| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox fehlermeldung : Proxy-Server verweigert die VerbindungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.01.2012, 18:03
| #16 |
 |  Firefox fehlermeldung : Proxy-Server verweigert die Verbindung so jetzt habe ich eine otl-fix Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: 1 removed from network.proxy.type
File C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
File not found.
File move failed. E:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{127f4380-ce48-11e0-b03f-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{127f4380-ce48-11e0-b03f-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{127f4380-ce48-11e0-b03f-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{127f4380-ce48-11e0-b03f-806e6f6e6963}\ not found.
File move failed. E:\cdstart.exe scheduled to be moved on reboot.
Folder C:\Program Files (x86)\B7CA5\ not found.
Folder C:\Users\Tobi\AppData\Roaming\B7CA5\ not found.
Folder C:\Users\Tobi\AppData\Roaming\1E6B7\ not found.
========== FILES ==========
File\Folder C:\Windows\tasks\At*.job not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Tobi
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 65536 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 0,00 mb
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 01122012_175532
Files\Folders moved on Reboot...
File move failed. E:\autorun.inf scheduled to be moved on reboot.
File move failed. E:\cdstart.exe scheduled to be moved on reboot.
File move failed. C:\Users\Tobi\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
|
12.01.2012, 19:59
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ |
|
21.01.2012, 14:17
| #18 |
| | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung hoffe das is so richtig
__________________Code:
ATTFilter 14:13:00.0656 4904 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
14:13:01.0165 4904 ============================================================
14:13:01.0165 4904 Current date / time: 2012/01/21 14:13:01.0165
14:13:01.0165 4904 SystemInfo:
14:13:01.0165 4904
14:13:01.0165 4904 OS Version: 6.1.7601 ServicePack: 1.0
14:13:01.0165 4904 Product type: Workstation
14:13:01.0165 4904 ComputerName: TOBI-PC
14:13:01.0165 4904 UserName: Tobi
14:13:01.0165 4904 Windows directory: C:\Windows
14:13:01.0165 4904 System windows directory: C:\Windows
14:13:01.0165 4904 Running under WOW64
14:13:01.0165 4904 Processor architecture: Intel x64
14:13:01.0165 4904 Number of processors: 3
14:13:01.0165 4904 Page size: 0x1000
14:13:01.0165 4904 Boot type: Normal boot
14:13:01.0165 4904 ============================================================
14:13:03.0316 4904 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:13:03.0320 4904 Drive \Device\Harddisk1\DR1 - Size: 0x3A8C00000 (14.64 Gb), SectorSize: 0x200, Cylinders: 0x776, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:13:03.0417 4904 Initialize success
14:14:39.0029 2388 ============================================================
14:14:39.0029 2388 Scan started
14:14:39.0029 2388 Mode: Manual; SigCheck; TDLFS;
14:14:39.0029 2388 ============================================================
14:14:40.0407 2388 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:14:40.0509 2388 1394ohci - ok
14:14:40.0623 2388 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:14:40.0636 2388 ACPI - ok
14:14:40.0731 2388 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:14:40.0801 2388 AcpiPmi - ok
14:14:40.0908 2388 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:14:40.0924 2388 adp94xx - ok
14:14:41.0029 2388 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:14:41.0042 2388 adpahci - ok
14:14:41.0151 2388 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:14:41.0161 2388 adpu320 - ok
14:14:41.0274 2388 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
14:14:41.0335 2388 AFD - ok
14:14:41.0440 2388 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:14:41.0448 2388 agp440 - ok
14:14:41.0623 2388 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:14:41.0631 2388 aliide - ok
14:14:41.0790 2388 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:14:41.0797 2388 amdide - ok
14:14:41.0929 2388 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:14:42.0009 2388 AmdK8 - ok
14:14:42.0257 2388 amdkmdag (bbab5b28253fe0fc7255d8775ba05c1d) C:\Windows\system32\DRIVERS\atikmdag.sys
14:14:42.0464 2388 amdkmdag - ok
14:14:42.0592 2388 amdkmdap (cba35ff4092b91e105d93ed11a0250b6) C:\Windows\system32\DRIVERS\atikmpag.sys
14:14:42.0635 2388 amdkmdap - ok
14:14:42.0757 2388 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:14:42.0800 2388 AmdPPM - ok
14:14:42.0916 2388 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:14:42.0925 2388 amdsata - ok
14:14:43.0026 2388 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:14:43.0037 2388 amdsbs - ok
14:14:43.0149 2388 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:14:43.0157 2388 amdxata - ok
