0888 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:22:25.0899 0888 BthPan - ok
14:22:25.0979 0888 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
14:22:26.0059 0888 BTHPORT - ok
14:22:26.0099 0888 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:22:26.0159 0888 bthserv - ok
14:22:26.0179 0888 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
14:22:26.0219 0888 BTHUSB - ok
14:22:26.0239 0888 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:22:26.0309 0888 cdfs - ok
14:22:26.0339 0888 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:22:26.0349 0888 cdrom - ok
14:22:26.0389 0888 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:22:26.0459 0888 CertPropSvc - ok
14:22:26.0489 0888 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:22:26.0519 0888 circlass - ok
14:22:26.0569 0888 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:22:26.0599 0888 CLFS - ok
14:22:26.0709 0888 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:22:26.0729 0888 clr_optimization_v2.0.50727_32 - ok
14:22:26.0789 0888 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:22:26.0809 0888 clr_optimization_v2.0.50727_64 - ok
14:22:26.0889 0888 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:22:26.0929 0888 clr_optimization_v4.0.30319_32 - ok
14:22:26.0989 0888 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:22:27.0029 0888 clr_optimization_v4.0.30319_64 - ok
14:22:27.0049 0888 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:22:27.0079 0888 CmBatt - ok
14:22:27.0159 0888 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:22:27.0179 0888 cmdide - ok
14:22:27.0229 0888 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
14:22:27.0259 0888 CNG - ok
14:22:27.0289 0888 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:22:27.0299 0888 Compbatt - ok
14:22:27.0339 0888 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:22:27.0389 0888 CompositeBus - ok
14:22:27.0399 0888 COMSysApp - ok
14:22:27.0419 0888 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:22:27.0429 0888 crcdisk - ok
14:22:27.0479 0888 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
14:22:27.0529 0888 CryptSvc - ok
14:22:27.0619 0888 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
14:22:27.0709 0888 CSC - ok
14:22:27.0769 0888 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
14:22:27.0839 0888 CscService - ok
14:22:27.0939 0888 CVirtA (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
14:22:27.0969 0888 CVirtA - ok
14:22:28.0009 0888 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:22:28.0079 0888 DcomLaunch - ok
14:22:28.0119 0888 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:22:28.0199 0888 defragsvc - ok
14:22:28.0239 0888 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:22:28.0289 0888 DfsC - ok
14:22:28.0339 0888 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:22:28.0409 0888 Dhcp - ok
14:22:28.0439 0888 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:22:28.0469 0888 discache - ok
14:22:28.0509 0888 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:22:28.0519 0888 Disk - ok
14:22:28.0569 0888 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
14:22:28.0589 0888 DNE - ok
14:22:28.0659 0888 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:22:28.0709 0888 Dnscache - ok
14:22:28.0759 0888 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:22:28.0849 0888 dot3svc - ok
14:22:28.0889 0888 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
14:22:28.0939 0888 Dot4 - ok
14:22:28.0979 0888 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
14:22:29.0019 0888 Dot4Print - ok
14:22:29.0039 0888 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
14:22:29.0069 0888 dot4usb - ok
14:22:29.0109 0888 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:22:29.0169 0888 DPS - ok
14:22:29.0199 0888 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:22:29.0219 0888 drmkaud - ok
14:22:29.0329 0888 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:22:29.0369 0888 DXGKrnl - ok
14:22:29.0409 0888 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:22:29.0459 0888 EapHost - ok
14:22:29.0719 0888 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:22:29.0839 0888 ebdrv - ok
14:22:29.0959 0888 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:22:29.0999 0888 EFS - ok
14:22:30.0069 0888 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:22:30.0169 0888 ehRecvr - ok
14:22:30.0209 0888 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:22:30.0269 0888 ehSched - ok
14:22:30.0349 0888 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:22:30.0399 0888 elxstor - ok
14:22:30.0429 0888 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:22:30.0459 0888 ErrDev - ok
14:22:30.0529 0888 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:22:30.0609 0888 EventSystem - ok
14:22:30.0819 0888 EvtEng (51643ee2712d9212e1e53ca7e8d8eb4a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:22:30.0889 0888 EvtEng - ok
14:22:31.0049 0888 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:22:31.0119 0888 exfat - ok
14:22:31.0209 0888 Fabs - ok
14:22:31.0239 0888 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:22:31.0319 0888 fastfat - ok
14:22:31.0429 0888 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:22:31.0509 0888 Fax - ok
14:22:31.0519 0888 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:22:31.0529 0888 fdc - ok
14:22:31.0549 0888 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:22:31.0599 0888 fdPHost - ok
14:22:31.0639 0888 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:22:31.0709 0888 FDResPub - ok
14:22:31.0739 0888 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:22:31.0749 0888 FileInfo - ok
14:22:31.0759 0888 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:22:31.0799 0888 Filetrace - ok
14:22:32.0089 0888 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:22:32.0199 0888 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
14:22:32.0199 0888 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
14:22:32.0329 0888 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:22:32.0369 0888 flpydisk - ok
14:22:32.0509 0888 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:22:32.0539 0888 FltMgr - ok
14:22:32.0707 0888 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
14:22:32.0787 0888 FontCache - ok
14:22:32.0867 0888 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:22:32.0887 0888 FontCache3.0.0.0 - ok
14:22:32.0937 0888 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:22:32.0957 0888 FsDepends - ok
14:22:32.0997 0888 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
14:22:33.0017 0888 Fs_Rec - ok
14:22:33.0087 0888 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:22:33.0127 0888 fvevol - ok
14:22:33.0147 0888 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:22:33.0157 0888 gagp30kx - ok
14:22:33.0207 0888 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:22:33.0217 0888 GEARAspiWDM - ok
14:22:33.0297 0888 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:22:33.0387 0888 gpsvc - ok
14:22:33.0447 0888 hardlock (d619ba1712b83d14149850e758b835ad) C:\Windows\system32\drivers\hardlock.sys
14:22:33.0487 0888 hardlock - ok
14:22:33.0487 0888 hasplms - ok
14:22:33.0507 0888 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:22:33.0557 0888 hcw85cir - ok
14:22:33.0617 0888 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:22:33.0657 0888 HDAudBus - ok
