| |
| |||||||
Log-Analyse und Auswertung: google leitet auf andere seiten ("zwischen-url webplains)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.12.2011, 11:01
| #16 |
 |  google leitet auf andere seiten ("zwischen-url webplains) Hallo Arne, hier die neuen Logs, Danke Dir |
|
04.12.2011, 19:14
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | google leitet auf andere seiten ("zwischen-url webplains) Die Dateien sind kaputt.
__________________Speicher reinen Text bitte nicht in MS-Office-Dateien, das macht keinen Sinn! Nimm für reinen Text Editoren wie zB das Bordmittel bei Windows notepad oder den besseren Editor Notepad++
__________________ |
|
08.12.2011, 17:18
| #18 |
| | google leitet auf andere seiten ("zwischen-url webplains) Hallo Arne,
__________________hier der log über notepad. die andere Datei war nur der screenshot von mcaffee Lg karin Sicherheitsbericht Dezember 4, 2011 Ihr Abonnement ist aktiv. Ihr Abonnement läuft in 369 Tagen ab. Lizenz Lizenzen:1 Aktualisieren Letzte Aktualisierung:04.12.2011 09:56 Nächste Aktualisierung:04.12.2011 14:52 Scan-Bericht Letzter Scan:23.11.2011 23:39 Typ:Schnellscan Gescannte Elemente gesamt:5810 Scan-Aktivität Schnell:2 Vollständig:6 Benutzerdefiniert:0 Geplant:8 Rechtsklick:0 Neustart:0 Firewall Gesamtaktivität Zugelassene Programme:1203 Blockierte Programme:0 Entdeckte Eindringungsversuche:0 Risikoreiche Verbindungen versucht:0 Risikoreiche Verbindungen zugelassen:0 Risikoreiche Verbindungen blockiert:0 Anti-Spam Aktivitäten in den letzten 30 Tagen Gefilterte Spam-Nachrichten:0 Empfangene saubere Nachrichten:0 misp://reportframe.html/ Entdeckte Elemente Viren:0 Trojaner:12 Rootkits:0 Verfolgungs-Cookies:6370 Buffer Overflows:0 Potentiell unerwünschte Programme:0 Seite 1 von 2 04.12.2011 QuickClean Gesamtzahl der entfernten Elemente: 5032 Papierkorb:2 Temporäre Dateien:3625 Registrierung:307 Andere Systemdateien:26 Internet Explorer:23 Firefox:0 Chrome:0 Outlook:0 Windows Mail:0 Shredder Geschredderte Elemente gesamt:0 Mein Heimnetzwerk Entdeckte Eindringlinge:0 Vertrauensbeziehungen:0 Erkannte Probleme:0 Behobene Probleme:0 misp://reportfram |
|
08.12.2011, 17:24
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | google leitet auf andere seiten ("zwischen-url webplains) Mach mal den OTL fix
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.12.2011, 17:55
| #20 |
| | google leitet auf andere seiten ("zwischen-url webplains) Hallo Arne, hier die logs, nach dem Neustart: All processes killed ========== OTL ========== C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\kmfc5jwi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully. C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\kmfc5jwi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully. C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\kmfc5jwi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully. C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\kmfc5jwi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully. C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\kmfc5jwi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully. C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\kmfc5jwi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully. C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully. C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully. C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully. C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully. C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully. C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5B291E6C-9A74-4034-971B-A4B007A0B315} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B291E6C-9A74-4034-971B-A4B007A0B315}\ deleted successfully. C:\Program Files (x86)\RadioBar\toolbar.ni.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B291E6C-9A74-4034-971B-A4B007A0B315} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B291E6C-9A74-4034-971B-A4B007A0B315}\ not found. File C:\Program Files (x86)\RadioBar\toolbar.ni.dll not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Search Protection deleted successfully. C:\Windows\Tasks\siaxtmmr.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Anna ->Temp folder emptied: 1211322 bytes ->Temporary Internet Files folder emptied: 400739 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 158578896 bytes ->Flash cache emptied: 1600 bytes User: Christian ->Temp folder emptied: 9794054 bytes ->Temporary Internet Files folder emptied: 16506965 bytes ->Java cache emptied: 228479 bytes ->FireFox cache emptied: 243882935 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 2396 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2522 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50501 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 411,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.31.0 log created on 12082011_174418 Files\Folders moved on Reboot... File\Folder C:\Users\Christian\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\64CV6YBX\4;j1=4;i0=3;n0=4;n1=3;a0=0;a1=1;b8=1;c0=2;c1=2;c2=2;d7=2;e8=0;f6=2;g1=1;g4=2;g5=2;ct=0;ct_s=1;z1=2;z2=2;ct_y=1;x9=1;x1=0;x5 =1;x3=1;x7=1;k6=0;x8=1;k8=1;x4=1;x6=1;x2=0[10].js not found! File\Folder C:\Users\Christian\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\64CV6YBX\4;j1=4;i0=3;n0=4;n1=3;a0=0;a1=1;b8=1;c0=2;c1=2;c2=2;d7=2;e8=0;f6=2;g1=1;g4=2;g5=2;ct=0;ct_s=1;z1=2;z2=2;ct_y=1;x9=1;x1=0;x5 =1;x3=1;x7=1;k6=0;x8=1;k8=1;x4=1;x6=1;x2=0[11].js not found! File\Folder C:\Users\Christian\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\5WMT1BHE\4;j1=4;i0=3;n0=4;n1=3;a0=0;a1=1;b8=1;c0=2;c1=2;c2=2;d7=2;e8=0;f6=2;g1=1;g4=2;g5=2;ct=0;ct_s=1;z1=2;z2=2;ct_y=1;x9=1;x1=0;x5 =1;x3=1;x7=1;k6=0;x8=1;k8=1;x4=1;x6=1;x2=0[10].js not found! File\Folder C:\Users\Christian\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3MGXPS8R\4;j1=4;i0=3;n0=4;n1=3;a0=0;a1=1;b8=1;c0=2;c1=2;c2=2;d7=2;e8=0;f6=2;g1=1;g4=2;g5=2;ct=0;ct_s=1;z1=2;z2=2;ct_y=1;x9=1;x1=0;x5 =1;x3=1;x7=1;k6=0;x8=1;k8=1;x4=1;x6=1;x2=0[10].js not found! File\Folder C:\Users\Christian\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3MGXPS8R\4;j1=4;i0=3;n0=4;n1=3;a0=0;a1=1;b8=1;c0=2;c1=2;c2=2;d7=2;e8=0;f6=2;g1=1;g4=2;g5=2;ct=0;ct_s=1;z1=2;z2=2;ct_y=1;x9=1;x1=0;x5 =1;x3=1;x7=1;k6=0;x8=1;k8=1;x4=1;x6=1;x2=0[11].js not found! C:\Users\Christian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... |