14:14:43.0324 2388 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:14:43.0480 2388 AppID - ok
14:14:43.0595 2388 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:14:43.0604 2388 arc - ok
14:14:43.0712 2388 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:14:43.0720 2388 arcsas - ok
14:14:43.0825 2388 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:14:43.0968 2388 AsyncMac - ok
14:14:44.0048 2388 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:14:44.0055 2388 atapi - ok
14:14:44.0215 2388 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys
14:14:44.0270 2388 AtiHDAudioService - ok
14:14:44.0405 2388 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
14:14:44.0414 2388 avgntflt - ok
14:14:44.0516 2388 avipbb (f1c9db5f7b2a56a0b29667d22ba540fc) C:\Windows\system32\DRIVERS\avipbb.sys
14:14:44.0524 2388 avipbb - ok
14:14:44.0628 2388 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
14:14:44.0634 2388 avkmgr - ok
14:14:44.0747 2388 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:14:44.0803 2388 b06bdrv - ok
14:14:44.0905 2388 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:14:44.0953 2388 b57nd60a - ok
14:14:45.0067 2388 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:14:45.0122 2388 Beep - ok
14:14:45.0317 2388 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:14:45.0355 2388 blbdrive - ok
14:14:45.0440 2388 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:14:45.0502 2388 bowser - ok
14:14:45.0741 2388 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:14:45.0824 2388 BrFiltLo - ok
14:14:45.0902 2388 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:14:45.0945 2388 BrFiltUp - ok
14:14:46.0064 2388 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:14:46.0129 2388 Brserid - ok
14:14:46.0232 2388 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:14:46.0281 2388 BrSerWdm - ok
14:14:46.0391 2388 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:14:46.0428 2388 BrUsbMdm - ok
14:14:46.0538 2388 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:14:46.0570 2388 BrUsbSer - ok
14:14:46.0683 2388 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:14:46.0716 2388 BTHMODEM - ok
14:14:46.0839 2388 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:14:46.0886 2388 cdfs - ok
14:14:47.0002 2388 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:14:47.0048 2388 cdrom - ok
14:14:47.0166 2388 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:14:47.0200 2388 circlass - ok
14:14:47.0324 2388 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:14:47.0340 2388 CLFS - ok
14:14:47.0485 2388 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:14:47.0519 2388 CmBatt - ok
14:14:47.0608 2388 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:14:47.0615 2388 cmdide - ok
14:14:47.0700 2388 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:14:47.0745 2388 CNG - ok
14:14:47.0832 2388 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:14:47.0840 2388 Compbatt - ok
14:14:47.0937 2388 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:14:47.0966 2388 CompositeBus - ok
14:14:48.0067 2388 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:14:48.0076 2388 crcdisk - ok
14:14:48.0199 2388 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:14:48.0250 2388 DfsC - ok
14:14:48.0365 2388 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:14:48.0420 2388 discache - ok
14:14:48.0541 2388 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:14:48.0550 2388 Disk - ok
14:14:48.0657 2388 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:14:48.0699 2388 drmkaud - ok
14:14:48.0813 2388 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:14:48.0837 2388 DXGKrnl - ok
14:14:48.0973 2388 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:14:49.0072 2388 ebdrv - ok
14:14:49.0210 2388 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:14:49.0226 2388 elxstor - ok
14:14:49.0297 2388 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:14:49.0325 2388 ErrDev - ok
14:14:49.0439 2388 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:14:49.0497 2388 exfat - ok
14:14:49.0590 2388 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:14:49.0636 2388 fastfat - ok
14:14:49.0747 2388 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:14:49.0790 2388 fdc - ok
14:14:49.0895 2388 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:14:49.0904 2388 FileInfo - ok
14:14:49.0987 2388 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:14:50.0045 2388 Filetrace - ok
14:14:50.0134 2388 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:14:50.0169 2388 flpydisk - ok
14:14:50.0275 2388 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:14:50.0287 2388 FltMgr - ok
14:14:50.0393 2388 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:14:50.0401 2388 FsDepends - ok
14:14:50.0484 2388 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:14:50.0493 2388 Fs_Rec - ok
14:14:50.0600 2388 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:14:50.0613 2388 fvevol - ok