14:22:33.0667 0888 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:22:33.0697 0888 HidBatt - ok
14:22:33.0717 0888 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:22:33.0737 0888 HidBth - ok
14:22:33.0777 0888 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:22:33.0817 0888 HidIr - ok
14:22:33.0847 0888 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:22:33.0917 0888 hidserv - ok
14:22:33.0947 0888 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:22:33.0967 0888 HidUsb - ok
14:22:33.0997 0888 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:22:34.0077 0888 hkmsvc - ok
14:22:34.0117 0888 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:22:34.0187 0888 HomeGroupListener - ok
14:22:34.0227 0888 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:22:34.0257 0888 HomeGroupProvider - ok
14:22:34.0427 0888 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:22:34.0437 0888 hpqcxs08 - ok
14:22:34.0487 0888 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:22:34.0507 0888 hpqddsvc - ok
14:22:34.0607 0888 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:22:34.0627 0888 HpSAMD - ok
14:22:34.0727 0888 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:22:34.0857 0888 HTTP - ok
14:22:34.0907 0888 hwdatacard (8f9b0fc4ec3a8194bd4cbc5ed3e7abeb) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:22:34.0947 0888 hwdatacard - ok
14:22:34.0977 0888 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:22:34.0997 0888 hwpolicy - ok
14:22:35.0037 0888 hwusbdev (b45b3647ba32749b94fa689175ec8c26) C:\Windows\system32\DRIVERS\ewusbdev.sys
14:22:35.0087 0888 hwusbdev - ok
14:22:35.0107 0888 hwusbfake - ok
14:22:35.0157 0888 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:22:35.0167 0888 i8042prt - ok
14:22:35.0227 0888 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
14:22:35.0247 0888 iaStor - ok
14:22:35.0287 0888 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:22:35.0337 0888 iaStorV - ok
14:22:35.0487 0888 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:22:35.0567 0888 idsvc - ok
14:22:36.0327 0888 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:22:36.0707 0888 igfx - ok
14:22:36.0867 0888 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:22:36.0881 0888 iirsp - ok
14:22:36.0973 0888 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:22:37.0073 0888 IKEEXT - ok
14:22:37.0113 0888 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:22:37.0123 0888 intelide - ok
14:22:37.0143 0888 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:22:37.0173 0888 intelppm - ok
14:22:37.0213 0888 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:22:37.0263 0888 IPBusEnum - ok
14:22:37.0303 0888 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:22:37.0363 0888 IpFilterDriver - ok
14:22:37.0403 0888 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:22:37.0493 0888 iphlpsvc - ok
14:22:37.0513 0888 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:22:37.0533 0888 IPMIDRV - ok
14:22:37.0553 0888 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:22:37.0613 0888 IPNAT - ok
14:22:37.0773 0888 iPod Service (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe
14:22:37.0813 0888 iPod Service - ok
14:22:37.0833 0888 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:22:37.0863 0888 IRENUM - ok
14:22:37.0873 0888 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:22:37.0893 0888 isapnp - ok
14:22:37.0923 0888 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:22:37.0963 0888 iScsiPrt - ok
14:22:37.0983 0888 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:22:37.0993 0888 kbdclass - ok
14:22:38.0023 0888 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
14:22:38.0053 0888 kbdhid - ok
14:22:38.0083 0888 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:38.0103 0888 KeyIso - ok
14:22:38.0143 0888 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
14:22:38.0173 0888 KSecDD - ok
14:22:38.0183 0888 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
14:22:38.0203 0888 KSecPkg - ok
14:22:38.0213 0888 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:22:38.0273 0888 ksthunk - ok
14:22:38.0383 0888 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:22:38.0443 0888 KtmRm - ok
14:22:38.0483 0888 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:22:38.0563 0888 LanmanServer - ok
14:22:38.0593 0888 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:22:38.0663 0888 LanmanWorkstation - ok
14:22:38.0703 0888 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:22:38.0753 0888 lltdio - ok
14:22:38.0793 0888 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:22:38.0873 0888 lltdsvc - ok
14:22:38.0893 0888 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:22:38.0933 0888 lmhosts - ok
14:22:38.0973 0888 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:22:38.0993 0888 LSI_FC - ok
14:22:39.0013 0888 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:22:39.0033 0888 LSI_SAS - ok
14:22:39.0053 0888 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:22:39.0063 0888 LSI_SAS2 - ok
14:22:39.0083 0888 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:22:39.0103 0888 LSI_SCSI - ok
14:22:39.0133 0888 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:22:39.0203 0888 luafv - ok
14:22:39.0343 0888 M4-Service (f1d72877fa97d617be70aefb3a30cd91) C:\Users\Oliver Grober\Downloads\M4-Service.exe
14:22:39.0363 0888 M4-Service - ok
14:22:39.0403 0888 massfilter (23488767cb18fc3ff39e3af1db3fb02c) C:\Windows\system32\drivers\massfilter.sys
14:22:39.0443 0888 massfilter - ok
14:22:39.0483 0888 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:22:39.0533 0888 Mcx2Svc - ok
14:22:39.0553 0888 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:22:39.0563 0888 megasas - ok
14:22:39.0603 0888 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:22:39.0643 0888 MegaSR - ok
14:22:39.0753 0888 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:22:39.0773 0888 Microsoft Office Groove Audit Service - ok
14:22:39.0803 0888 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:22:39.0843 0888 MMCSS - ok
14:22:39.0853 0888 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:22:39.0923 0888 Modem - ok
14:22:39.0933 0888 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:22:39.0963 0888 monitor - ok
14:22:40.0013 0888 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
14:22:40.0043 0888 mouclass - ok
14:22:40.0063 0888 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:22:40.0083 0888 mouhid - ok
14:22:40.0123 0888 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:22:40.0143 0888 mountmgr - ok
14:22:40.0233 0888 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:22:40.0263 0888 MozillaMaintenance - ok
14:22:40.0303 0888 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:22:40.0313 0888 mpio - ok
14:22:40.0333 0888 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:22:40.0373 0888 mpsdrv - ok
14:22:40.0443 0888 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:22:40.0533 0888 MpsSvc - ok
14:22:40.0583 0888 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:22:40.0643 0888 MRxDAV - ok
14:22:40.0673 0888 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:22:40.0743 0888 mrxsmb - ok
14:22:40.0793 0888 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:22:40.0843 0888 mrxsmb10 - ok
14:22:40.0863 0888 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:22:40.0883 0888 mrxsmb20 - ok
