| |
| |||||||
Log-Analyse und Auswertung: Mozilla/Browser öffnet manche Seiten nichtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.09.2012, 19:49
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Mozilla/Browser öffnet manche Seiten nichtCode:
ATTFilter Scan Mode: Current user
 Das war kein CustomScan und den Haken bei Scanne alle Benutzer hast du auch nicht gesetzt 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.09.2012, 11:35
| #17 |
 | Mozilla/Browser öffnet manche Seiten nicht huh, das ist peinlich  Also hier dann der 2. Versuch - der Scan ging aber auch recht schnell. Ich hab im Moment jedes Mal beim Starten einen Error - ich denke der kommt von meinem Antivus (Sophos). Weiß aber nicht was ich damit anfangen soll... Bild ist im Anhang. Grüße und Danke Code:
ATTFilter OTL logfile created on: 22.09.2012 12:15:57 - Run 3 OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\S5470\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 56,68% Memory free 7,99 Gb Paging File | 6,13 Gb Available in Paging File | 76,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,32 Gb Total Space | 143,88 Gb Free Space | 73,66% Space Free | Partition Type: NTFS Drive D: | 29,30 Gb Total Space | 23,65 Gb Free Space | 80,73% Space Free | Partition Type: NTFS Drive E: | 146,58 Gb Total Space | 142,33 Gb Free Space | 97,10% Space Free | Partition Type: NTFS Drive I: | 465,76 Gb Total Space | 32,80 Gb Free Space | 7,04% Space Free | Partition Type: NTFS Drive R: | 672,13 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive Z: | 94,56 Gb Total Space | 19,51 Gb Free Space | 20,63% Space Free | Partition Type: NTFS Computer Name: S5470-PC | User Name: S5470 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.21 12:55:10 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\S5470\Desktop\OTL.exe PRC - [2012.09.17 20:18:44 | 002,863,168 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe PRC - [2012.09.17 20:18:10 | 000,216,640 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe PRC - [2012.09.12 08:28:36 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.09.09 21:50:39 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe PRC - [2012.09.09 20:54:22 | 000,357,400 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe PRC - [2012.09.09 20:52:54 | 000,139,840 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe PRC - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011.05.18 20:24:30 | 000,641,464 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe PRC - [2011.02.18 11:06:06 | 001,666,560 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE PRC - [2011.02.18 11:05:32 | 000,495,616 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Kone Mouse\osd.exe PRC - [2010.09.30 15:16:06 | 002,155,848 | ---- | M] () -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe PRC - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe PRC - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () -- c:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe PRC - [2007.08.31 18:43:32 | 000,907,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2007.08.31 18:38:08 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2007.08.31 18:35:54 | 002,622,232 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2007.05.09 17:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe ========== Modules (No Company Name) ========== MOD - [2012.09.12 08:28:35 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.09.09 21:50:38 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll MOD - [2011.10.05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2011.06.22 11:46:12 | 000,434,016 | ---- | M] () -- C:\PROGRA~2\MICROS~1\Office12\ADDINS\UMOUTL~1.DLL MOD - [2011.05.26 20:18:44 | 000,136,536 | ---- | M] () -- C:\PROGRA~2\MICROS~1\Office12\OUTLCTL.DLL MOD - [2011.05.20 22:35:00 | 000,247,400 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2009.02.26 13:46:56 | 000,064,344 | ---- | M] () -- C:\PROGRA~2\MICROS~1\Office12\ADDINS\COLLEA~1.DLL MOD - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll MOD - [2007.08.31 17:13:50 | 001,336,600 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\fox.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.09.17 20:18:44 | 002,863,168 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service) SRV - [2012.09.17 20:18:10 | 000,216,640 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService) SRV - [2012.09.12 08:28:35 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.09 21:50:39 | 000,250,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.09 20:56:48 | 000,232,512 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service) SRV - [2012.09.09 20:54:22 | 000,357,400 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe -- (Sophos Web Control Service) SRV - [2012.09.09 20:52:54 | 000,139,840 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService) SRV - [2012.09.09 20:51:55 | 002,009,152 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe -- (swi_update_64) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.04.22 12:58:54 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.05.21 08:01:00 | 002,214,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.05.18 20:24:30 | 000,641,464 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent) SRV - [2011.03.24 13:24:58 | 000,095,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2010.09.30 15:16:06 | 002,155,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService) SRV - [2007.08.31 18:38:24 | 000,599,320 | ---- | M] (Acronis) [Auto | Running] -- c:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.09.09 20:53:59 | 000,144,672 | ---- | M] (Sophos Limited) [File_System | System | Running] -- C:\Windows\SysNative\drivers\savonaccess.sys -- (SAVOnAccess) DRV:64bit: - [2012.06.26 21:38:28 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2012.06.24 22:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2012.04.22 01:09:38 | 000,036,640 | ---- | M] (Sophos Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdcfilter.sys -- (sdcfilter) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.08.18 10:10:52 | 000,272,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2011.08.11 10:09:14 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.07.28 21:05:19 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2011.07.28 21:05:19 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter) DRV:64bit: - [2011.07.28 21:04:58 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman) DRV:64bit: - [2011.07.22 21:27:21 | 000,025,608 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SophosBootDriver.sys -- (SophosBootDriver) DRV:64bit: - [2011.05.18 20:12:07 | 000,022,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva) DRV:64bit: - [2011.03.24 10:57:54 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:64bit: - [2011.03.24 10:57:54 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.08.28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:35 | 000,087,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b44amd64.sys -- (bcm44amd64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.12.11 14:56:54 | 000,015,488 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Kone.sys -- (KoneFltr) DRV:64bit: - [2007.10.10 17:03:00 | 000,266,624 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OEM02Dev.sys -- (OEM02Dev) DRV:64bit: - [2007.07.27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2007.07.26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2007.03.19 12:09:36 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2007.03.05 10:55:48 | 000,012,288 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2011.03.24 13:24:54 | 000,148,072 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2011.03.24 10:57:54 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2011.03.24 10:57:54 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B 16 CC 38 60 67 CC 01 [binary data] IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120827 FF - prefs.js..extensions.enabledAddons: {dd05fd3d-18df-4ce4-ae53-e795339c5f01}:1.21 FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.5 FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.12 08:28:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.22 20:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\Extensions [2012.09.13 21:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\Firefox\Profiles\ay543qgo.default\extensions [2012.09.09 22:44:26 | 000,000,000 | ---D | M] (WOT) -- C:\Users\S5470\AppData\Roaming\mozilla\Firefox\Profiles\ay543qgo.