14:14:50.0712 2388 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:14:50.0720 2388 gagp30kx - ok
14:14:50.0816 2388 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
14:14:50.0822 2388 hamachi - ok
14:14:50.0975 2388 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:14:51.0026 2388 hcw85cir - ok
14:14:51.0138 2388 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:14:51.0170 2388 HdAudAddService - ok
14:14:51.0283 2388 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:14:51.0313 2388 HDAudBus - ok
14:14:51.0411 2388 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:14:51.0441 2388 HidBatt - ok
14:14:51.0544 2388 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:14:51.0585 2388 HidBth - ok
14:14:51.0702 2388 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:14:51.0738 2388 HidIr - ok
14:14:51.0864 2388 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:14:51.0893 2388 HidUsb - ok
14:14:52.0008 2388 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:14:52.0017 2388 HpSAMD - ok
14:14:52.0115 2388 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:14:52.0186 2388 HTTP - ok
14:14:52.0279 2388 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:14:52.0288 2388 hwpolicy - ok
14:14:52.0495 2388 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:14:52.0506 2388 i8042prt - ok
14:14:52.0606 2388 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:14:52.0620 2388 iaStorV - ok
14:14:52.0723 2388 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:14:52.0731 2388 iirsp - ok
14:14:52.0880 2388 IntcAzAudAddService (2faaea2dc2719e67fd7c0d51f9e743f7) C:\Windows\system32\drivers\RTKVHD64.sys
14:14:52.0925 2388 IntcAzAudAddService - ok
14:14:53.0011 2388 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:14:53.0018 2388 intelide - ok
14:14:53.0134 2388 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:14:53.0161 2388 intelppm - ok
14:14:53.0260 2388 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:14:53.0288 2388 IpFilterDriver - ok
14:14:53.0377 2388 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:14:53.0419 2388 IPMIDRV - ok
14:14:53.0526 2388 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:14:53.0623 2388 IPNAT - ok
14:14:53.0787 2388 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:14:53.0869 2388 IRENUM - ok
14:14:53.0992 2388 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:14:54.0002 2388 isapnp - ok
14:14:54.0105 2388 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:14:54.0116 2388 iScsiPrt - ok
14:14:54.0238 2388 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:14:54.0247 2388 kbdclass - ok
14:14:54.0344 2388 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
14:14:54.0378 2388 kbdhid - ok
14:14:54.0481 2388 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:14:54.0491 2388 KSecDD - ok
14:14:54.0598 2388 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:14:54.0608 2388 KSecPkg - ok
14:14:54.0712 2388 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:14:54.0759 2388 ksthunk - ok
14:14:54.0886 2388 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:14:54.0937 2388 lltdio - ok
14:14:55.0055 2388 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:14:55.0065 2388 LSI_FC - ok
14:14:55.0162 2388 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:14:55.0170 2388 LSI_SAS - ok
14:14:55.0268 2388 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:14:55.0276 2388 LSI_SAS2 - ok
14:14:55.0384 2388 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:14:55.0393 2388 LSI_SCSI - ok
14:14:55.0480 2388 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:14:55.0510 2388 luafv - ok
14:14:55.0611 2388 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:14:55.0619 2388 megasas - ok
14:14:55.0737 2388 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:14:55.0750 2388 MegaSR - ok
14:14:55.0850 2388 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:14:55.0904 2388 Modem - ok
14:14:56.0023 2388 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:14:56.0060 2388 monitor - ok
14:14:56.0165 2388 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:14:56.0173 2388 mouclass - ok
14:14:56.0271 2388 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:14:56.0297 2388 mouhid - ok
14:14:56.0388 2388 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:14:56.0397 2388 mountmgr - ok
14:14:56.0477 2388 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:14:56.0487 2388 mpio - ok
14:14:56.0556 2388 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:14:56.0610 2388 mpsdrv - ok
14:14:56.0697 2388 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:14:56.0774 2388 MRxDAV - ok
14:14:56.0861 2388 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:14:56.0919 2388 mrxsmb - ok
14:14:57.0012 2388 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:14:57.0045 2388 mrxsmb10 - ok
14:14:57.0144 2388 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:14:57.0180 2388 mrxsmb20 - ok