14:22:40.0923 0888 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:22:40.0933 0888 msahci - ok
14:22:40.0953 0888 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:22:40.0963 0888 msdsm - ok
14:22:40.0993 0888 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:22:41.0023 0888 MSDTC - ok
14:22:41.0053 0888 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:22:41.0093 0888 Msfs - ok
14:22:41.0103 0888 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:22:41.0153 0888 mshidkmdf - ok
14:22:41.0173 0888 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:22:41.0183 0888 msisadrv - ok
14:22:41.0223 0888 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:22:41.0283 0888 MSiSCSI - ok
14:22:41.0283 0888 msiserver - ok
14:22:41.0313 0888 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:22:41.0363 0888 MSKSSRV - ok
14:22:41.0373 0888 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:22:41.0433 0888 MSPCLOCK - ok
14:22:41.0443 0888 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:22:41.0503 0888 MSPQM - ok
14:22:41.0543 0888 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:22:41.0583 0888 MsRPC - ok
14:22:41.0603 0888 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:22:41.0613 0888 mssmbios - ok
14:22:41.0633 0888 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:22:41.0693 0888 MSTEE - ok
14:22:41.0713 0888 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:22:41.0733 0888 MTConfig - ok
14:22:41.0743 0888 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:22:41.0753 0888 Mup - ok
14:22:41.0843 0888 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:22:41.0933 0888 napagent - ok
14:22:41.0983 0888 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:22:42.0043 0888 NativeWifiP - ok
14:22:42.0143 0888 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:22:42.0193 0888 NDIS - ok
14:22:42.0203 0888 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:22:42.0243 0888 NdisCap - ok
14:22:42.0273 0888 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:22:42.0323 0888 NdisTapi - ok
14:22:42.0353 0888 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:22:42.0413 0888 Ndisuio - ok
14:22:42.0443 0888 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:22:42.0503 0888 NdisWan - ok
14:22:42.0533 0888 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:22:42.0603 0888 NDProxy - ok
14:22:42.0703 0888 Net Driver HPZ12 (d4f51e88c71bf8f06ea1be320b0bb75b) C:\Windows\system32\HPZinw12.dll
14:22:42.0713 0888 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:22:42.0713 0888 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:22:42.0753 0888 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:22:42.0823 0888 NetBIOS - ok
14:22:42.0863 0888 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:22:42.0923 0888 NetBT - ok
14:22:42.0963 0888 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:42.0973 0888 Netlogon - ok
14:22:43.0043 0888 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:22:43.0123 0888 Netman - ok
14:22:43.0263 0888 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:43.0293 0888 NetMsmqActivator - ok
14:22:43.0293 0888 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:43.0303 0888 NetPipeActivator - ok
14:22:43.0343 0888 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:22:43.0433 0888 netprofm - ok
14:22:43.0433 0888 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:43.0443 0888 NetTcpActivator - ok
14:22:43.0453 0888 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:43.0463 0888 NetTcpPortSharing - ok
14:22:44.0173 0888 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
14:22:44.0398 0888 NETw5s64 - ok
14:22:44.0971 0888 NETw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\NETw5v64.sys
14:22:45.0161 0888 NETw5v64 ( UnsignedFile.Multi.Generic ) - warning
14:22:45.0161 0888 NETw5v64 - detected UnsignedFile.Multi.Generic (1)
14:22:45.0271 0888 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:22:45.0301 0888 nfrd960 - ok
14:22:45.0361 0888 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:22:45.0421 0888 NlaSvc - ok
14:22:45.0441 0888 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:22:45.0471 0888 Npfs - ok
14:22:45.0501 0888 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:22:45.0551 0888 nsi - ok
14:22:45.0561 0888 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:22:45.0621 0888 nsiproxy - ok
14:22:45.0801 0888 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:22:45.0871 0888 Ntfs - ok
14:22:45.0951 0888 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:22:46.0021 0888 Null - ok
14:22:46.0051 0888 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:22:46.0071 0888 nvraid - ok
14:22:46.0111 0888 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:22:46.0151 0888 nvstor - ok
14:22:46.0181 0888 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:22:46.0191 0888 nv_agp - ok
14:22:46.0241 0888 O2FLASH (d955d5de998db2476bf0892be3a96c26) C:\Windows\system32\DRIVERS\o2flash.exe
14:22:46.0281 0888 O2FLASH - ok
14:22:46.0301 0888 O2MDGRDR (1b2e099223f16aab166e9602f7a5ecd4) C:\Windows\system32\DRIVERS\o2mdgx64.sys
14:22:46.0311 0888 O2MDGRDR - ok
14:22:46.0331 0888 O2SDGRDR (4c9c52d9f4ea5579ff70123004b9fd06) C:\Windows\system32\DRIVERS\o2sdgx64.sys
14:22:46.0341 0888 O2SDGRDR - ok
14:22:46.0471 0888 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:22:46.0501 0888 odserv - ok
14:22:46.0551 0888 OEM13Vfx (766f689564bc30e5a91f8621ce65ad68) C:\Windows\system32\DRIVERS\OEM13Vfx.sys
14:22:46.0581 0888 OEM13Vfx - ok
14:22:46.0631 0888 OEM13Vid (10da4a1271f9790bcad5150f5d861655) C:\Windows\system32\DRIVERS\OEM13Vid.sys
14:22:46.0681 0888 OEM13Vid - ok
14:22:46.0721 0888 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:22:46.0761 0888 ohci1394 - ok
14:22:46.0811 0888 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:22:46.0831 0888 ose - ok
14:22:46.0881 0888 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:22:46.0951 0888 p2pimsvc - ok
14:22:46.0991 0888 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:22:47.0031 0888 p2psvc - ok
14:22:47.0061 0888 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:22:47.0091 0888 Parport - ok
14:22:47.0121 0888 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
14:22:47.0141 0888 partmgr - ok
14:22:47.0171 0888 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:22:47.0201 0888 PcaSvc - ok
14:22:47.0241 0888 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:22:47.0281 0888 pci - ok
14:22:47.0291 0888 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:22:47.0311 0888 pciide - ok
14:22:47.0341 0888 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:22:47.0371 0888 pcmcia - ok
14:22:47.0391 0888 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:22:47.0401 0888 pcw - ok
14:22:47.0451 0888 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:22:47.0521 0888 PEAUTH - ok
14:22:47.0631 0888 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:22:47.0721 0888 PeerDistSvc - ok
14:22:47.0811 0888 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:22:47.0851 0888 PerfHost - ok
14:22:48.0091 0888 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:22:48.0201 0888 pla - ok
14:22:48.0271 0888 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:22:48.0331 0888 PlugPlay - ok
14:22:48.0391 0888 Pml Driver HPZ12 (9a80707d8b6c1806531bfd7399b3cc76) C:\Windows\system32\HPZipm12.dll