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012.09.13 21:16:56 | 000,527,915 | ---- | M] () (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\firefox\profiles\ay543qgo.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012.09.09 22:44:26 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\firefox\profiles\ay543qgo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011.08.13 19:44:53 | 000,090,118 | ---- | M] () (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\firefox\profiles\ay543qgo.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2012.09.13 21:16:56 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\firefox\profiles\ay543qgo.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012.09.10 08:09:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.09.09 20:52:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.09.10 08:09:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.09.12 08:28:36 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.09.12 08:28:33 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.12 08:28:33 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.09.12 08:28:33 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.09.12 08:28:33 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.12 08:28:33 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.12 08:28:33 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] c:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation) O4 - HKLM..\Run: [AcronisTimounterMonitor] c:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe (Sophos Limited) O4 - HKLM..\Run: [TrueImageMonitor.exe] c:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: uni-erlangen.de ([sophos.rrze] file in Local intranet) O15 - HKLM\..Trusted Domains: uni-erlangen.de ([sophos.rrze] http in Local intranet) O15 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..Trusted Domains: microsoft.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites) O15 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites) O15 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..Trusted Domains: windowsupdate.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{249E4073-E7DB-4B88-92E8-6B93D3F4E3A3}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C637F4E8-C0E4-4E46-97B7-E1BE5712262F}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL (Sophos Limited) O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Limited) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis) O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.12.03 20:19:33 | 000,000,000 | ---D | M] - I:\Autorun -- [ NTFS ] O32 - AutoRun File - [2007.08.31 18:45:59 | 000,000,000 | ---D | M] - R:\Autorun -- [ CDFS ] O32 - AutoRun File - [2007.08.31 18:42:11 | 000,000,056 | R--- | M] () - R:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.22 11:41:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.09.22 11:41:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.09.22 11:41:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.09.22 11:41:49 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.09.22 11:41:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.09.22 11:41:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.09.22 11:41:49 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.09.22 11:41:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.09.22 11:41:48 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.09.22 11:41:48 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.09.22 11:41:48 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.09.22 11:41:48 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.09.22 11:41:46 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.09.22 11:41:46 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.09.22 11:41:45 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.09.21 14:27:12 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\S5470\Desktop\OTL.exe [2012.09.15 17:13:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.09.15 17:12:59 | 002,322,184 | ---- | C] (ESET) -- C:\Users\S5470\Desktop\esetsmartinstaller_enu.exe [2012.09.12 14:24:35 | 000,000,000 | ---D | C] -- C:\Users\S5470\AppData\Roaming\Malwarebytes [2012.09.12 14:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.12 14:24:23 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.12 14:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.12 14:23:46 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\S5470\Desktop\mbam-setup-1.65.0.1400.exe [2012.09.12 08:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.09.12 08:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.09.12 00:00:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012.09.12 00:00:51 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012.09.12 00:00:50 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012.09.12 00:00:50 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012.09.10 23:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.09.10 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012.09.10 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012.09.10 22:58:52 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.09.10 22:58:52 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.09.10 22:17:37 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.09.10 22:17:37 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.09.10 22:17:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012.09.10 22:17:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.09.10 22:17:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012.09.10 22:17:17 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.09.10 22:17:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.09.10 22:17:15 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.09.10 22:17:13 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012.09.10 22:17:13 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012.09.10 22:17:13 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012.09.10 22:17:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.09.10 22:17:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.09.10 22:17:06 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.09.10 22:17:00 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012.09.10 22:16:58 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.09.10 22:16:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.09.10 22:16:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.09.10 22:16:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.09.10 22:16:54 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012.09.10 22:15:51 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012.09.10 22:15:49 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.09.10 22:15:49 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.09.10 21:57:09 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.09.10 21:57:09 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.09.10 21:57:09 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.09.10 21:56:59 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.09.10 21:56:59 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.09.10 21:56:59 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.09.10 21:52:36 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.09.10 21:52:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.09.10 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\S5470\AppData\Local\Tracker Software [2012.09.10 08:09:32 