14:14:57.0266 2388 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:14:57.0273 2388 msahci - ok
14:14:57.0355 2388 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:14:57.0365 2388 msdsm - ok
14:14:57.0462 2388 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:14:57.0508 2388 Msfs - ok
14:14:57.0698 2388 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:14:57.0755 2388 mshidkmdf - ok
14:14:57.0849 2388 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:14:57.0856 2388 msisadrv - ok
14:14:57.0956 2388 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:14:57.0983 2388 MSKSSRV - ok
14:14:58.0078 2388 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:14:58.0123 2388 MSPCLOCK - ok
14:14:58.0214 2388 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:14:58.0263 2388 MSPQM - ok
14:14:58.0358 2388 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:14:58.0371 2388 MsRPC - ok
14:14:58.0452 2388 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:14:58.0460 2388 mssmbios - ok
14:14:58.0541 2388 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:14:58.0585 2388 MSTEE - ok
14:14:58.0675 2388 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:14:58.0703 2388 MTConfig - ok
14:14:58.0790 2388 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:14:58.0799 2388 Mup - ok
14:14:58.0895 2388 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:14:58.0932 2388 NativeWifiP - ok
14:14:59.0052 2388 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:14:59.0075 2388 NDIS - ok
14:14:59.0172 2388 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:14:59.0221 2388 NdisCap - ok
14:14:59.0312 2388 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:14:59.0358 2388 NdisTapi - ok
14:14:59.0453 2388 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:14:59.0505 2388 Ndisuio - ok
14:14:59.0595 2388 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:14:59.0640 2388 NdisWan - ok
14:14:59.0735 2388 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:14:59.0789 2388 NDProxy - ok
14:14:59.0884 2388 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:14:59.0933 2388 NetBIOS - ok
14:15:00.0053 2388 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:15:00.0102 2388 NetBT - ok
14:15:00.0233 2388 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:15:00.0242 2388 nfrd960 - ok
14:15:00.0337 2388 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:15:00.0388 2388 Npfs - ok
14:15:00.0471 2388 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:15:00.0520 2388 nsiproxy - ok
14:15:00.0636 2388 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:15:00.0670 2388 Ntfs - ok
14:15:00.0746 2388 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:15:00.0792 2388 Null - ok
14:15:00.0889 2388 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:15:00.0899 2388 nvraid - ok
14:15:00.0984 2388 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:15:00.0995 2388 nvstor - ok
14:15:01.0097 2388 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:15:01.0106 2388 nv_agp - ok
14:15:01.0188 2388 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:15:01.0220 2388 ohci1394 - ok
14:15:01.0304 2388 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:15:01.0335 2388 Parport - ok
14:15:01.0421 2388 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:15:01.0429 2388 partmgr - ok
14:15:01.0515 2388 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:15:01.0525 2388 pci - ok
14:15:01.0606 2388 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:15:01.0614 2388 pciide - ok
14:15:01.0690 2388 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:15:01.0701 2388 pcmcia - ok
14:15:01.0778 2388 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:15:01.0786 2388 pcw - ok
14:15:01.0870 2388 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:15:01.0927 2388 PEAUTH - ok
14:15:02.0064 2388 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:15:02.0110 2388 PptpMiniport - ok
14:15:02.0197 2388 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:15:02.0237 2388 Processor - ok
14:15:02.0345 2388 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:15:02.0402 2388 Psched - ok
14:15:02.0506 2388 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:15:02.0539 2388 ql2300 - ok
14:15:02.0643 2388 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:15:02.0660 2388 ql40xx - ok
14:15:02.0755 2388 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:15:02.0801 2388 QWAVEdrv - ok
14:15:02.0920 2388 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:15:02.0974 2388 RasAcd - ok
14:15:03.0084 2388 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:15:03.0136 2388 RasAgileVpn - ok
14:15:03.0236 2388 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:15:03.0284 2388 Rasl2tp - ok
14:15:03.0381 2388 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:15:03.0440 2388 RasPppoe - ok
14:15:03.0535 2388 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:15:03.0585 2388 RasSstp - ok
14:15:03.0687 2388 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:15:03.0742 2388 rdbss - ok