14:22:48.0411 0888 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:22:48.0411 0888 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:22:48.0441 0888 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:22:48.0461 0888 PNRPAutoReg - ok
14:22:48.0491 0888 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:22:48.0501 0888 PNRPsvc - ok
14:22:48.0541 0888 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:22:48.0601 0888 PolicyAgent - ok
14:22:48.0641 0888 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:22:48.0721 0888 Power - ok
14:22:48.0791 0888 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:22:48.0871 0888 PptpMiniport - ok
14:22:48.0901 0888 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:22:48.0941 0888 Processor - ok
14:22:49.0011 0888 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
14:22:49.0081 0888 ProfSvc - ok
14:22:49.0111 0888 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:49.0121 0888 ProtectedStorage - ok
14:22:49.0181 0888 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:22:49.0231 0888 Psched - ok
14:22:49.0281 0888 qcusbser (559ae75cc39b3240ed860c405bdff6b2) C:\Windows\system32\DRIVERS\qcusbser.sys
14:22:49.0311 0888 qcusbser - ok
14:22:49.0451 0888 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:22:49.0511 0888 ql2300 - ok
14:22:49.0641 0888 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:22:49.0671 0888 ql40xx - ok
14:22:49.0711 0888 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:22:49.0761 0888 QWAVE - ok
14:22:49.0771 0888 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:22:49.0781 0888 QWAVEdrv - ok
14:22:49.0801 0888 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:22:49.0851 0888 RasAcd - ok
14:22:49.0891 0888 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:22:49.0921 0888 RasAgileVpn - ok
14:22:49.0941 0888 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:22:49.0981 0888 RasAuto - ok
14:22:50.0021 0888 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:22:50.0091 0888 Rasl2tp - ok
14:22:50.0131 0888 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:22:50.0191 0888 RasMan - ok
14:22:50.0211 0888 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:22:50.0281 0888 RasPppoe - ok
14:22:50.0311 0888 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:22:50.0371 0888 RasSstp - ok
14:22:50.0401 0888 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:22:50.0491 0888 rdbss - ok
14:22:50.0511 0888 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:22:50.0521 0888 rdpbus - ok
14:22:50.0541 0888 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:22:50.0581 0888 RDPCDD - ok
14:22:50.0621 0888 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
14:22:50.0661 0888 RDPDR - ok
14:22:50.0671 0888 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:22:50.0721 0888 RDPENCDD - ok
14:22:50.0741 0888 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:22:50.0771 0888 RDPREFMP - ok
14:22:50.0831 0888 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
14:22:50.0901 0888 RDPWD - ok
14:22:50.0961 0888 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:22:51.0001 0888 rdyboost - ok
14:22:51.0141 0888 RegSrvc (3b71b5b91e7dca93585d5a86c897adc4) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:22:51.0191 0888 RegSrvc - ok
14:22:51.0211 0888 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:22:51.0291 0888 RemoteAccess - ok
14:22:51.0321 0888 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:22:51.0391 0888 RemoteRegistry - ok
14:22:51.0461 0888 RetroExpLauncher (2f2cdc75e2d00d47a59051e6b86d9cd3) C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe
14:22:51.0471 0888 RetroExpLauncher - ok
14:22:51.0551 0888 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:22:51.0601 0888 RFCOMM - ok
14:22:51.0631 0888 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:22:51.0691 0888 RpcEptMapper - ok
14:22:51.0721 0888 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:22:51.0741 0888 RpcLocator - ok
14:22:51.0811 0888 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:22:51.0851 0888 RpcSs - ok
14:22:51.0891 0888 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:22:51.0951 0888 rspndr - ok
14:22:52.0001 0888 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:22:52.0061 0888 RTL8167 - ok
14:22:52.0091 0888 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
14:22:52.0111 0888 s3cap - ok
14:22:52.0141 0888 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:22:52.0161 0888 SamSs - ok
14:22:52.0241 0888 Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\Windows\System32\SUPDSvc.exe
14:22:52.0261 0888 Samsung UPD Service - ok
14:22:52.0291 0888 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:22:52.0301 0888 sbp2port - ok
14:22:52.0341 0888 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:22:52.0411 0888 SCardSvr - ok
14:22:52.0441 0888 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:22:52.0501 0888 scfilter - ok
14:22:52.0621 0888 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:22:52.0701 0888 Schedule - ok
14:22:52.0741 0888 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:22:52.0771 0888 SCPolicySvc - ok
14:22:52.0811 0888 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:22:52.0851 0888 SDRSVC - ok
14:22:52.0901 0888 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:22:52.0981 0888 secdrv - ok
14:22:53.0011 0888 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:22:53.0071 0888 seclogon - ok
14:22:53.0101 0888 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:22:53.0161 0888 SENS - ok
14:22:53.0181 0888 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:22:53.0211 0888 SensrSvc - ok
14:22:53.0221 0888 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:22:53.0231 0888 Serenum - ok
14:22:53.0251 0888 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:22:53.0271 0888 Serial - ok
14:22:53.0311 0888 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:22:53.0331 0888 sermouse - ok
14:22:53.0371 0888 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:22:53.0431 0888 SessionEnv - ok
14:22:53.0461 0888 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:22:53.0501 0888 sffdisk - ok
14:22:53.0511 0888 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:22:53.0551 0888 sffp_mmc - ok
14:22:53.0571 0888 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:22:53.0591 0888 sffp_sd - ok
14:22:53.0611 0888 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:22:53.0621 0888 sfloppy - ok
14:22:53.0681 0888 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:22:53.0761 0888 SharedAccess - ok
14:22:53.0821 0888 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:22:53.0871 0888 ShellHWDetection - ok
14:22:53.0891 0888 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:22:53.0911 0888 SiSRaid2 - ok
14:22:53.0931 0888 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:22:53.0941 0888 SiSRaid4 - ok
14:22:53.0971 0888 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:22:54.0001 0888 Smb - ok
14:22:54.0041 0888 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:22:54.0061 0888 SNMPTRAP - ok
14:22:54.0081 0888 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:22:54.0101 0888 spldr - ok
14:22:54.0141 0888 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:22:54.0211 0888 Spooler - ok
14:22:54.0561 0888 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:22:54.0741 0888 sppsvc - ok