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll [2012.09.10 08:09:31 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.09.10 08:09:31 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.09.10 08:09:31 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.09.10 08:09:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.09.09 22:22:47 | 000,000,000 | ---D | C] -- C:\Users\S5470\AppData\Local\Macromedia [2012.09.09 20:53:59 | 000,144,672 | ---- | C] (Sophos Limited) -- C:\Windows\SysNative\drivers\savonaccess.sys [2012.09.09 20:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.09.09 20:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype ========== Files - Modified Within 30 Days ========== [2012.09.22 12:10:39 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.22 12:10:39 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.22 12:08:16 | 001,520,782 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.09.22 12:08:16 | 000,662,622 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.09.22 12:08:16 | 000,623,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.09.22 12:08:16 | 000,133,660 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.09.22 12:08:16 | 000,109,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.09.22 12:03:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.22 12:02:50 | 3219,677,184 | -HS- | M] () -- C:\hiberfil.sys [2012.09.22 11:58:50 | 000,041,138 | ---- | M] () -- C:\Users\S5470\Desktop\Error.jpg [2012.09.22 11:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.21 12:55:10 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\S5470\Desktop\OTL.exe [2012.09.16 20:30:34 | 000,512,399 | ---- | M] () -- C:\Users\S5470\Desktop\adwcleaner.exe [2012.09.12 14:34:37 | 000,000,168 | ---- | M] () -- C:\Users\S5470\defogger_reenable [2012.09.12 14:24:25 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.11 08:55:22 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\S5470\Desktop\mbam-setup-1.65.0.1400.exe [2012.09.10 22:52:51 | 000,431,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.09.10 22:05:44 | 000,001,870 | ---- | M] () -- C:\Windows\Sandboxie.ini [2012.09.10 08:09:26 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll [2012.09.10 08:09:26 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012.09.10 08:09:26 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.09.10 08:09:26 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.09.10 08:09:26 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.09.09 21:50:38 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.09.09 21:50:38 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.09.09 20:53:59 | 000,144,672 | ---- | M] (Sophos Limited) -- C:\Windows\SysNative\drivers\savonaccess.sys [2012.09.09 20:53:55 | 000,037,400 | ---- | M] (Sophos Limited) -- C:\Windows\SysNative\SophosBootTasks.exe [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.08.24 12:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.08.24 12:20:11 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.08.24 12:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.08.24 12:14:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.08.24 12:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.08.24 12:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.08.24 12:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.08.24 12:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.08.24 12:04:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.08.24 08:51:02 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.08.24 08:49:57 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.08.24 08:47:36 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.08.24 08:47:26 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.08.24 08:44:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.08.24 08:40:11 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll ========== Files Created - No Company Name ========== [2012.09.22 11:58:40 | 000,041,138 | ---- | C] () -- C:\Users\S5470\Desktop\Error.jpg [2012.09.16 20:30:41 | 000,512,399 | ---- | C] () -- C:\Users\S5470\Desktop\adwcleaner.exe [2012.09.12 14:34:37 | 000,000,168 | ---- | C] () -- C:\Users\S5470\defogger_reenable [2012.09.12 14:34:29 | 000,050,477 | ---- | C] () -- C:\Users\S5470\Desktop\Defogger.exe [2012.09.12 14:24:25 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2011.07.29 01:56:30 | 002,340,992 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2011.07.29 01:56:30 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2011.07.29 01:56:28 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2011.07.29 01:56:28 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2011.07.29 01:56:28 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2011.07.29 01:44:15 | 001,540,624 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.07.28 19:32:07 | 000,000,758 | ---- | C] () -- C:\Windows\War3Unin.dat [2011.07.26 16:41:03 | 000,001,870 | ---- | C] () -- C:\Windows\Sandboxie.ini [2011.07.26 15:48:40 | 000,000,600 | ---- | C] () -- C:\Users\S5470\AppData\Roaming\winscp.rnd [2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini < End of report > |
|
22.09.2012, 18:12
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mozilla/Browser öffnet manche Seiten nicht Was hast du am CustomScan nicht verstanden?
__________________ Das war schon wieder keiner!
__________________ |
|
23.09.2012, 12:46
| #19 |
| | Mozilla/Browser öffnet manche Seiten nicht Danke für den Anschiss! Ich lass das Trinken die Woche jetzt mal lieber sein  Zum Glück lassen die Smileys alles weniger dramatisch erscheinen  Wenn das jetzt wieder wird, dann geb ich auf und lass das meine Freundin machen  Code:
ATTFilter OTL logfile created on: 23.09.2012 13:23:09 - Run 4 OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\S5470\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,69 Gb Available Physical Memory | 67,41% Memory free 7,99 Gb Paging File | 6,56 Gb Available in Paging File | 82,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,32 Gb Total Space | 143,88 Gb Free Space | 73,66% Space Free | Partition Type: NTFS Drive D: | 29,30 Gb Total Space | 23,65 Gb Free Space | 80,73% Space Free | Partition Type: NTFS Drive E: | 146,58 Gb Total Space | 142,33 Gb Free Space | 97,10% Space Free | Partition Type: NTFS Drive I: | 465,76 Gb Total Space | 32,80 Gb Free Space | 7,04% Space Free | Partition Type: NTFS Drive R: | 672,13 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive Z: | 94,56 Gb Total Space | 19,51 Gb Free Space | 20,63% Space Free | Partition Type: NTFS Computer Name: S5470-PC | User Name: S5470 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.21 12:55:10 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\S5470\Desktop\OTL.exe PRC - [2012.09.17 20:18:44 | 002,863,168 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe PRC - [2012.09.17 20:18:10 | 000,216,640 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe PRC - [2012.09.09 20:54:22 | 000,357,400 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe PRC - [2012.09.09 20:52:54 | 000,139,840 | ---- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe PRC - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011.05.18 20:24:30 | 000,641,464 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe PRC - [2011.02.18 11:06:06 | 001,666,560 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE PRC - [2011.02.18 11:05:32 | 000,495,616 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Kone Mouse\osd.exe PRC - [2010.09.30 15:16:06 | 002,155,848 | ---- | M] () -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe PRC - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe PRC - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () -- c:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe PRC - [2007.08.31 18:43:32 | 000,907,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2007.08.31 18:38:08 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2007.08.31 18:35:54 | 002,622,232 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2007.05.09 17:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe ========== Modules (No Company Name) ========== MOD - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll MOD - [2007.08.31 17:13:50 | 001,336,600 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\fox.