14:15:03.0827 2388 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:15:03.0863 2388 rdpbus - ok
14:15:03.0953 2388 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:15:03.0998 2388 RDPCDD - ok
14:15:04.0104 2388 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:15:04.0153 2388 RDPENCDD - ok
14:15:04.0251 2388 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:15:04.0313 2388 RDPREFMP - ok
14:15:04.0411 2388 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
14:15:04.0462 2388 RDPWD - ok
14:15:04.0574 2388 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:15:04.0585 2388 rdyboost - ok
14:15:04.0695 2388 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:15:04.0749 2388 rspndr - ok
14:15:04.0877 2388 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:15:04.0892 2388 RTL8167 - ok
14:15:05.0022 2388 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
14:15:05.0039 2388 RTL8192su - ok
14:15:05.0180 2388 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:15:05.0213 2388 sbp2port - ok
14:15:05.0347 2388 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:15:05.0440 2388 scfilter - ok
14:15:05.0570 2388 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:15:05.0618 2388 secdrv - ok
14:15:05.0726 2388 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:15:05.0738 2388 Serenum - ok
14:15:05.0845 2388 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:15:05.0890 2388 Serial - ok
14:15:06.0028 2388 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:15:06.0042 2388 sermouse - ok
14:15:06.0126 2388 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:15:06.0160 2388 sffdisk - ok
14:15:06.0248 2388 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:15:06.0285 2388 sffp_mmc - ok
14:15:06.0373 2388 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:15:06.0409 2388 sffp_sd - ok
14:15:06.0491 2388 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:15:06.0502 2388 sfloppy - ok
14:15:06.0597 2388 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:15:06.0605 2388 SiSRaid2 - ok
14:15:06.0685 2388 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:15:06.0694 2388 SiSRaid4 - ok
14:15:06.0789 2388 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:15:06.0837 2388 Smb - ok
14:15:06.0948 2388 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:15:06.0955 2388 spldr - ok
14:15:07.0035 2388 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:15:07.0109 2388 srv - ok
14:15:07.0199 2388 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:15:07.0237 2388 srv2 - ok
14:15:07.0333 2388 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:15:07.0370 2388 srvnet - ok
14:15:07.0468 2388 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:15:07.0476 2388 stexstor - ok
14:15:07.0598 2388 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:15:07.0606 2388 swenum - ok
14:15:07.0879 2388 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:15:07.0918 2388 Tcpip - ok
14:15:08.0037 2388 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:15:08.0067 2388 TCPIP6 - ok
14:15:08.0148 2388 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:15:08.0195 2388 tcpipreg - ok
14:15:08.0295 2388 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:15:08.0347 2388 TDPIPE - ok
14:15:08.0432 2388 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:15:08.0478 2388 TDTCP - ok
14:15:08.0580 2388 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:15:08.0633 2388 tdx - ok
14:15:08.0764 2388 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:15:08.0772 2388 TermDD - ok
14:15:08.0861 2388 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:15:08.0915 2388 tssecsrv - ok
14:15:09.0044 2388 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:15:09.0090 2388 TsUsbFlt - ok
14:15:09.0208 2388 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:15:09.0254 2388 tunnel - ok
14:15:09.0334 2388 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:15:09.0342 2388 uagp35 - ok
14:15:09.0431 2388 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:15:09.0497 2388 udfs - ok
14:15:09.0627 2388 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:15:09.0635 2388 uliagpkx - ok
14:15:09.0735 2388 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:15:09.0762 2388 umbus - ok
14:15:09.0856 2388 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:15:09.0886 2388 UmPass - ok
14:15:10.0009 2388 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
14:15:10.0022 2388 usbaudio - ok
14:15:10.0110 2388 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:15:10.0126 2388 usbccgp - ok
14:15:10.0230 2388 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:15:10.0269 2388 usbcir - ok
14:15:10.0368 2388 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:15:10.0398 2388 usbehci - ok
14:15:10.0525 2388 usbfilter (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys
14:15:10.0533 2388 usbfilter - ok
14:15:10.0677 2388 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:15:10.0717 2388 usbhub - ok