14:22:54.0861 0888 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:22:54.0931 0888 sppuinotify - ok
14:22:55.0021 0888 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:22:55.0091 0888 srv - ok
14:22:55.0151 0888 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:22:55.0201 0888 srv2 - ok
14:22:55.0231 0888 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:22:55.0261 0888 srvnet - ok
14:22:55.0301 0888 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:22:55.0351 0888 SSDPSRV - ok
14:22:55.0371 0888 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:22:55.0411 0888 SstpSvc - ok
14:22:55.0551 0888 STacSV (c24310d67140e18526396fb3bbaa91c6) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\STacSV64.exe
14:22:55.0591 0888 STacSV - ok
14:22:55.0611 0888 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:22:55.0631 0888 stexstor - ok
14:22:55.0681 0888 STHDA (c79f5cbc47b19a068d8936df8332e3e6) C:\Windows\system32\DRIVERS\stwrt64.sys
14:22:55.0721 0888 STHDA - ok
14:22:55.0801 0888 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:22:55.0851 0888 stisvc - ok
14:22:55.0891 0888 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
14:22:55.0901 0888 storflt - ok
14:22:55.0921 0888 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
14:22:55.0961 0888 StorSvc - ok
14:22:55.0981 0888 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
14:22:56.0001 0888 storvsc - ok
14:22:56.0011 0888 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:22:56.0021 0888 swenum - ok
14:22:56.0091 0888 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:22:56.0161 0888 swprv - ok
14:22:56.0351 0888 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:22:56.0451 0888 SysMain - ok
14:22:56.0591 0888 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:22:56.0611 0888 TabletInputService - ok
14:22:56.0641 0888 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:22:56.0721 0888 TapiSrv - ok
14:22:56.0751 0888 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:22:56.0791 0888 TBS - ok
14:22:57.0011 0888 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
14:22:57.0091 0888 Tcpip - ok
14:22:57.0271 0888 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
14:22:57.0311 0888 TCPIP6 - ok
14:22:57.0391 0888 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:22:57.0441 0888 tcpipreg - ok
14:22:57.0481 0888 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:22:57.0501 0888 TDPIPE - ok
14:22:57.0531 0888 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:22:57.0571 0888 TDTCP - ok
14:22:57.0621 0888 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:22:57.0681 0888 tdx - ok
14:22:57.0711 0888 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:22:57.0721 0888 TermDD - ok
14:22:57.0761 0888 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:22:57.0861 0888 TermService - ok
14:22:57.0891 0888 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:22:57.0921 0888 Themes - ok
14:22:57.0951 0888 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:22:57.0981 0888 THREADORDER - ok
14:22:58.0001 0888 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:22:58.0061 0888 TrkWks - ok
14:22:58.0131 0888 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:22:58.0181 0888 TrustedInstaller - ok
14:22:58.0211 0888 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:22:58.0281 0888 tssecsrv - ok
14:22:58.0351 0888 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:22:58.0381 0888 TsUsbFlt - ok
14:22:58.0441 0888 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:22:58.0501 0888 tunnel - ok
14:22:58.0541 0888 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:22:58.0551 0888 uagp35 - ok
14:22:58.0611 0888 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:22:58.0671 0888 udfs - ok
14:22:58.0761 0888 UI Assistant Service (ec23505f255d0da9230a3237ef5839ad) C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
14:22:58.0771 0888 UI Assistant Service ( UnsignedFile.Multi.Generic ) - warning
14:22:58.0771 0888 UI Assistant Service - detected UnsignedFile.Multi.Generic (1)
14:22:58.0801 0888 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:22:58.0831 0888 UI0Detect - ok
14:22:58.0871 0888 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:22:58.0891 0888 uliagpkx - ok
14:22:58.0921 0888 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:22:58.0941 0888 umbus - ok
14:22:58.0951 0888 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:22:58.0971 0888 UmPass - ok
14:22:59.0021 0888 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
14:22:59.0051 0888 UmRdpService - ok
14:22:59.0081 0888 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:22:59.0161 0888 upnphost - ok
14:22:59.0221 0888 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
14:22:59.0261 0888 usbaudio - ok
14:22:59.0281 0888 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:22:59.0311 0888 usbccgp - ok
14:22:59.0361 0888 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:22:59.0391 0888 usbcir - ok
14:22:59.0411 0888 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:22:59.0431 0888 usbehci - ok
14:22:59.0461 0888 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:22:59.0521 0888 usbhub - ok
14:22:59.0551 0888 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
14:22:59.0581 0888 usbohci - ok
14:22:59.0621 0888 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:22:59.0661 0888 usbprint - ok
14:22:59.0691 0888 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:22:59.0721 0888 usbscan - ok
14:22:59.0781 0888 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:22:59.0831 0888 USBSTOR - ok
14:22:59.0861 0888 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
14:22:59.0891 0888 usbuhci - ok
14:22:59.0941 0888 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:22:59.0981 0888 usbvideo - ok
14:23:00.0011 0888 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:23:00.0061 0888 UxSms - ok
14:23:00.0081 0888 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:23:00.0091 0888 VaultSvc - ok
14:23:00.0111 0888 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:23:00.0121 0888 vdrvroot - ok
14:23:00.0201 0888 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:23:00.0261 0888 vds - ok
14:23:00.0291 0888 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:23:00.0311 0888 vga - ok
14:23:00.0321 0888 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:23:00.0381 0888 VgaSave - ok
14:23:00.0411 0888 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:23:00.0431 0888 vhdmp - ok
14:23:00.0461 0888 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:23:00.0491 0888 viaide - ok
14:23:00.0521 0888 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
14:23:00.0551 0888 vmbus - ok
14:23:00.0571 0888 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
14:23:00.0591 0888 VMBusHID - ok
14:23:00.0621 0888 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:23:00.0631 0888 volmgr - ok
14:23:00.0681 0888 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:23:00.0701 0888 volmgrx - ok
14:23:00.0731 0888 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:23:00.0771 0888 volsnap - ok
14:23:00.0781 0888 vpnva - ok
14:23:00.0801 0888 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:23:00.0821 0888 vsmraid - ok
14:23:00.0981 0888 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:23:01.0081 0888 VSS - ok