|
08.12.2011, 20:56
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | google leitet auf andere seiten ("zwischen-url webplains) Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> google leitet auf andere seiten ("zwischen-url webplains) |
|
10.12.2011, 10:39
| #22 |
| | google leitet auf andere seiten ("zwischen-url webplains) hallo Arne hier der report aus dem Kaspersky tool das lustige ist übrigens, dass die umleitung nur noch beim ersten anklicken eines links in google passiert, gehe ich dann zurück und klicke nochmal funktioniert es wieder lg Karin 10:35:35.0735 3048 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06 10:35:37.0739 3048 ============================================================ 10:35:37.0739 3048 Current date / time: 2011/12/10 10:35:37.0739 10:35:37.0739 3048 SystemInfo: 10:35:37.0740 3048 10:35:37.0740 3048 OS Version: 6.1.7601 ServicePack: 1.0 10:35:37.0740 3048 Product type: Workstation 10:35:37.0740 3048 ComputerName: CHRISTIAN-PC 10:35:37.0741 3048 UserName: Christian 10:35:37.0741 3048 Windows directory: C:\Windows 10:35:37.0741 3048 System windows directory: C:\Windows 10:35:37.0741 3048 Running under WOW64 10:35:37.0741 3048 Processor architecture: Intel x64 10:35:37.0741 3048 Number of processors: 2 10:35:37.0741 3048 Page size: 0x1000 10:35:37.0741 3048 Boot type: Normal boot 10:35:37.0741 3048 ============================================================ 10:35:38.0146 3048 Initialize success 10:36:21.0274 1500 ============================================================ 10:36:21.0274 1500 Scan started 10:36:21.0274 1500 Mode: Manual; SigCheck; TDLFS; 10:36:21.0274 1500 ============================================================ 10:36:21.0642 1500 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 10:36:21.0859 1500 1394ohci - ok 10:36:22.0047 1500 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 10:36:22.0068 1500 ACPI - ok 10:36:22.0123 1500 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 10:36:22.0270 1500 AcpiPmi - ok 10:36:22.0423 1500 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 10:36:22.0483 1500 adp94xx - ok 10:36:22.0537 1500 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 10:36:22.0594 1500 adpahci - ok 10:36:22.0646 1500 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 10:36:22.0687 1500 adpu320 - ok 10:36:22.0721 1500 Afc - ok 10:36:22.0882 1500 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 10:36:23.0007 1500 AFD - ok 10:36:23.0142 1500 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 10:36:23.0169 1500 agp440 - ok 10:36:23.0250 1500 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 10:36:23.0285 1500 aliide - ok 10:36:23.0335 1500 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 10:36:23.0353 1500 amdide - ok 10:36:23.0412 1500 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 10:36:23.0518 1500 AmdK8 - ok 10:36:23.0643 1500 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 10:36:23.0708 1500 AmdPPM - ok 10:36:23.0769 1500 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 10:36:23.0839 1500 amdsata - ok 10:36:23.0885 1500 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 10:36:23.0939 1500 amdsbs - ok 10:36:23.0960 1500 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 10:36:24.0017 1500 amdxata - ok 10:36:24.0067 1500 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 10:36:24.0331 1500 AppID - ok 10:36:24.0510 1500 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 10:36:24.0544 1500 arc - ok 10:36:24.0555 1500 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 10:36:24.0575 1500 arcsas - ok 10:36:24.0616 1500 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 10:36:24.0764 1500 AsyncMac - ok 10:36:24.0899 1500 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 10:36:24.0915 1500 atapi - ok 10:36:25.0117 1500 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys 10:36:25.0474 1500 atikmdag - ok 10:36:25.0669 1500 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 10:36:25.0767 1500 b06bdrv - ok 10:36:25.0930 1500 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 10:36:26.0009 1500 b57nd60a - ok 10:36:26.0364 1500 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 10:36:26.0443 1500 Beep - ok 10:36:26.0607 1500 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 10:36:26.0675 1500 blbdrive - ok 10:36:26.0843 1500 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 10:36:26.0972 1500 bowser - ok 10:36:27.0101 1500 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 10:36:27.0208 1500 BrFiltLo - ok 10:36:27.0218 1500 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 10:36:27.0243 1500 BrFiltUp - ok 10:36:27.0266 1500 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 10:36:27.0384 1500 Brserid - ok 10:36:27.0542 1500 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 10:36:27.0622 1500 BrSerWdm - ok 10:36:27.0634 1500 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 10:36:27.0684 1500 BrUsbMdm - ok 10:36:27.0696 1500 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 10:36:27.0719 1500 BrUsbSer - ok 10:36:27.0730 1500 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 10:36:27.0756 1500 BTHMODEM - ok 10:36:27.0834 1500 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 10:36:27.0923 1500 cdfs - ok 10:36:28.0035 1500 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 10:36:28.0169 1500 cdrom - ok 10:36:28.0354 1500 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys 10:36:28.0455 1500 cfwids - ok 10:36:28.0597 1500 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 10:36:28.0683 1500 circlass - ok 10:36:28.0747 1500 