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.09.17 20:18:44 | 002,863,168 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service) SRV - [2012.09.17 20:18:10 | 000,216,640 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService) SRV - [2012.09.12 08:28:35 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.09 21:50:39 | 000,250,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.09 20:56:48 | 000,232,512 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service) SRV - [2012.09.09 20:54:22 | 000,357,400 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe -- (Sophos Web Control Service) SRV - [2012.09.09 20:52:54 | 000,139,840 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService) SRV - [2012.09.09 20:51:55 | 002,009,152 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe -- (swi_update_64) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.04.22 12:58:54 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.05.21 08:01:00 | 002,214,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.05.18 20:24:30 | 000,641,464 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent) SRV - [2011.03.24 13:24:58 | 000,095,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2010.09.30 15:16:06 | 002,155,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.07.24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService) SRV - [2007.08.31 18:38:24 | 000,599,320 | ---- | M] (Acronis) [Auto | Running] -- c:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.09.09 20:53:59 | 000,144,672 | ---- | M] (Sophos Limited) [File_System | System | Running] -- C:\Windows\SysNative\drivers\savonaccess.sys -- (SAVOnAccess) DRV:64bit: - [2012.06.26 21:38:28 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2012.06.24 22:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2012.04.22 01:09:38 | 000,036,640 | ---- | M] (Sophos Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdcfilter.sys -- (sdcfilter) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.08.18 10:10:52 | 000,272,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2011.08.11 10:09:14 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.07.28 21:05:19 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2011.07.28 21:05:19 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter) DRV:64bit: - [2011.07.28 21:04:58 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman) DRV:64bit: - [2011.07.22 21:27:21 | 000,025,608 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SophosBootDriver.sys -- (SophosBootDriver) DRV:64bit: - [2011.05.18 20:12:07 | 000,022,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva) DRV:64bit: - [2011.03.24 10:57:54 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:64bit: - [2011.03.24 10:57:54 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.08.28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:35 | 000,087,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b44amd64.sys -- (bcm44amd64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.12.11 14:56:54 | 000,015,488 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Kone.sys -- (KoneFltr) DRV:64bit: - [2007.10.10 17:03:00 | 000,266,624 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OEM02Dev.sys -- (OEM02Dev) DRV:64bit: - [2007.07.27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2007.07.26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2007.03.19 12:09:36 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2007.03.05 10:55:48 | 000,012,288 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2011.03.24 13:24:54 | 000,148,072 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2011.03.24 10:57:54 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2011.03.24 10:57:54 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B 16 CC 38 60 67 CC 01 [binary data] IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120827 FF - prefs.js..extensions.enabledAddons: {dd05fd3d-18df-4ce4-ae53-e795339c5f01}:1.21 FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.5 FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.12 08:28:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.22 20:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\Extensions [2012.09.13 21:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\Firefox\Profiles\ay543qgo.default\extensions [2012.09.09 22:44:26 | 000,000,000 | ---D | M] (WOT) -- C:\Users\S5470\AppData\Roaming\mozilla\Firefox\Profiles\ay543qgo.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012.09.13 21:16:56 | 000,527,915 | ---- | M] () (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\firefox\profiles\ay543qgo.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012.09.09 22:44:26 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\firefox\profiles\ay543qgo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011.08.13 19:44:53 | 000,090,118 | ---- | M] () (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\firefox\profiles\ay543qgo.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2012.09.13 21:16:56 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\S5470\AppData\Roaming\mozilla\firefox\profiles\ay543qgo.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012.09.10 08:09:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.09.09 20:52:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.09.10 08:09:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.09.12 08:28:36 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.09.12 08:28:33 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.12 08:28:33 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.09.12 08:28:33 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.09.12 08:28:33 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.12 08:28:33 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.12 08:28:33 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] c:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation) O4 - HKLM..\Run: [AcronisTimounterMonitor] c:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe (Sophos Limited) O4 - HKLM..\Run: [TrueImageMonitor.exe] c:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: uni-erlangen.de ([sophos.rrze] file in Local intranet) O15 - HKLM\..Trusted Domains: uni-erlangen.de ([sophos.rrze] http in Local intranet) O15 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..Trusted Domains: microsoft.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites) O15 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites) O15 - HKU\S-1-5-21-994605533-1841656101-3182983877-1000\..Trusted Domains: windowsupdate.