14:23:01.0211 0888 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:23:01.0251 0888 vwifibus - ok
14:23:01.0271 0888 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:23:01.0321 0888 vwififlt - ok
14:23:01.0341 0888 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:23:01.0371 0888 vwifimp - ok
14:23:01.0411 0888 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:23:01.0471 0888 W32Time - ok
14:23:01.0491 0888 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:23:01.0511 0888 WacomPen - ok
14:23:01.0561 0888 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:23:01.0621 0888 WANARP - ok
14:23:01.0641 0888 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:23:01.0671 0888 Wanarpv6 - ok
14:23:01.0821 0888 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:23:01.0891 0888 WatAdminSvc - ok
14:23:02.0051 0888 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:23:02.0121 0888 wbengine - ok
14:23:02.0251 0888 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:23:02.0291 0888 WbioSrvc - ok
14:23:02.0361 0888 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:23:02.0411 0888 wcncsvc - ok
14:23:02.0431 0888 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:23:02.0461 0888 WcsPlugInService - ok
14:23:02.0491 0888 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:23:02.0511 0888 Wd - ok
14:23:02.0561 0888 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:23:02.0621 0888 Wdf01000 - ok
14:23:02.0631 0888 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:23:02.0741 0888 WdiServiceHost - ok
14:23:02.0741 0888 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:23:02.0761 0888 WdiSystemHost - ok
14:23:02.0811 0888 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:23:02.0861 0888 WebClient - ok
14:23:02.0891 0888 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:23:02.0971 0888 Wecsvc - ok
14:23:02.0991 0888 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:23:03.0051 0888 wercplsupport - ok
14:23:03.0071 0888 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:23:03.0141 0888 WerSvc - ok
14:23:03.0201 0888 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:23:03.0241 0888 WfpLwf - ok
14:23:03.0261 0888 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:23:03.0271 0888 WIMMount - ok
14:23:03.0301 0888 WinDefend - ok
14:23:03.0311 0888 WinHttpAutoProxySvc - ok
14:23:03.0371 0888 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:23:03.0431 0888 Winmgmt - ok
14:23:03.0651 0888 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:23:03.0741 0888 WinRM - ok
14:23:03.0921 0888 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:23:03.0981 0888 Wlansvc - ok
14:23:04.0251 0888 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:23:04.0331 0888 wlidsvc - ok
14:23:04.0441 0888 WMCoreService (b8f37c769f466ebfda2fb848516ea804) C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
14:23:04.0451 0888 WMCoreService ( UnsignedFile.Multi.Generic ) - warning
14:23:04.0451 0888 WMCoreService - detected UnsignedFile.Multi.Generic (1)
14:23:04.0561 0888 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:23:04.0601 0888 WmiAcpi - ok
14:23:04.0671 0888 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:23:04.0721 0888 wmiApSrv - ok
14:23:04.0751 0888 WMPNetworkSvc - ok
14:23:04.0771 0888 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:23:04.0811 0888 WPCSvc - ok
14:23:04.0851 0888 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:23:04.0871 0888 WPDBusEnum - ok
14:23:04.0901 0888 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:23:04.0951 0888 ws2ifsl - ok
14:23:04.0971 0888 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
14:23:05.0001 0888 wscsvc - ok
14:23:05.0001 0888 WSearch - ok
14:23:05.0031 0888 WTGService - ok
14:23:05.0291 0888 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
14:23:05.0391 0888 wuauserv - ok
14:23:05.0551 0888 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:23:05.0631 0888 WudfPf - ok
14:23:05.0671 0888 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:23:05.0731 0888 WUDFRd - ok
14:23:05.0761 0888 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:23:05.0791 0888 wudfsvc - ok
14:23:05.0831 0888 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:23:05.0891 0888 WwanSvc - ok
14:23:05.0941 0888 ZTEusbmdm6k (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:23:05.0991 0888 ZTEusbmdm6k - ok
14:23:06.0011 0888 ZTEusbnmea (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:23:06.0031 0888 ZTEusbnmea - ok
14:23:06.0051 0888 ZTEusbser6k (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:23:06.0061 0888 ZTEusbser6k - ok
14:23:06.0121 0888 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:23:06.0651 0888 \Device\Harddisk0\DR0 - ok
14:23:06.0661 0888 Boot (0x1200) (1eebb9bec2bb6b030068e0b0dcf56008) \Device\Harddisk0\DR0\Partition0
14:23:06.0661 0888 \Device\Harddisk0\DR0\Partition0 - ok
14:23:06.0671 0888 Boot (0x1200) (2772750ffa27b1d60edaec0b1032891e) \Device\Harddisk0\DR0\Partition1
14:23:06.0671 0888 \Device\Harddisk0\DR0\Partition1 - ok
14:23:06.0701 0888 Boot (0x1200) (7fb0223393fb5427ad02fee12f1eef54) \Device\Harddisk0\DR0\Partition2
14:23:06.0701 0888 \Device\Harddisk0\DR0\Partition2 - ok
14:23:06.0701 0888 ============================================================
14:23:06.0701 0888 Scan finished
14:23:06.0701 0888 ============================================================
14:23:06.0721 5992 Detected object count: 9
14:23:06.0721 5992 Actual detected object count: 9
14:23:51.0511 5992 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
14:23:51.0511 5992 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
14:23:51.0521 5992 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:51.0521 5992 AntiVirSchedulerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:51.0521 5992 AntiVirService ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:51.0521 5992 AntiVirService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:51.0521 5992 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:51.0521 5992 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:51.0521 5992 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:51.0521 5992 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:51.0531 5992 NETw5v64 ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:51.0531 5992 NETw5v64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:51.0531 5992 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:51.0531 5992 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:51.0531 5992 UI Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:51.0531 5992 UI Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:51.0531 5992 WMCoreService ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:51.0531 5992 WMCoreService ( UnsignedFile.Multi.Generic ) - User select action: Skip
Oliver |
|
10.08.2012, 12:37
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.VB.1624 und TR/Drop.Injector.filw Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
13.08.2012, 08:13
| #19 |
| | TR/Agent.VB.1624 und TR/Drop.Injector.filw Hallo Arne, hier das Log von ComboFix. Nach Updates wurde nicht gefragt und es sind auch noch keine Fehlermeldungen aufgetreten. Code:
ATTFilter ComboFix 12-08-10.02 - *** 13.08.2012 8:43.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4057.2551 [GMT 2:00]
ausgeführt von:: c:\desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-13 bis 2012-08-13 ))))))))))))))))))))))))))))))
.
.