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 10:36:28.0765 1500 CLFS - ok 10:36:28.0957 1500 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 10:36:29.0029 1500 CmBatt - ok 10:36:29.0071 1500 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 10:36:29.0103 1500 cmdide - ok 10:36:29.0156 1500 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 10:36:29.0233 1500 CNG - ok 10:36:29.0302 1500 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 10:36:29.0323 1500 Compbatt - ok 10:36:29.0371 1500 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 10:36:29.0493 1500 CompositeBus - ok 10:36:29.0615 1500 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 10:36:29.0644 1500 crcdisk - ok 10:36:29.0733 1500 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys 10:36:29.0883 1500 CtClsFlt - ok 10:36:30.0018 1500 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 10:36:30.0166 1500 DfsC - ok 10:36:30.0228 1500 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 10:36:30.0320 1500 discache - ok 10:36:30.0355 1500 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 10:36:30.0393 1500 Disk - ok 10:36:30.0552 1500 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 10:36:30.0630 1500 drmkaud - ok 10:36:30.0700 1500 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 10:36:30.0782 1500 DXGKrnl - ok 10:36:30.0920 1500 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 10:36:31.0082 1500 ebdrv - ok 10:36:31.0247 1500 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 10:36:31.0321 1500 elxstor - ok 10:36:31.0362 1500 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 10:36:31.0439 1500 ErrDev - ok 10:36:31.0524 1500 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 10:36:31.0605 1500 exfat - ok 10:36:31.0637 1500 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 10:36:31.0728 1500 fastfat - ok 10:36:31.0816 1500 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 10:36:31.0890 1500 fdc - ok 10:36:31.0983 1500 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 10:36:32.0014 1500 FileInfo - ok 10:36:32.0032 1500 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 10:36:32.0142 1500 Filetrace - ok 10:36:32.0194 1500 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 10:36:32.0266 1500 flpydisk - ok 10:36:32.0347 1500 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 10:36:32.0410 1500 FltMgr - ok 10:36:32.0460 1500 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 10:36:32.0494 1500 FsDepends - ok 10:36:32.0510 1500 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 10:36:32.0524 1500 Fs_Rec - ok 10:36:32.0588 1500 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 10:36:32.0621 1500 fvevol - ok 10:36:32.0645 1500 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 10:36:32.0664 1500 gagp30kx - ok 10:36:32.0724 1500 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 10:36:32.0793 1500 GEARAspiWDM - ok 10:36:32.0973 1500 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 10:36:33.0091 1500 hcw85cir - ok 10:36:33.0182 1500 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 10:36:33.0255 1500 HDAudBus - ok 10:36:33.0295 1500 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 10:36:33.0342 1500 HidBatt - ok 10:36:33.0375 1500 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 10:36:33.0452 1500 HidBth - ok 10:36:33.0476 1500 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 10:36:33.0529 1500 HidIr - ok 10:36:33.0680 1500 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 10:36:33.0778 1500 HidUsb - ok 10:36:33.0842 1500 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 10:36:33.0916 1500 HpSAMD - ok 10:36:33.0982 1500 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 10:36:34.0086 1500 HTTP - ok 10:36:34.0132 1500 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 10:36:34.0149 1500 hwpolicy - ok 10:36:34.0220 1500 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 10:36:34.0267 1500 i8042prt - ok 10:36:34.0341 1500 iaStor (4f6fb2cdbdeefc47e7d2066e78254580) C:\Windows\system32\DRIVERS\iaStor.sys 10:36:34.0383 1500 iaStor - ok 10:36:34.0458 1500 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 10:36:34.0547 1500 iaStorV - ok 10:36:34.0595 1500 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 10:36:34.0644 1500 iirsp - ok 10:36:34.0691 1500 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 10:36:34.0707 1500 intelide - ok 10:36:34.0741 1500 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 10:36:34.0801 1500 intelppm - ok 10:36:34.0917 1500 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:36:35.0058 1500 IpFilterDriver - ok 10:36:35.0133 1500 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 10:36:35.0233 1500 IPMIDRV - ok 10:36:35.0322 1500 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 10:36:35.0416 1500 IPNAT - ok 10:36:35.0605 1500 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 10:36:35.0707 1500 IRENUM - ok 10:36:35.0742 1500 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 10:36:35.0759 1500 isapnp - ok 10:36:35.0801 1500 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 10:36:35.0892 1500 iScsiPrt - ok 10:36:35.0921 1500 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 10:36:35.0939 1500 kbdclass - ok 10:36:36.0001 1500 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 10:36:36.0118 1500 kbdhid - ok 10:36:36.0157 1500 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 10:36:36.0217 1500 KSecDD - ok 10:36:36.0272 1500 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 10:36:36.0346 1500 KSecPkg - ok 10:36:36.0406 1500 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 10:36:36.0500 1500 ksthunk - ok 10:36:36.0611 1500 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 10:36:36.0709 1500 lltdio - ok 10:36:36.0813 1500 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 10:36:36.0847 1500 LSI_FC - ok 10:36:36.0858 1500 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 10:36:36.0875 1500 LSI_SAS - ok 10:36:36.0893 1500 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 