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{249E4073-E7DB-4B88-92E8-6B93D3F4E3A3}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C637F4E8-C0E4-4E46-97B7-E1BE5712262F}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL (Sophos Limited) O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Limited) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis) O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.12.03 20:19:33 | 000,000,000 | ---D | M] - I:\Autorun -- [ NTFS ] O32 - AutoRun File - [2007.08.31 18:45:59 | 000,000,000 | ---D | M] - R:\Autorun -- [ CDFS ] O32 - AutoRun File - [2007.08.31 18:42:11 | 000,000,056 | R--- | M] () - R:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SAVService - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited) SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SAVService - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited) SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.09.21 14:27:12 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\S5470\Desktop\OTL.exe [2012.09.15 17:13:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.09.15 17:12:59 | 002,322,184 | ---- | C] (ESET) -- C:\Users\S5470\Desktop\esetsmartinstaller_enu.exe [2012.09.12 14:24:35 | 000,000,000 | ---D | C] -- C:\Users\S5470\AppData\Roaming\Malwarebytes [2012.09.12 14:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.12 14:24:23 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.12 14:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.12 14:23:46 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\S5470\Desktop\mbam-setup-1.65.0.1400.exe [2012.09.12 08:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.09.12 08:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.09.10 23:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.09.10 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012.09.10 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012.09.10 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\S5470\AppData\Local\Tracker Software [2012.09.10 08:09:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.09.09 22:22:47 | 000,000,000 | ---D | C] -- C:\Users\S5470\AppData\Local\Macromedia [2012.09.09 20:53:59 | 000,144,672 | ---- | C] (Sophos Limited) -- C:\Windows\SysNative\drivers\savonaccess.sys [2012.09.09 20:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.09.09 20:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype ========== Files - Modified Within 30 Days ========== [2012.09.23 13:19:22 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.23 13:19:22 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.23 13:17:59 | 001,520,782 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.09.23 13:17:59 | 000,662,622 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.09.23 13:17:59 | 000,623,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.09.23 13:17:59 | 000,133,660 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.09.23 13:17:59 | 000,109,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.09.23 13:10:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.23 13:10:13 | 3219,677,184 | -HS- | M] () -- C:\hiberfil.sys [2012.09.22 14:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.22 11:58:50 | 000,041,138 | ---- | M] () -- C:\Users\S5470\Desktop\Error.jpg [2012.09.21 12:55:10 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\S5470\Desktop\OTL.exe [2012.09.16 20:30:34 | 000,512,399 | ---- | M] () -- C:\Users\S5470\Desktop\adwcleaner.exe [2012.09.12 14:34:37 | 000,000,168 | ---- | M] () -- C:\Users\S5470\defogger_reenable [2012.09.12 14:24:25 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.11 08:55:22 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\S5470\Desktop\mbam-setup-1.65.0.1400.exe [2012.09.10 22:52:51 | 000,431,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.09.10 22:05:44 | 000,001,870 | ---- | M] () -- C:\Windows\Sandboxie.ini [2012.09.09 20:53:59 | 000,144,672 | ---- | M] (Sophos Limited) -- C:\Windows\SysNative\drivers\savonaccess.sys [2012.09.09 20:53:55 | 000,037,400 | ---- | M] (Sophos Limited) -- C:\Windows\SysNative\SophosBootTasks.exe [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys ========== Files Created - No Company Name ========== [2012.09.22 11:58:40 | 000,041,138 | ---- | C] () -- C:\Users\S5470\Desktop\Error.jpg [2012.09.16 20:30:41 | 000,512,399 | ---- | C] () -- C:\Users\S5470\Desktop\adwcleaner.exe [2012.09.12 14:34:37 | 000,000,168 | ---- | C] () -- C:\Users\S5470\defogger_reenable [2012.09.12 14:34:29 | 000,050,477 | ---- | C] () -- C:\Users\S5470\Desktop\Defogger.exe [2012.09.12 14:24:25 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2011.07.29 01:56:30 | 002,340,992 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2011.07.29 01:56:30 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2011.07.29 01:56:28 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2011.07.29 01:56:28 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2011.07.29 01:56:28 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2011.07.29 01:44:15 | 001,540,624 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.07.28 19:32:07 | 000,000,758 | ---- | C] () -- C:\Windows\War3Unin.dat [2011.07.26 16:41:03 | 000,001,870 | ---- | C] () -- C:\Windows\Sandboxie.ini [2011.07.26 15:48:40 | 000,000,600 | ---- | C] () -- C:\Users\S5470\AppData\Roaming\winscp.rnd [2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini ========== LOP Check ========== [2011.07.28 20:33:33 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\DAEMON Tools Lite [2011.07.26 15:51:06 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\FreeCommander [2011.08.25 22:20:01 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\ImgBurn [2012.04.22 12:34:58 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Notepad++ [2011.07.22 20:04:21 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Opera [2011.07.28 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\ROCCAT [2011.08.04 10:26:14 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Swiss Academic Software [2011.07.29 01:31:59 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Trillian ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.07.22 21:12:18 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Adobe [2011.07.28 21:16:45 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Corel [2011.07.28 20:33:33 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\DAEMON Tools Lite [2011.07.29 13:03:47 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\dvdcss [2011.07.26 15:51:06 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\FreeCommander [2011.07.21 16:17:08 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Identities [2011.08.25 22:20:01 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\ImgBurn [2011.07.22 21:43:28 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Macromedia [2012.09.12 14:24:35 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Malwarebytes [2009.07.14 20:18:34 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Media Center Programs [2012.09.15 17:15:03 | 000,000,000 | --SD | M] -- C:\Users\S5470\AppData\Roaming\Microsoft [2011.07.22 20:04:50 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Mozilla [2012.04.22 12:34:58 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Notepad++ [2011.07.29 16:07:06 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\NVIDIA [2011.07.22 20:04:21 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Opera [2011.07.28 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\ROCCAT [2011.07.29 16:08:39 | 000,000,000 | RH-D | M] -- C:\Users\S5470\AppData\Roaming\SecuROM [2012.09.22 15:42:01 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Skype [2011.08.04 10:26:14 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Swiss Academic Software [2011.07.29 01:31:59 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\Trillian [2011.07.29 13:04:09 | 000,000,000 | ---D | M] -- C:\Users\S5470\AppData\Roaming\vlc < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < > [2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.04.22 01:26:34 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job < End of report > |
|
23.09.2012, 17:50
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mozilla/Browser öffnet manche Seiten nicht Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
FF - user.js - File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.03 20:19:33 | 000,000,000 | ---D | M] - I:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2007.08.31 18:45:59 | 000,000,000 | ---D | M] - R:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2007.08.31 18:42:11 | 000,000,056 | R--- | M] () - R:\autorun.inf -- [ CDFS ]
:Files
I:\Archiv\Backup Noel09\Save C\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\RegistryBooster!.exe
I:\***\Downloads\SoftonicDownloader_fuer_photofiltre-portable.exe
I:\***\Downloads\SoftonicDownloader_fuer_picture-resizer.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.09.2012, 18:44
| #21 |
| | Mozilla/Browser öffnet manche Seiten nicht So hat etwas gedauert  Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File not found.