2012-08-13 06:52 . 2012-08-13 06:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-13 06:52 . 2012-08-13 06:52 -------- d-----w- c:\users\***-Team\AppData\Local\temp
2012-08-13 06:50 . 2012-08-13 06:50 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FB7A1064-21C0-4183-9AA0-C6B41FC887A0}\offreg.dll
2012-08-10 08:47 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FB7A1064-21C0-4183-9AA0-C6B41FC887A0}\mpengine.dll
2012-08-08 13:19 . 2012-08-08 13:19 -------- d-----w- C:\_OTL
2012-07-31 09:41 . 2012-07-31 09:41 -------- d-----w- c:\program files (x86)\ESET
2012-07-31 08:13 . 2012-07-31 08:13 -------- d-----w- c:\users\***\AppData\Roaming\Malwarebytes
2012-07-31 08:13 . 2012-07-31 08:13 -------- d-----w- c:\programdata\Malwarebytes
2012-07-31 08:13 . 2012-07-31 08:13 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-31 08:13 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-26 01:10 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-04 13:49 . 2011-04-13 15:27 89680 ----a-w- c:\users\***\MSSSerif120.fon
2012-08-04 13:23 . 2012-07-04 14:30 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-04 13:23 . 2011-06-19 12:49 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-26 01:05 . 2010-03-03 18:43 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-09 05:43 . 2012-07-12 07:51 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-12 07:51 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-12 07:51 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-12 07:51 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-12 07:51 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-12 07:51 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-12 07:51 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-23 11:50 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-23 11:51 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-23 11:51 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-23 11:51 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-23 11:50 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-23 11:51 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-23 11:50 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-23 11:50 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-23 11:50 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-12 07:51 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-12 07:51 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-12 07:51 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-12 07:51 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-12 07:51 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-12 07:51 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-12 07:51 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-12 07:51 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-12 07:51 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2010-03-03 10:38 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"HW_OPENEYE_OUC_T-Mobile Internet Manager"="c:\program files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe" [2009-12-31 110592]
"Akamai NetSession Interface"="c:\users\***\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UIExec"="c:\program files (x86)\Mobile Partner Manager\UIExec.exe" [2009-12-02 132096]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-17 421160]
"DataCardMonitor"="c:\program files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe" [2011-02-16 253952]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Iomega StorCenter.lnk - c:\program files (x86)\Iomega StorCenter\sohoclient.exe [2011-4-13 1877328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 M4-Service;M4-Service;c:\users\***\Downloads\M4-Service.exe [2012-02-07 1007472]
R2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\Mobile Partner Manager\AssistantServices.exe [2009-12-02 246272]
R2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [x]
R2 WTGService;WTGService;c:\program files (x86)\WINDHellasConnectionManager\WTGService.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-04 250056]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-10-29 11776]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-07 113120]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [2009-05-14 5435904]
R3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2009-08-27 118016]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-08-09 166704]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-17 1255736]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e19b3ab5cd326817\AESTSr64.exe [2009-03-03 89600]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2011-11-22 78208]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-02-03 1155072]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [2009-05-22 69152]
S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdgx64.sys [2009-05-07 48800]
S3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys [2007-03-05 12288]
S3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys [2008-05-28 267296]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-17 215040]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-04 13:23]
.
2011-10-26 c:\windows\Tasks\WebReg HP Photosmart B010 series.job
- c:\program files (x86)\HP\Digital Imaging\bin\hpqwrg.exe [2009-11-17 22:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-29 309248]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.hiergehtslos.de
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MIF5BA~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\0hq496zl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&ie=ISO-8859-1&q=&sa=Search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-WinHex - f:\winhex\WinHex.exe
AddRemove-WinSetupFromUSB - c:\winsetupfromusb\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-13 09:08:24
ComboFix-quarantined-files.txt 2012-08-13 07:08
.
Vor Suchlauf: 18 Verzeichnis(se), 233.109.172.224 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 233.022.214.144 Bytes frei
.
- - End Of File - - 73239E27D9C924DE98C72B7FF659B646
Oliver |
|
13.08.2012, 17:34
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.VB.1624 und TR/Drop.Injector.filw Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.08.2012, 09:00
| #21 |
| | TR/Agent.VB.1624 und TR/Drop.Injector.filw Hallo Arne, hier das Log von GMER: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-14 09:18:40
Windows 6.1.7601 Service Pack 1
Running: wpul1l2u.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c417feffd184
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c417feffd184@0025d0c70088 0x92 0xBA 0xB3 0xA7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c417feffd184@20d607b9b083 0x85 0xAF 0x50 0xDF ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c417feffd184@f8db7fc58e5a 0x52 0x3A 0xEF 0x64 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c417feffd184 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c417feffd184@0025d0c70088 0x92 0xBA 0xB3 0xA7 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c417feffd184@20d607b9b083 0x85 0xAF 0x50 0xDF ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c417feffd184@f8db7fc58e5a 0x52 0x3A 0xEF 0x64 ...
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 09:34:31 on 14.08.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "WebReg HP Photosmart B010 series.job" - "Hewlett-Packard Company" - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MIF5BA~1\Office12\MLCFG32.CPL "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64" (vpnva) - ? - C:\Windows\System32\DRIVERS\vpnva64.sys (File not found) "Huawei DataCard USB Fake" (hwusbfake) - ? - C:\Windows\System32\DRIVERS\ewusbfake.sys (File not found) "Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit" (NETw5v64) - "Intel Corporation" - C:\Windows\System32\DRIVERS\NETw5v64.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - c:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {0107B611-5FC7-11D5-B092-00C026283F7F} "büro+ SendenAn Erweiterung" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~2\MIF5BA~1\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MIF5BA~1\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MIF5BA~1\Office12\OLKFSTUB.DLL {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files (x86)\WinRAR\rarext.dll {B41DB860-64E4-11D2-9906-E49FADC173CA} "WinRAR shell extension" - ? - (File not found | COM-object registry key not found) {E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files (x86)\WinZip\wzshlstb.dll {E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files (x86)\WinZip\wzshlstb.dll {E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files (x86)\WinZip\wzshlstb.dll {E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files (x86)\WinZip\wzshlstb.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll {0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Shortcut exists | File exists) "desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) "Iomega StorCenter.lnk" - "EMC" - C:\Program Files (x86)\Iomega StorCenter\sohoclient.