10:36:36.0910 1500 LSI_SAS2 - ok 10:36:36.0929 1500 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 10:36:36.0949 1500 LSI_SCSI - ok 10:36:36.0998 1500 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 10:36:37.0098 1500 luafv - ok 10:36:37.0261 1500 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys 10:36:37.0291 1500 MBAMProtector - ok 10:36:37.0539 1500 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 10:36:37.0569 1500 megasas - ok 10:36:37.0590 1500 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 10:36:37.0616 1500 MegaSR - ok 10:36:37.0693 1500 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys 10:36:37.0706 1500 mfeapfk - ok 10:36:37.0756 1500 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys 10:36:37.0841 1500 mfeavfk - ok 10:36:37.0977 1500 mfeavfk01 - ok 10:36:38.0145 1500 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys 10:36:38.0234 1500 mfefirek - ok 10:36:38.0286 1500 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys 10:36:38.0367 1500 mfehidk - ok 10:36:38.0466 1500 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys 10:36:38.0524 1500 mfenlfk - ok 10:36:38.0622 1500 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys 10:36:38.0647 1500 mferkdet - ok 10:36:38.0743 1500 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys 10:36:38.0829 1500 mfewfpk - ok 10:36:38.0889 1500 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 10:36:38.0988 1500 Modem - ok 10:36:39.0056 1500 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 10:36:39.0106 1500 monitor - ok 10:36:39.0212 1500 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 10:36:39.0245 1500 mouclass - ok 10:36:39.0300 1500 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 10:36:39.0360 1500 mouhid - ok 10:36:39.0445 1500 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 10:36:39.0461 1500 mountmgr - ok 10:36:39.0513 1500 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 10:36:39.0587 1500 mpio - ok 10:36:39.0623 1500 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 10:36:39.0717 1500 mpsdrv - ok 10:36:39.0755 1500 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 10:36:39.0910 1500 MRxDAV - ok 10:36:39.0952 1500 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 10:36:40.0086 1500 mrxsmb - ok 10:36:40.0138 1500 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:36:40.0227 1500 mrxsmb10 - ok 10:36:40.0273 1500 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:36:40.0343 1500 mrxsmb20 - ok 10:36:40.0386 1500 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 10:36:40.0479 1500 msahci - ok 10:36:40.0519 1500 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 10:36:40.0604 1500 msdsm - ok 10:36:40.0688 1500 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 10:36:40.0743 1500 Msfs - ok 10:36:40.0765 1500 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 10:36:40.0855 1500 mshidkmdf - ok 10:36:40.0893 1500 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 10:36:40.0923 1500 msisadrv - ok 10:36:41.0035 1500 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 10:36:41.0126 1500 MSKSSRV - ok 10:36:41.0174 1500 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 10:36:41.0256 1500 MSPCLOCK - ok 10:36:41.0307 1500 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 10:36:41.0415 1500 MSPQM - ok 10:36:41.0494 1500 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 10:36:41.0559 1500 MsRPC - ok 10:36:41.0615 1500 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 10:36:41.0645 1500 mssmbios - ok 10:36:41.0706 1500 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 10:36:41.0801 1500 MSTEE - ok 10:36:41.0811 1500 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 10:36:41.0837 1500 MTConfig - ok 10:36:41.0869 1500 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 10:36:41.0901 1500 Mup - ok 10:36:42.0023 1500 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 10:36:42.0126 1500 NativeWifiP - ok 10:36:42.0280 1500 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 10:36:42.0307 1500 NDIS - ok 10:36:42.0376 1500 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 10:36:42.0467 1500 NdisCap - ok 10:36:42.0511 1500 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 10:36:42.0582 1500 NdisTapi - ok 10:36:42.0655 1500 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 10:36:42.0798 1500 Ndisuio - ok 10:36:42.0840 1500 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 10:36:42.0975 1500 NdisWan - ok 10:36:43.0019 1500 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 10:36:43.0163 1500 NDProxy - ok 10:36:43.0232 1500 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 10:36:43.0312 1500 NetBIOS - ok 10:36:43.0363 1500 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 10:36:43.0456 1500 NetBT - ok 10:36:43.0757 1500 NETw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\NETw5v64.sys 10:36:44.0101 1500 NETw5v64 - ok 10:36:44.0228 1500 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 10:36:44.0246 1500 nfrd960 - ok 10:36:44.0277 1500 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 10:36:44.0363 1500 Npfs - ok 10:36:44.0401 1500 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 10:36:44.0467 1500 nsiproxy - ok 10:36:44.0555 1500 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 10:36:44.0713 1500 Ntfs - ok 10:36:44.0807 1500 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 10:36:44.0906 1500 Null - ok 10:36:44.0979 1500 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 10:36:45.0056 1500 nvraid - ok 10:36:45.0090 1500 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 10:36:45.0166 1500 nvstor - ok 10:36:45.0193 1500 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 10:36:45.0228 1500 nv_agp - ok 10:36:45.0264 1500 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 10:36:45.0326 1500 ohci1394 - ok 10:36:45.0421 1500 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 10:36:45.0462 1500 Parport - ok 10:36:45.0508 1500 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 10:36:45.0582 