File not found.
File move failed. R:\autorun.inf scheduled to be moved on reboot.
========== FILES ==========
I:\Archiv\Backup Noel09\Save C\Dokumente und Einstellungen\Johannes\Eigene Dateien\Downloads\RegistryBooster!.exe moved successfully.
I:\Philippa\Downloads\SoftonicDownloader_fuer_photofiltre-portable.exe moved successfully.
I:\Philippa\Downloads\SoftonicDownloader_fuer_picture-resizer.exe moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\S5470\Desktop\cmd.bat deleted successfully.
C:\Users\S5470\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: S5470
->Temp folder emptied: 1439816768 bytes
->Temporary Internet Files folder emptied: 769597156 bytes
->Java cache emptied: 46121 bytes
->FireFox cache emptied: 1121019867 bytes
->Opera cache emptied: 20755776 bytes
->Flash cache emptied: 7880 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 366920957 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 2391972 bytes
Total Files Cleaned = 3.548,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.65.1 log created on 09252012_193530
Files\Folders moved on Reboot...
File move failed. R:\autorun.inf scheduled to be moved on reboot.
C:\Users\S5470\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
25.09.2012, 19:55
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mozilla/Browser öffnet manche Seiten nicht Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.09.2012, 12:55
| #23 |
| | Mozilla/Browser öffnet manche Seiten nichtCode:
ATTFilter 13:48:59.0120 5096 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:48:59.0838 5096 ============================================================
13:48:59.0838 5096 Current date / time: 2012/09/26 13:48:59.0838
13:48:59.0838 5096 SystemInfo:
13:48:59.0838 5096
13:48:59.0838 5096 OS Version: 6.1.7601 ServicePack: 1.0
13:48:59.0838 5096 Product type: Workstation
13:48:59.0838 5096 ComputerName: S5470-PC
13:48:59.0838 5096 UserName: S5470
13:48:59.0838 5096 Windows directory: C:\Windows
13:48:59.0838 5096 System windows directory: C:\Windows
13:48:59.0838 5096 Running under WOW64
13:48:59.0838 5096 Processor architecture: Intel x64
13:48:59.0838 5096 Number of processors: 2
13:48:59.0838 5096 Page size: 0x1000
13:48:59.0838 5096 Boot type: Normal boot
13:48:59.0838 5096 ============================================================
13:49:01.0803 5096 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:49:01.0819 5096 Drive \Device\Harddisk2\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:49:01.0819 5096 ============================================================
13:49:01.0819 5096 \Device\Harddisk0\DR0:
13:49:01.0819 5096 MBR partitions:
13:49:01.0819 5096 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x186A241A
13:49:01.0819 5096 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x186A2460, BlocksNum 0x12529BF8
13:49:01.0850 5096 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2ABCC098, BlocksNum 0x3A9A171
13:49:01.0913 5096 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x2E667000, BlocksNum 0xBD1E800
13:49:01.0913 5096 \Device\Harddisk2\DR3:
13:49:01.0913 5096 MBR partitions:
13:49:01.0913 5096 \Device\Harddisk2\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
13:49:01.0928 5096 ============================================================
13:49:01.0944 5096 C: <-> \Device\Harddisk0\DR0\Partition1
13:49:02.0084 5096 Z: <-> \Device\Harddisk0\DR0\Partition4
13:49:02.0115 5096 D: <-> \Device\Harddisk0\DR0\Partition3
13:49:02.0209 5096 E: <-> \Device\Harddisk0\DR0\Partition2
13:49:02.0568 5096 I: <-> \Device\Harddisk2\DR3\Partition1
13:49:02.0568 5096 ============================================================
13:49:02.0568 5096 Initialize success
13:49:02.0568 5096 ============================================================
13:49:54.0494 4840 ============================================================
13:49:54.0494 4840 Scan started
13:49:54.0494 4840 Mode: Manual; SigCheck; TDLFS;
13:49:54.0494 4840 ============================================================
13:49:55.0898 4840 ================ Scan system memory ========================
13:49:55.0898 4840 System memory - ok
13:49:55.0898 4840 ================ Scan services =============================
13:49:56.0741 4840 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:49:56.0912 4840 1394ohci - ok
13:49:56.0959 4840 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:49:57.0006 4840 ACPI - ok
13:49:57.0022 4840 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:49:57.0115 4840 AcpiPmi - ok
13:49:57.0224 4840 [ 4C096D550B6BC71D9D9A8716995C1879 ] AcrSch2Svc c:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
13:49:57.0271 4840 AcrSch2Svc - ok
13:49:57.0365 4840 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:49:57.0443 4840 AdobeARMservice - ok
13:49:57.0568 4840 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:49:57.0677 4840 AdobeFlashPlayerUpdateSvc - ok
13:49:57.0724 4840 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:49:57.0786 4840 adp94xx - ok
13:49:57.0802 4840 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:49:57.0864 4840 adpahci - ok
13:49:57.0880 4840 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:49:57.0911 4840 adpu320 - ok
13:49:57.0942 4840 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:49:58.0098 4840 AeLookupSvc - ok
13:49:58.0145 4840 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:49:58.0254 4840 AFD - ok
13:49:58.0301 4840 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:49:58.0348 4840 agp440 - ok
13:49:58.0363 4840 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:49:58.0441 4840 ALG - ok
13:49:58.0472 4840 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:49:58.0504 4840 aliide - ok
13:49:58.0519 4840 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:49:58.0550 4840 amdide - ok
13:49:58.0582 4840 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:49:58.0660 4840 AmdK8 - ok
13:49:58.0675 4840 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:49:58.0722 4840 AmdPPM - ok
13:49:58.0738 4840 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:49:58.0769 4840 amdsata - ok
13:49:58.0800 4840 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:49:58.0831 4840 amdsbs - ok
13:49:58.0847 4840 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:49:58.0878 4840 amdxata - ok
13:49:58.0925 4840 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:49:59.0081 4840 AppID - ok
13:49:59.0112 4840 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:49:59.0206 4840 AppIDSvc - ok
13:49:59.0252 4840 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:49:59.0299 4840 Appinfo - ok
13:49:59.0346 4840 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:49:59.0424 4840 AppMgmt - ok