14:15:10.0809 2388 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
14:15:10.0835 2388 usbohci - ok
14:15:10.0929 2388 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:15:10.0964 2388 usbprint - ok
14:15:11.0054 2388 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:15:11.0108 2388 USBSTOR - ok
14:15:11.0183 2388 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:15:11.0217 2388 usbuhci - ok
14:15:11.0327 2388 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:15:11.0335 2388 vdrvroot - ok
14:15:11.0439 2388 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:15:11.0451 2388 vga - ok
14:15:11.0530 2388 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:15:11.0583 2388 VgaSave - ok
14:15:11.0681 2388 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:15:11.0692 2388 vhdmp - ok
14:15:11.0779 2388 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:15:11.0787 2388 viaide - ok
14:15:11.0868 2388 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:15:11.0877 2388 volmgr - ok
14:15:11.0961 2388 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:15:11.0975 2388 volmgrx - ok
14:15:12.0063 2388 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:15:12.0075 2388 volsnap - ok
14:15:12.0180 2388 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:15:12.0190 2388 vsmraid - ok
14:15:12.0265 2388 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:15:12.0296 2388 vwifibus - ok
14:15:12.0397 2388 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:15:12.0437 2388 vwififlt - ok
14:15:12.0527 2388 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:15:12.0559 2388 WacomPen - ok
14:15:12.0668 2388 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:15:12.0694 2388 WANARP - ok
14:15:12.0731 2388 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:15:12.0758 2388 Wanarpv6 - ok
14:15:12.0861 2388 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:15:12.0869 2388 Wd - ok
14:15:12.0952 2388 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:15:12.0970 2388 Wdf01000 - ok
14:15:13.0085 2388 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:15:13.0111 2388 WfpLwf - ok
14:15:13.0193 2388 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:15:13.0201 2388 WIMMount - ok
14:15:13.0335 2388 WmBEnum (7a58ba979f7acb3fc5310c771a1cf155) C:\Windows\system32\drivers\WmBEnum.sys
14:15:13.0341 2388 WmBEnum - ok
14:15:13.0456 2388 WmFilter (8693a75c3ffd4a0c9e32be621fda71fb) C:\Windows\system32\drivers\WmFilter.sys
14:15:13.0462 2388 WmFilter - ok
14:15:13.0587 2388 WmHidLo (e53e1727dadc3192ac63506c3b25f5b0) C:\Windows\system32\drivers\WmHidLo.sys
14:15:13.0593 2388 WmHidLo - ok
14:15:13.0680 2388 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:15:13.0709 2388 WmiAcpi - ok
14:15:13.0818 2388 WmVirHid (3d9266ccd0f1edb020c7aa24d527942b) C:\Windows\system32\drivers\WmVirHid.sys
14:15:13.0824 2388 WmVirHid - ok
14:15:13.0913 2388 WmXlCore (3cffdf56a00408913b1e51c67f999e2e) C:\Windows\system32\drivers\WmXlCore.sys
14:15:13.0920 2388 WmXlCore - ok
14:15:14.0019 2388 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:15:14.0047 2388 ws2ifsl - ok
14:15:14.0130 2388 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:15:14.0175 2388 WudfPf - ok
14:15:14.0295 2388 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:15:14.0343 2388 WUDFRd - ok
14:15:14.0404 2388 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:15:14.0587 2388 \Device\Harddisk0\DR0 - ok
14:15:14.0592 2388 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
14:15:14.0728 2388 \Device\Harddisk1\DR1 - ok
14:15:14.0759 2388 Boot (0x1200) (e99e4a9ae3a854f2edf1978b2c70421f) \Device\Harddisk0\DR0\Partition0
14:15:14.0760 2388 \Device\Harddisk0\DR0\Partition0 - ok
14:15:14.0770 2388 Boot (0x1200) (92b8f436008084aff0267b51ed6184a5) \Device\Harddisk0\DR0\Partition1
14:15:14.0771 2388 \Device\Harddisk0\DR0\Partition1 - ok
14:15:14.0810 2388 Boot (0x1200) (a549e879ecbf85aa75f70ed669e492c8) \Device\Harddisk0\DR0\Partition2
14:15:14.0810 2388 \Device\Harddisk0\DR0\Partition2 - ok
14:15:14.0815 2388 Boot (0x1200) (ddd33bf2ffc07699d33c8ca78584eb58) \Device\Harddisk1\DR1\Partition0
14:15:14.0817 2388 \Device\Harddisk1\DR1\Partition0 - ok
14:15:14.0817 2388 ============================================================
14:15:14.0817 2388 Scan finished
14:15:14.0817 2388 ============================================================
14:15:14.0830 1944 Detected object count: 0
14:15:14.0830 1944 Actual detected object count: 0
|
|
23.01.2012, 11:40
| #19 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.01.2012, 16:05
| #20 |
| | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-01-23.02 - Tobi 24.01.2012 15:43:48.1.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2868 [GMT 1:00]
ausgeführt von:: c:\users\Tobi\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\assembly\tmp\U
c:\windows\system32\java.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-12-24 bis 2012-01-24 ))))))))))))))))))))))))))))))
.
.