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Akamai NetSession Interface" - "Akamai Technologies, Inc" - "C:\Users\***\AppData\Local\Akamai\netsession_win.exe" "HW_OPENEYE_OUC_T-Mobile Internet Manager" - "Huawei Technologies Co., Ltd." - "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe" "Skype" - "Skype Technologies S.A." - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "DataCardMonitor" - "Huawei Technologies Co., Ltd." - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe "iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "UIExec" - ? - "C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe" (File found, but it contains no detailed information) [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "CUSTPDF Writer Monitor x86" - ? - C:\Windows\system32\custmon64.dll (File found, but it contains no detailed information) "spd__ Langmon" - ? - C:\Windows\system32\spd__l.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Akamai NetSession Interface" (Akamai) - "Akamai Technologies, Inc" - c:\program files (x86)\common files\akamai\netsession_win_4f7fccd.dll "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll "Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe "Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "M4-Service" (M4-Service) - ? - C:\Users\***\Downloads\M4-Service.exe (File found, but it contains no detailed information) "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe "Mobile Broadband Core Service" (WMCoreService) - ? - C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe (File found, but it contains no detailed information) "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Retrospect Express HD Launcher" (RetroExpLauncher) - "EMC Corporation" - C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe "Samsung UPD Service" (Samsung UPD Service) - "Samsung Electronics CO., LTD." - C:\Windows\System32\SUPDSvc.exe "UI Assistant Service" (UI Assistant Service) - ? - C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe (File found, but it contains no detailed information) "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE "WTGService" (WTGService) - ? - C:\Program Files (x86)\WINDHellasConnectionManager\WTGService.exe (File not found) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-14 09:36:35
-----------------------------
09:36:35.006 OS Version: Windows x64 6.1.7601 Service Pack 1
09:36:35.006 Number of processors: 2 586 0x170A
09:36:35.021 ComputerName: ***-PC UserName: ***
09:36:35.911 Initialize success
09:37:40.891 AVAST engine defs: 12081400
09:37:56.304 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:37:56.304 Disk 0 Vendor: ST932042 0004 Size: 305245MB BusType: 3
09:37:56.319 Disk 0 MBR read successfully
09:37:56.319 Disk 0 MBR scan
09:37:56.351 Disk 0 Windows 7 default MBR code
09:37:56.351 Disk 0 Partition 1 00 0C FAT32 LBA 39 MB offset 63
09:37:56.366 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
09:37:56.397 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290204 MB offset 30801920
09:37:56.429 Disk 0 scanning C:\Windows\system32\drivers
09:38:11.982 Service scanning
09:38:39.391 Modules scanning
09:38:39.391 Disk 0 trace - called modules:
09:38:39.438 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
09:38:39.438 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005794060]
09:38:39.438 3 CLASSPNP.SYS[fffff88001bae43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80047af050]
09:38:42.230 AVAST engine scan C:\Windows
09:38:48.502 AVAST engine scan C:\Windows\system32
09:44:04.386 AVAST engine scan C:\Windows\system32\drivers
09:44:21.718 AVAST engine scan C:\Users\***
09:48:48.416 AVAST engine scan C:\ProgramData
09:50:14.840 Scan finished successfully
09:54:17.826 Disk 0 MBR has been saved successfully to "C:\Desktop\MBR.dat"
09:54:17.826 The log file has been saved successfully to "C:\Desktop\aswMBR.txt"
Vielen Dank und besten Gruß Oliver |
|
14.08.2012, 15:58
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.VB.1624 und TR/Drop.Injector.filw Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.08.2012, 13:36
| #23 |
| | TR/Agent.VB.1624 und TR/Drop.Injector.filw Hallo Arne, hier das Log von Malewarebytes. Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.17.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 *** :: ***-PC [Administrator] 17.08.2012 12:36:50 mbam-log-2012-08-17 (12-36-50).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|V:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 351181 Laufzeit: 46 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Users\***\Downloads\SoftonicDownloader_fuer_extensoft-free-video-converter.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\***\Downloads\SoftonicDownloader_fuer_videopad-video-editor.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/17/2012 at 11:31 AM
Application Version : 5.5.1012
Core Rules Database Version : 9074
Trace Rules Database Version: 6886
Scan type : Complete Scan
Total Scan Time : 01:37:10
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 680
Memory threats detected : 0
Registry items scanned : 68400
Registry threats detected : 0
File items scanned : 144042
File threats detected : 210
Adware.Tracking Cookie
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\K6F04F47.txt [ /msnportal.112.2o7.net ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\NN7Z1J85.txt [ /apmebf.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\8DN7ZTM7.txt [ /de.sitestat.com ]
C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\42TN3GTK.txt [ /mediaplex.com ]
C:\USERS\***-TEAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\***-team@atdmt[1].txt [ Cookie:***-team@atdmt.com/ ]
C:\USERS\***-TEAM\AppData\Roaming\Microsoft\Windows\Cookies\Low\***-team@msnportal.112.2o7[1].txt [ Cookie:***-team@msnportal.112.2o7.net/ ]
C:\USERS\***\Cookies\K6F04F47.txt [ Cookie:***@msnportal.112.2o7.net/ ]
C:\USERS\***\Cookies\NN7Z1J85.txt [ Cookie:***@apmebf.com/ ]
C:\USERS\***\Cookies\8DN7ZTM7.txt [ Cookie:***@de.sitestat.com/is24-mail/is24-mail/ ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.nakedwomennude.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
www.2sexybikini.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
www.outdoorsmedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.sexshop-dildo-king.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
www.gamestats.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
www.gamestats.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.youpornzilla.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.youpornzilla.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
antipornography.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
antipornography.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
www.antipornography.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
www.antipornography.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.antipornography.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.antipornography.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
adserver.yopi.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
adserver.yopi.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.gamestats.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.gamestats.org [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.moviefind.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.moviefind.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.edge.download.newmedia.nacamar.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.edge.download.newmedia.nacamar.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.werbebanner24.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.werbebanner24.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.mediamilkshake.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.mediamilkshake.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
stats.admin.ammersee-segelschule.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
media-mgmt.armorgames.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.entrepreneurship.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.entrepreneurship.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.xxxdessert.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.xxxdessert.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
adserver.hardsextube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tracker.icerocket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tracker.icerocket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0HQ496ZL.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-SoftonicDownloader
C:\USERS\***\DOWNLOADS\SOFTONICDOWNLOADER_FUER_EXTENSOFT-FREE-VIDEO-CONVERTER.EXE
C:\USERS\***\DOWNLOADS\SOFTONICDOWNLOADER_FUER_VIDEOPAD-VIDEO-EDITOR.EXE
Oliver |
|
17.08.2012, 20:44
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Agent.VB.1624 und TR/Drop.Injector.filwCode:
ATTFilter C:\Users\***\Downloads\SoftonicDownloader_fuer_extensoft-free-video-converter.exe
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu TR/Agent.VB.1624 und TR/Drop.Injector.filw |
| adobe, akamai, antivir, autorun, avast, avira, bho, excel, explorer, firefox, flash player, format, helper, logfile, mozilla, nicht möglich, plug-in, problem, programme, realtek, registry, scan, searchscopes, senden, software, sperrseite, t-mobile, task-manager, taskmanager, tr/agent.vb.1624 und tr/drop.injector.filw trojaner, windows |