13:49:59.0455 4840 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:49:59.0502 4840 arc - ok
13:49:59.0564 4840 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:49:59.0689 4840 arcsas - ok
13:49:59.0720 4840 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:49:59.0783 4840 AsyncMac - ok
13:49:59.0814 4840 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:49:59.0845 4840 atapi - ok
13:49:59.0892 4840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:50:00.0001 4840 AudioEndpointBuilder - ok
13:50:00.0017 4840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:50:00.0064 4840 AudioSrv - ok
13:50:00.0126 4840 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:50:00.0204 4840 AxInstSV - ok
13:50:00.0251 4840 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:50:00.0344 4840 b06bdrv - ok
13:50:00.0438 4840 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:50:00.0547 4840 b57nd60a - ok
13:50:00.0625 4840 [ 2BC7C1697B633692A061A4A36ED9DFDD ] bcm44amd64 C:\Windows\system32\DRIVERS\b44amd64.sys
13:50:00.0922 4840 bcm44amd64 - ok
13:50:00.0968 4840 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:50:01.0015 4840 BDESVC - ok
13:50:01.0046 4840 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:50:01.0109 4840 Beep - ok
13:50:01.0171 4840 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:50:01.0265 4840 BFE - ok
13:50:01.0374 4840 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:50:01.0499 4840 BITS - ok
13:50:01.0530 4840 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:50:01.0561 4840 blbdrive - ok
13:50:01.0608 4840 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:50:01.0655 4840 bowser - ok
13:50:01.0686 4840 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:50:01.0780 4840 BrFiltLo - ok
13:50:01.0811 4840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:50:01.0858 4840 BrFiltUp - ok
13:50:01.0904 4840 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:50:01.0936 4840 Browser - ok
13:50:01.0951 4840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:50:01.0998 4840 Brserid - ok
13:50:02.0029 4840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:50:02.0060 4840 BrSerWdm - ok
13:50:02.0076 4840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:50:02.0123 4840 BrUsbMdm - ok
13:50:02.0138 4840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:50:02.0170 4840 BrUsbSer - ok
13:50:02.0216 4840 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:50:02.0310 4840 BthEnum - ok
13:50:02.0326 4840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:50:02.0357 4840 BTHMODEM - ok
13:50:02.0388 4840 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:50:02.0435 4840 BthPan - ok
13:50:02.0513 4840 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:50:02.0653 4840 BTHPORT - ok
13:50:02.0684 4840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:50:02.0794 4840 bthserv - ok
13:50:02.0825 4840 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:50:02.0856 4840 BTHUSB - ok
13:50:02.0887 4840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:50:02.0950 4840 cdfs - ok
13:50:02.0996 4840 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:50:03.0028 4840 cdrom - ok
13:50:03.0074 4840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:50:03.0152 4840 CertPropSvc - ok
13:50:03.0168 4840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:50:03.0230 4840 circlass - ok
13:50:03.0277 4840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:50:03.0308 4840 CLFS - ok
13:50:03.0371 4840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:50:03.0449 4840 clr_optimization_v2.0.50727_32 - ok
13:50:03.0496 4840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:50:03.0542 4840 clr_optimization_v2.0.50727_64 - ok
13:50:03.0636 4840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:50:03.0808 4840 clr_optimization_v4.0.30319_32 - ok
13:50:03.0823 4840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:50:03.0854 4840 clr_optimization_v4.0.30319_64 - ok
13:50:03.0901 4840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:50:03.0932 4840 CmBatt - ok
13:50:03.0964 4840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:50:03.0995 4840 cmdide - ok
13:50:04.0057 4840 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:50:04.0104 4840 CNG - ok
13:50:04.0120 4840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:50:04.0151 4840 Compbatt - ok
13:50:04.0198 4840 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:50:04.0244 4840 CompositeBus - ok
13:50:04.0260 4840 COMSysApp - ok
13:50:04.0276 4840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:50:04.0307 4840 crcdisk - ok
13:50:04.0354 4840 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:50:04.0400 4840 CryptSvc - ok
13:50:04.0447 4840 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:50:04.0541 4840 CSC - ok
13:50:04.0572 4840 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:50:04.0619 4840 CscService - ok
13:50:04.0728 4840 [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:50:04.0790 4840 dc3d - ok
13:50:04.0822 4840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:50:04.0884 4840 DcomLaunch - ok
13:50:04.0915 4840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:50:04.0993 4840 defragsvc - ok
13:50:05.0024 4840 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:50:05.0102 4840 DfsC - ok
13:50:05.0134 4840 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:50:05.0212 4840 Dhcp - ok
13:50:05.0243 4840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:50:05.0305 4840 discache - ok
13:50:05.0321 4840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:50:05.0352 4840 Disk - ok
13:50:05.0383 4840 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:50:05.0446 4840 Dnscache - ok
13:50:05.0477 4840 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:50:05.0539 4840 dot3svc - ok
13:50:05.0570 4840 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:50:05.0633 4840 Dot4 - ok
13:50:05.0648 4840 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:50:05.0695 4840 Dot4Print - ok
13:50:05.0726 4840 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:50:05.0773 4840 dot4usb - ok
13:50:05.0804 4840 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:50:05.0867 4840 DPS - ok
13:50:05.0929 4840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:50:05.0992 4840 drmkaud - ok
13:50:06.0023 4840 [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:50:06.0085 4840 dtsoftbus01 - ok
13:50:06.0148 4840 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:50:06.0257 4840 DXGKrnl - ok
13:50:06.0288 4840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:50:06.0366 4840 EapHost - ok
13:50:06.0678 4840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:50:06.0818 4840 ebdrv - ok