2012-01-24 14:48 . 2012-01-24 14:48 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-01-24 14:48 . 2012-01-24 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-23 18:10 . 2012-01-23 18:10 -------- d-----w- C:\found.000
2012-01-20 20:08 . 2012-01-20 20:08 -------- d-----w- c:\program files\NTCore
2012-01-18 18:45 . 2012-01-18 18:45 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-18 18:44 . 2012-01-18 18:44 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
2012-01-18 18:44 . 2012-01-18 18:44 -------- d-----w- c:\program files (x86)\Java
2012-01-14 21:59 . 2012-01-14 21:59 -------- d-----w- c:\program files (x86)\VirtualDJ
2012-01-12 14:14 . 2012-01-12 14:14 -------- d-----w- C:\_OTL
2012-01-11 16:22 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 16:22 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 16:22 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 16:22 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 16:22 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 16:22 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 16:22 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 16:22 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-04 15:00 . 2012-01-04 15:00 -------- d-----w- c:\users\Tobi\.thumbnails
2012-01-03 19:38 . 2012-01-03 19:38 -------- d-----w- c:\program files (x86)\ESET
2011-12-28 17:59 . 2011-12-28 17:59 -------- d-----w- c:\users\Gast\AppData\Roaming\Malwarebytes
2011-12-28 16:55 . 2011-12-28 16:55 -------- d-----w- c:\users\Tobi\AppData\Roaming\Malwarebytes
2011-12-28 16:54 . 2011-12-28 16:54 -------- d-----w- c:\programdata\Malwarebytes
2011-12-28 16:54 . 2011-07-06 18:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-12-28 16:54 . 2011-12-28 16:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-28 16:54 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-27 12:34 . 2011-12-27 12:34 -------- d-----w- c:\users\Gast\AppData\Roaming\Notepad++
2011-12-26 17:25 . 2011-12-26 17:51 -------- d-----w- c:\program files (x86)\Skiregion Simulator 2012
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-19 11:15 . 2011-09-11 18:04 3537752 ----a-w- c:\windows\RXSUnins.exe
2012-01-19 11:15 . 2011-09-11 18:04 3537752 ----a-w- c:\windows\RXCUnins.exe
2012-01-18 18:44 . 2011-08-26 20:02 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-09 18:38 . 2011-11-01 14:38 234536 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-01-09 18:38 . 2011-11-01 14:38 234536 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-12-12 13:40 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-12-12 13:40 . 2009-08-18 10:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-08 13:12 . 2011-11-10 15:49 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-24 04:52 . 2011-12-15 12:30 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 11:40 . 2011-12-20 14:32 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6DA1C7F2-012B-4175-9386-21910A604283}\mpengine.dll
2011-11-05 05:32 . 2011-12-15 12:30 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:26 . 2011-12-15 12:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-11-04 01:53 . 2011-12-15 14:47 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-11-04 01:44 . 2011-12-15 14:47 1390080 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 01:44 . 2011-12-15 14:47 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 01:34 . 2011-12-15 14:47 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-11-03 22:47 . 2011-12-15 14:47 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-11-03 22:40 . 2011-12-15 14:47 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-11-03 22:39 . 2011-12-15 14:47 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2011-11-03 22:31 . 2011-12-15 14:47 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-11-02 19:29 . 2011-08-24 13:20 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-01 14:37 . 2011-11-01 14:37 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"rfxsrvtray"="c:\program files (x86)\Tobit Radio.fx\Client\rfx-tray.exe" [2012-01-18 2057048]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Start WingMan Profiler"="c:\program files (x86)\Logitech\Profiler\lwemon.exe" [2003-08-07 77824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Radio.fx.LNK - c:\program files (x86)\Tobit Radio.fx\Client\rfx-client.exe [2011-9-11 6890840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 Radio.fx;Radio.fx Server;c:\program files (x86)\Tobit Radio.fx\Server\rfx-server.exe [2012-01-19 3665752]
S2 TeamViewer7;TeamViewer 7;c:\users\Tobi\temp\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-02 2923392]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-14 10918504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page =
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: Free YouTube Download - c:\users\Tobi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to DVD Converter - c:\users\Tobi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm
IE: Free YouTube to MP3 Converter - c:\users\Tobi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
FF - ProfilePath - c:\users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\5l36xpih.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2175561867-3494938085-942050202-1000\Software\SecuROM\License information*]
"datasecu"=hex:99,b1,f6,57,3e,98,ed,ba,59,73,d4,f8,84,4f,c0,5d,9e,51,35,7a,b5,
21,b4,ff,a4,06,ae,52,f1,ec,a7,f2,14,c0,c3,0e,e5,8a,2a,26,67,75,d4,4f,40,a3,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-24 15:55:53 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-01-24 14:55
.
Vor Suchlauf: 12 Verzeichnis(se), 858.266.591.232 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 863.849.537.536 Bytes frei
.