1500 partmgr - ok 10:36:45.0720 1500 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms 10:36:45.0733 1500 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok 10:36:45.0860 1500 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 10:36:45.0899 1500 pci - ok 10:36:45.0942 1500 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 10:36:45.0962 1500 pciide - ok 10:36:46.0020 1500 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 10:36:46.0072 1500 pcmcia - ok 10:36:46.0094 1500 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 10:36:46.0111 1500 pcw - ok 10:36:46.0146 1500 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 10:36:46.0240 1500 PEAUTH - ok 10:36:46.0396 1500 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 10:36:46.0538 1500 PptpMiniport - ok 10:36:46.0577 1500 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 10:36:46.0647 1500 Processor - ok 10:36:46.0790 1500 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 10:36:46.0858 1500 Psched - ok 10:36:46.0911 1500 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 10:36:46.0989 1500 PxHlpa64 - ok 10:36:47.0083 1500 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 10:36:47.0196 1500 ql2300 - ok 10:36:47.0238 1500 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 10:36:47.0276 1500 ql40xx - ok 10:36:47.0352 1500 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 10:36:47.0404 1500 QWAVEdrv - ok 10:36:47.0439 1500 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 10:36:47.0507 1500 RasAcd - ok 10:36:47.0655 1500 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 10:36:47.0698 1500 RasAgileVpn - ok 10:36:47.0747 1500 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 10:36:47.0860 1500 Rasl2tp - ok 10:36:47.0906 1500 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 10:36:48.0011 1500 RasPppoe - ok 10:36:48.0045 1500 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 10:36:48.0107 1500 RasSstp - ok 10:36:48.0145 1500 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 10:36:48.0269 1500 rdbss - ok 10:36:48.0311 1500 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 10:36:48.0397 1500 rdpbus - ok 10:36:48.0420 1500 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 10:36:48.0500 1500 RDPCDD - ok 10:36:48.0547 1500 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 10:36:48.0627 1500 RDPENCDD - ok 10:36:48.0655 1500 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 10:36:48.0714 1500 RDPREFMP - ok 10:36:48.0755 1500 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 10:36:48.0849 1500 RDPWD - ok 10:36:48.0923 1500 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 10:36:49.0004 1500 rdyboost - ok 10:36:49.0188 1500 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 10:36:49.0255 1500 rspndr - ok 10:36:49.0313 1500 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys 10:36:49.0383 1500 RSUSBSTOR - ok 10:36:49.0555 1500 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 10:36:49.0615 1500 sbp2port - ok 10:36:49.0667 1500 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 10:36:49.0778 1500 scfilter - ok 10:36:49.0856 1500 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 10:36:49.0917 1500 secdrv - ok 10:36:49.0961 1500 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 10:36:50.0026 1500 Serenum - ok 10:36:50.0042 1500 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 10:36:50.0069 1500 Serial - ok 10:36:50.0119 1500 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 10:36:50.0146 1500 sermouse - ok 10:36:50.0174 1500 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 10:36:50.0216 1500 sffdisk - ok 10:36:50.0246 1500 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 10:36:50.0305 1500 sffp_mmc - ok 10:36:50.0332 1500 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 10:36:50.0441 1500 sffp_sd - ok 10:36:50.0515 1500 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 10:36:50.0580 1500 sfloppy - ok 10:36:50.0725 1500 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 10:36:50.0762 1500 SiSRaid2 - ok 10:36:50.0784 1500 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 10:36:50.0803 1500 SiSRaid4 - ok 10:36:50.0819 1500 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 10:36:50.0901 1500 Smb - ok 10:36:50.0958 1500 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 10:36:50.0981 1500 spldr - ok 10:36:51.0040 1500 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 10:36:51.0176 1500 srv - ok 10:36:51.0320 1500 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 10:36:51.0437 1500 srv2 - ok 10:36:51.0534 1500 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 10:36:51.0651 1500 srvnet - ok 10:36:51.0797 1500 StarOpen - ok 10:36:51.0867 1500 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 10:36:51.0903 1500 stexstor - ok 10:36:51.0980 1500 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys 10:36:52.0066 1500 STHDA - ok 10:36:52.0196 1500 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 10:36:52.0232 1500 swenum - ok 10:36:52.0305 1500 SynTP (3178b56219e0e4fb5f95299e49b83b44) C:\Windows\system32\DRIVERS\SynTP.sys 10:36:52.0371 1500 SynTP - ok 10:36:52.0496 1500 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 10:36:52.0694 1500 Tcpip - ok 10:36:52.0881 1500 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 10:36:52.0926 1500 TCPIP6 - ok 10:36:52.0975 1500 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 10:36:53.0091 1500 tcpipreg - ok 10:36:53.0141 1500 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 10:36:53.0214 1500 TDPIPE - ok 10:36:53.0226 1500 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 10:36:53.0303 1500 TDTCP - ok 10:36:53.0368 1500 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 10:36:53.0507 1500 tdx - ok 10:36:53.0554 1500 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 10:36:53.0615 1500 TermDD - ok 10:36:53.0812 1500 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 10:36:53.0932 1500 tssecsrv - ok 10:36:54.0003 1500 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 