- - End Of File - - 1A4B30DA45CF15D647F962A08D19680A
|
|
24.01.2012, 16:17
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ --> Firefox fehlermeldung : Proxy-Server verweigert die Verbindung |
|
24.01.2012, 17:55
| #22 |
| | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung so ich als leihe erkenne dort schon mind. eine infektion |
|
24.01.2012, 20:32
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":Files" muss mitkopiert werden!!!) Code:
ATTFilter :Files
C:\Windows\system32\consrv.dll
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2012, 20:56
| #24 |
| | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung entschuldige bitte das es etwas länger gedauert hatte hatte wenig zeit Code:
ATTFilter All processes killed
========== FILES ==========
File\Folder C:\Windows\system32\consrv.dll not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Tobi
->Temp folder emptied: 1005019150 bytes
->Temporary Internet Files folder emptied: 10880687 bytes
->Java cache emptied: 5827 bytes
->FireFox cache emptied: 1104740597 bytes
->Flash cache emptied: 6874 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 746171 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 14544345292 bytes
Total Files Cleaned = 15.894,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 02072012_204457
Files\Folders moved on Reboot...
C:\Users\Tobi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
|
07.02.2012, 22:11
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung Mach bitte ein neues Log mit aswMBR
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2012, 16:40
| #26 |
| | Firefox fehlermeldung : Proxy-Server verweigert die VerbindungCode:
ATTFilter aswMBR version 0.9.9.1509 Copyright(c) 2011 AVAST Software
Run date: 2012-02-08 16:13:56
-----------------------------
16:13:56.656 OS Version: Windows x64 6.1.7601 Service Pack 1
16:13:56.656 Number of processors: 3 586 0x503
16:13:56.657 ComputerName: TOBI-PC UserName: Tobi
16:14:00.074 Initialize success
16:14:00.132 AVAST engine defs: 12020800
16:19:15.237 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
16:19:15.239 Disk 0 Vendor: Hitachi_HCS5C1010CLA382 JC4OA3EA Size: 953869MB BusType: 11
16:19:15.281 Disk 0 MBR read successfully
16:19:15.283 Disk 0 MBR scan
16:19:15.287 Disk 0 Windows 7 default MBR code
16:19:15.290 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:19:15.300 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 922023 MB offset 206848
16:19:15.339 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 30720 MB offset 1888509952
16:19:15.358 Disk 0 Partition 4 00 12 Compaq diag NTFS 1024 MB offset 1951424512
16:19:15.368 Service scanning
16:19:20.410 Modules scanning
16:19:20.415 Disk 0 trace - called modules:
16:19:20.449 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:19:20.785 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004981790]
16:19:20.798 3 CLASSPNP.SYS[fffff880019bf43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0xfffffa80047db680]
16:19:23.764 AVAST engine scan C:\Windows
16:19:33.268 AVAST engine scan C:\Windows\system32
16:19:47.480 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-JQ [Trj]
16:21:29.126 AVAST engine scan C:\Windows\system32\drivers
16:21:42.084 AVAST engine scan C:\Users\Tobi
16:32:31.674 AVAST engine scan C:\ProgramData
16:33:00.580 Scan finished successfully
16:36:31.322 Disk 0 MBR has been saved successfully to "C:\Users\Tobi\Desktop\MBR.dat"
16:36:31.335 The log file has been saved successfully to "C:\Users\Tobi\Desktop\aswMBR.txt"
|
|
09.02.2012, 09:38
| #27 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox fehlermeldung : Proxy-Server verweigert die VerbindungZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.02.2012, 20:04
| #28 |
| | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung ich konnte es manuel löschen aber als ich es im papierkorb hatte meldete sich mein virus programm |
|
09.02.2012, 22:31
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung Ja das musst du ignorieren damit es gelöscht werden kann! Sonst bleibt diese Datei immer bestehen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.02.2012, 13:47
| #30 |
| | Firefox fehlermeldung : Proxy-Server verweigert die Verbindung ich habe meinen viren programm gesagt das es die datei löschen soll |
|
| Themen zu Firefox fehlermeldung : Proxy-Server verweigert die Verbindung |
| blockiert, explorer, fehlermeldung, firefox, firefox fehler, folge, folgendes, funktionieren, geld, geld zahlen, inter, interne, internet, konfiguriert, korrekt, nicht mehr, nutze, nutzen, proxy-server, schlau, stand, verbindung, verweigert, virus, windows, windows blockade 50€, überprüfe, überprüfen, zahlen |
Linear-Darstellung