10:36:54.0119 1500 TsUsbFlt - ok 10:36:54.0246 1500 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 10:36:54.0320 1500 tunnel - ok 10:36:54.0364 1500 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 10:36:54.0398 1500 uagp35 - ok 10:36:54.0444 1500 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 10:36:54.0580 1500 udfs - ok 10:36:54.0623 1500 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 10:36:54.0642 1500 uliagpkx - ok 10:36:54.0705 1500 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 10:36:54.0763 1500 umbus - ok 10:36:54.0825 1500 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 10:36:54.0891 1500 UmPass - ok 10:36:55.0065 1500 USB28xxBGA (83a8e901d342edc34f49297a275ef656) C:\Windows\system32\DRIVERS\emBDA64.sys 10:36:55.0224 1500 USB28xxBGA - ok 10:36:55.0294 1500 USB28xxOEM (12a76e167571246d2cc862dda13894f6) C:\Windows\system32\DRIVERS\emOEM64.sys 10:36:55.0373 1500 USB28xxOEM - ok 10:36:55.0428 1500 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 10:36:55.0581 1500 USBAAPL64 - ok 10:36:55.0698 1500 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 10:36:55.0780 1500 usbaudio - ok 10:36:55.0829 1500 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 10:36:55.0956 1500 usbccgp - ok 10:36:56.0056 1500 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 10:36:56.0101 1500 usbcir - ok 10:36:56.0175 1500 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 10:36:56.0334 1500 usbehci - ok 10:36:56.0428 1500 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 10:36:56.0557 1500 usbhub - ok 10:36:56.0611 1500 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 10:36:56.0710 1500 usbohci - ok 10:36:56.0753 1500 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 10:36:56.0821 1500 usbprint - ok 10:36:56.0855 1500 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:36:56.0987 1500 USBSTOR - ok 10:36:57.0009 1500 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 10:36:57.0090 1500 usbuhci - ok 10:36:57.0133 1500 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 10:36:57.0243 1500 usbvideo - ok 10:36:57.0365 1500 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 10:36:57.0397 1500 vdrvroot - ok 10:36:57.0441 1500 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 10:36:57.0482 1500 vga - ok 10:36:57.0506 1500 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 10:36:57.0595 1500 VgaSave - ok 10:36:57.0640 1500 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 10:36:57.0712 1500 vhdmp - ok 10:36:57.0759 1500 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 10:36:57.0791 1500 viaide - ok 10:36:57.0841 1500 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 10:36:57.0899 1500 volmgr - ok 10:36:57.0959 1500 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 10:36:57.0995 1500 volmgrx - ok 10:36:58.0016 1500 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 10:36:58.0081 1500 volsnap - ok 10:36:58.0135 1500 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 10:36:58.0176 1500 vsmraid - ok 10:36:58.0202 1500 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 10:36:58.0262 1500 vwifibus - ok 10:36:58.0280 1500 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 10:36:58.0312 1500 WacomPen - ok 10:36:58.0430 1500 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 10:36:58.0549 1500 WANARP - ok 10:36:58.0554 1500 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 10:36:58.0594 1500 Wanarpv6 - ok 10:36:58.0645 1500 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 10:36:58.0684 1500 Wd - ok 10:36:58.0739 1500 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 10:36:58.0771 1500 Wdf01000 - ok 10:36:58.0822 1500 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 10:36:58.0884 1500 WfpLwf - ok 10:36:58.0907 1500 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 10:36:58.0923 1500 WIMMount - ok 10:36:59.0008 1500 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 10:36:59.0103 1500 WinUsb - ok 10:36:59.0231 1500 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 10:36:59.0263 1500 WmiAcpi - ok 10:36:59.0423 1500 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 10:36:59.0514 1500 ws2ifsl - ok 10:36:59.0570 1500 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 10:36:59.0710 1500 WudfPf - ok 10:36:59.0768 1500 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 10:36:59.0922 1500 WUDFRd - ok 10:36:59.0977 1500 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys 10:37:00.0111 1500 yukonw7 - ok 10:37:00.0155 1500 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0 10:37:00.0298 1500 \Device\Harddisk0\DR0 - ok 10:37:00.0302 1500 Boot (0x1200) (49eafd031814bcbe5250944ddd9122a6) \Device\Harddisk0\DR0\Partition0 10:37:00.0303 1500 \Device\Harddisk0\DR0\Partition0 - ok 10:37:00.0339 1500 Boot (0x1200) (33d9e4bc4eef2f7389178ece33078aa3) \Device\Harddisk0\DR0\Partition1 10:37:00.0341 1500 \Device\Harddisk0\DR0\Partition1 - ok 10:37:00.0341 1500 ============================================================ 10:37:00.0341 1500 Scan finished 10:37:00.0341 1500 ============================================================ 10:37:00.0359 5176 Detected object count: 0 10:37:00.0359 5176 Actual detected object count: 0 |
|
10.12.2011, 13:28
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | google leitet auf andere seiten ("zwischen-url webplains) Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.12.2011, 21:02
| #24 |
| | google leitet auf andere seiten ("zwischen-url webplains) Hallo Arne hier der log aus combofix: Combofix Logfile: Code:
ATTFilter ComboFix 11-12-16.01 - Christian 16.12.2011 19:58:57.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6140.4364 [GMT 1:00]
ausgeführt von:: c:\users\Christian\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus und Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\msshavc.Bin
C:\System
c:\users\Christian\Documents\~WRL0003.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-11-16 bis 2011-12-16 ))))))))))))))))))))))))))))))
.
.
2011-12-16 19:40 . 2011-12-16 19:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-16 19:40 . 2011-12-16 19:40 -------- d-----w- c:\users\Anna\AppData\Local\temp
2011-12-15 20:02 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 20:02 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-15 20:02 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 20:02 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-08 18:29 . 2011-12-08 18:28 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-12-08 18:29 . 2011-12-08 18:28 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-12-08 18:28 . 2011-12-08 18:28 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-12-08 18:28 . 2011-12-08 18:28 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-12-08 18:28 . 2011-12-08 18:28 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-12-08 18:28 . 2011-12-08 18:28 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-12-08 18:28 . 2011-12-08 18:28 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-12-08 18:28 . 2011-12-08 18:28 -------- d-----w- c:\program files (x86)\QuickTime
2011-12-08 18:22 . 2011-12-08 18:22 -------- d-----w- c:\program files\iPod
2011-12-08 18:22 . 2011-12-08 18:23 -------- d-----w- c:\program files\iTunes
2011-12-08 18:11 . 2011-12-08 18:11 -------- d-----w- c:\users\Anna\AppData\Local\Apple
2011-12-08 16:44 . 2011-12-08 16:44 -------- d-----w- C:\_OTL
2011-12-04 09:15 . 2011-12-04 09:15 -------- d-----w- c:\program files\7-Zip
2011-11-27 15:32 . 2011-11-27 15:32 -------- d-----w- c:\program files (x86)\ESET
2011-11-25 20:23 . 2011-11-27 09:28 -------- d-----w- c:\program files (x86)\7-Zip
2011-11-23 20:58 . 2011-11-23 20:58 -------- d-----w- c:\users\Christian\AppData\Local\Microsoft Help
2011-11-20 16:54 . 2011-11-20 16:54 -------- d-----w- c:\program files\CCleaner
2011-11-17 19:48 . 2011-10-18 13:29 28760 ----a-w- c:\program files (x86)\Mozilla Firefox\ScriptFF.dll
2011-11-17 19:42 . 2010-05-31 18:32 24376 ----a-w- c:\program files (x86)\Mozilla Firefox\components\Scriptff.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 22:45 . 2011-06-24 19:07 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-10 18:35 . 2011-11-10 18:35 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-11-10 18:35 . 2011-11-10 18:35 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-11-10 18:35 . 2011-11-10 18:35 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-11-10 18:35 . 2011-11-10 18:35 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-15 12:16 . 2010-09-09 07:22 10248 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-10-15 12:16 . 2010-09-09 07:22 75808 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-10-15 12:16 . 2010-09-09 07:22 65264 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-10-15 12:16 . 2010-09-09 07:22 647080 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-10-15 12:16 . 2010-09-09 07:22 481768 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-10-15 12:16 . 2010-09-09 07:22 284648 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-10-15 12:16 . 2010-09-09 07:22 229528 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-10-15 12:16 . 2010-09-09 07:22 160280 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-10-15 12:16 . 2010-09-09 07:22 100912 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-10-03 03:06 . 2010-04-20 18:01 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-29 16:29 . 2011-11-09 12:21 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-29 04:03 . 2011-11-09 12:21 3144704 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-04-06 26102056]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-07 39408]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-03-09 247728]
"ANT Agent"="c:\program files (x86)\Garmin\ANT Agent\ANT Agent.exe" [2011-04-14 12036968]
"GameXN (update)"="c:\programdata\GameXN\GameXNGO.exe" [2011-09-10 347008]
"GameXN (news)"="c:\programdata\GameXN\GameXNGO.exe" [2011-09-10 347008]
"GameXN"="c:\programdata\GameXN\GameXNGO.exe" [2011-09-10 347008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-16 1674896]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2011-07-16 282512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-12 421736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
.
c:\users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 0245101324061464mcinstcleanup;McAfee Application Installer Cleanup (0245101324061464);c:\windows\TEMP\024510~1.EXE [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1ca776ea25ee382;Google Update Service (gupdate1ca776ea25ee382);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-07 133104]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-07 133104]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-10-06 25072]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2011-07-16 27584]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-10-18 161168]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2011-07-16 24992]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - mfeavfk01
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-07 18:53]
.
2011-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-07 18:53]
.
2011-11-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:32]
.
2011-12-16 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-10-06 20:32]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.spiegel.de/
mStart Page = hxxp://de.yahoo.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} -
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
FF - ProfilePath - c:\users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\kmfc5jwi.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.spiegel.de/
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{5B291E6C-9A74-4034-971B-A4B007A0B315} - (no file)
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-12-16 20:50:39 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-12-16 19:50
.
Vor Suchlauf: 15 Verzeichnis(se), 290.059.763.712 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 289.717.780.480 Bytes frei
.
- - End Of File - - 7B154976EE410C2640D66DACB75C9F0B
Danke Dir schon mal LG Karin |
|
17.12.2011, 20:22
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | google leitet auf andere seiten ("zwischen-url webplains) Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.12.2011, 21:48
| #26 |
| | google leitet auf andere seiten ("zwischen-url webplains) Hallo Arne, hier der neue log aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-12-17 21:16:37 ----------------------------- 21:16:37.058 OS Version: Windows x64 6.1.7601 Service Pack 1 21:16:37.058 Number of processors: 2 586 0x170A 21:16:37.058 ComputerName: CHRISTIAN-PC UserName: Christian 21:16:49.803 Initialize success 21:16:58.196 AVAST engine defs: 11121702 21:17:52.859 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 21:17:52.859 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3 21:17:52.952 Disk 0 MBR read successfully 21:17:52.968 Disk 0 MBR scan 21:17:52.968 Disk 0 Windows VISTA default MBR code 21:17:52.968 Service scanning 21:17:54.372 Modules scanning 21:17:54.372 Disk 0 trace - called modules: 21:17:54.387 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 21:17:54.387 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005dde060] 21:17:54.403 3 CLASSPNP.SYS[fffff88001fa443f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005923050] 21:17:56.041 AVAST engine scan C:\Windows 21:18:12.967 AVAST engine scan C:\Windows\system32 21:20:58.737 AVAST engine scan C:\Windows\system32\drivers 21:21:15.055 AVAST engine scan C:\Users\Christian 21:34:59.277 AVAST engine scan C:\ProgramData 21:43:43.605 Scan finished successfully 21:44:40.483 Disk 0 MBR has been saved successfully to "C:\Users\Christian\Desktop\MBR.dat" 21:44:40.530 The log file has been saved successfully to "C:\Users\Christian\Desktop\aswMBR.txt" |
|
18.12.2011, 13:03
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | google leitet auf andere seiten ("zwischen-url webplains) Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.12.2011, 23:08
| #28 |
| | google leitet auf andere seiten ("zwischen-url webplains) Hall Arne hier das Log der SUPERantispyware: SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 12/21/2011 at 11:06 PM Application Version : 5.0.1142 Core Rules Database Version : 8077 Trace Rules Database Version: 5889 Scan type : Complete Scan Total Scan Time : 03:31:07 Operating System Information Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601) UAC On - Administrator Memory items scanned : 837 Memory threats detected : 0 Registry items scanned : 72892 Registry threats detected : 0 File items scanned : 195003 File threats detected : 196 Adware.Tracking Cookie C:\USERS\CHRISTIAN\AppData\Roaming\Microsoft\Windows\Cookies\SO261HIR.txt [ Cookie:christian@clkads.com/adServe/banners/ ] C:\USERS\CHRISTIAN\AppData\Roaming\Microsoft\Windows\Cookies\UOW08W69.txt [ Cookie:christian@clkads.com/adServe/banners ] C:\USERS\CHRISTIAN\Cookies\SO261HIR.txt [ Cookie:christian@clkads.com/adServe/banners/ ] C:\USERS\CHRISTIAN\Cookies\UOW08W69.txt [ Cookie:christian@clkads.com/adServe/banners ] statse.webtrendslive.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] ad.zanox.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] adx.chip.de [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .questionmarket.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .specificclick.net [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] ad3.adfarm1.adition.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] adx.chip.de [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] ad2.adfarm1.adition.com [ C:\USERS\ANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CW54JTEN.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ww251.smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tracking.hermesworld.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tracking.hermesworld.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tracking.hermesworld.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .specificclick.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .overture.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] servestats.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .kaspersky.122.2o7.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] track.adform.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.zanox.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .xiti.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] media.laredoute.fr [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.adserver01.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tribalfusion.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .kontera.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .advertise.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .zanox-affiliate.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .cdate.122.2o7.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .unitymedia.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .unitymedia.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.zanox-affiliate.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .yieldmanager.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .overture.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .overture.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.cpcadnet.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .cpcadnet.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] xml.trafficno.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] xml.trafficno.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .traffictrack.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adviva.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .fastclick.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .fastclick.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .bs.serving-sys.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.zanox.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] track.adform.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adform.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] keyword-advertising.web.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] keyword-advertising.web.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] keyword-advertising.web.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] keyword-advertising.web.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .dyntracker.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .zanox.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad2.adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad1.adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] ad3.adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KMFC5JWI.DEFAULT\COOKIES.SQLITE ] Trojan.Agent/Gen-FraudPack C:\PROGRAM FILES (X86)\RAD.ROUTENPLANER. 7.0\BIN\DXBAREXTITEMSD9.BPL PotentiallyUnwanted.SoftonicDownloader C:\USERS\CHRISTIAN\DESKTOP\SOFTONICDOWNLOADER_FUER_KASPERSKY-TDSSKILLER.EXE |
|
21.12.2011, 23:12
| #29 |
| | google leitet auf andere seiten ("zwischen-url webplains) und malwarebytes: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 8403 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 20.12.2011 22:52:42 mbam-log-2011-12-20 (22-52-42).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 425212 Laufzeit: 2 Stunde(n), 20 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
22.12.2011, 01:08
| #30 |
| | google leitet auf andere seiten ("zwischen-url webplains) und ESET: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=16bade026e08174f89fe7f9d55708dea # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-27 05:14:34 # local_time=2011-11-27 06:14:34 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5121 16777213 100 75 852181 22895950 0 0 # compatibility_mode=5893 16776574 100 94 3260168 74037956 0 0 # compatibility_mode=8192 67108863 100 0 3747 3747 0 0 # scanned=250066 # found=0 # cleaned=0 # scan_time=5968 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=16bade026e08174f89fe7f9d55708dea # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-21 11:54:33 # local_time=2011-12-22 12:54:33 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5121 16777213 100 75 2949865 24993634 0 0 # compatibility_mode=5893 16776574 100 94 5357852 76135640 0 0 # compatibility_mode=8192 67108863 100 0 2101431 2101431 0 0 # scanned=253002 # found=1 # cleaned=0 # scan_time=5883 C:\Users\Christian\Desktop\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I |
|
| Themen zu google leitet auf andere seiten ("zwischen-url webplains) |
| andere, anderen, anklicken, automatisch, erfolgreich, erschein, erscheint, fehlermeldung, gelöscht, google, klicke, klicken, leitet, links, logfile, malwarebytes, seite, seiten, suchmaschine, suchmaschinen, tagen, verschiedene, verschiedenen, werbeseite, werbeseiten |
Linear-Darstellung