13:50:06.0865 4840 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:50:06.0928 4840 EFS - ok
13:50:07.0006 4840 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:50:07.0099 4840 ehRecvr - ok
13:50:07.0130 4840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:50:07.0177 4840 ehSched - ok
13:50:07.0240 4840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:50:07.0333 4840 elxstor - ok
13:50:07.0396 4840 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
13:50:07.0427 4840 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
13:50:07.0427 4840 epmntdrv - detected UnsignedFile.Multi.Generic (1)
13:50:07.0458 4840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:50:07.0489 4840 ErrDev - ok
13:50:07.0520 4840 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
13:50:07.0552 4840 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
13:50:07.0552 4840 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
13:50:07.0598 4840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:50:07.0661 4840 EventSystem - ok
13:50:07.0676 4840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:50:07.0754 4840 exfat - ok
13:50:07.0770 4840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:50:07.0864 4840 fastfat - ok
13:50:07.0926 4840 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:50:08.0004 4840 Fax - ok
13:50:08.0004 4840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:50:08.0035 4840 fdc - ok
13:50:08.0066 4840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:50:08.0129 4840 fdPHost - ok
13:50:08.0144 4840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:50:08.0191 4840 FDResPub - ok
13:50:08.0207 4840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:50:08.0238 4840 FileInfo - ok
13:50:08.0254 4840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:50:08.0316 4840 Filetrace - ok
13:50:08.0347 4840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:50:08.0410 4840 flpydisk - ok
13:50:08.0441 4840 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:50:08.0488 4840 FltMgr - ok
13:50:08.0534 4840 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:50:08.0597 4840 FontCache - ok
13:50:08.0644 4840 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:50:08.0706 4840 FontCache3.0.0.0 - ok
13:50:08.0722 4840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:50:08.0753 4840 FsDepends - ok
13:50:08.0784 4840 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:50:08.0800 4840 Fs_Rec - ok
13:50:08.0862 4840 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:50:08.0924 4840 fvevol - ok
13:50:08.0940 4840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:50:08.0971 4840 gagp30kx - ok
13:50:09.0002 4840 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:50:09.0096 4840 gpsvc - ok
13:50:09.0112 4840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:50:09.0158 4840 hcw85cir - ok
13:50:09.0205 4840 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:50:09.0252 4840 HdAudAddService - ok
13:50:09.0283 4840 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:50:09.0330 4840 HDAudBus - ok
13:50:09.0346 4840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:50:09.0377 4840 HidBatt - ok
13:50:09.0408 4840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:50:09.0455 4840 HidBth - ok
13:50:09.0470 4840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:50:09.0517 4840 HidIr - ok
13:50:09.0548 4840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:50:09.0626 4840 hidserv - ok
13:50:09.0673 4840 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:50:09.0720 4840 HidUsb - ok
13:50:09.0751 4840 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:50:09.0860 4840 hkmsvc - ok
13:50:09.0907 4840 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:50:09.0985 4840 HomeGroupListener - ok
13:50:10.0016 4840 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:50:10.0048 4840 HomeGroupProvider - ok
13:50:10.0313 4840 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:50:10.0375 4840 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
13:50:10.0375 4840 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
13:50:10.0391 4840 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:50:10.0438 4840 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
13:50:10.0438 4840 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
13:50:10.0469 4840 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:50:10.0500 4840 HpSAMD - ok
13:50:10.0578 4840 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
13:50:10.0656 4840 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
13:50:10.0656 4840 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
13:50:10.0718 4840 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:50:10.0812 4840 HTTP - ok
13:50:10.0843 4840 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:50:10.0874 4840 hwpolicy - ok
13:50:10.0890 4840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:50:10.0921 4840 i8042prt - ok
13:50:11.0015 4840 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:50:11.0140 4840 iaStorV - ok
13:50:11.0233 4840 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:50:11.0436 4840 idsvc - ok
13:50:11.0483 4840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:50:11.0514 4840 iirsp - ok
13:50:11.0561 4840 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:50:11.0654 4840 IKEEXT - ok
13:50:11.0686 4840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:50:11.0748 4840 intelide - ok
13:50:11.0764 4840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:50:11.0795 4840 intelppm - ok
13:50:11.0826 4840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:50:11.0888 4840 IPBusEnum - ok
13:50:11.0935 4840 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:50:12.0013 4840 IpFilterDriver - ok
13:50:12.0091 4840 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:50:12.0185 4840 iphlpsvc - ok
13:50:12.0232 4840 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:50:12.0263 4840 IPMIDRV - ok
13:50:12.0294 4840 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:50:12.0372 4840 IPNAT - ok
13:50:12.0388 4840 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:50:12.0466 4840 IRENUM - ok
13:50:12.0497 4840 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:50:12.0528 4840 isapnp - ok
13:50:12.0559 4840 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:50:12.0606 4840 iScsiPrt - ok
13:50:12.0622 4840 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:50:12.0653 4840 kbdclass - ok
13:50:12.0684 4840 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:50:12.0731 4840 kbdhid - ok
13:50:12.0746 4840 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:50:12.0762 4840 KeyIso - ok
13:50:12.0793 4840 [ B6D6F12C214DE823FA22709F7BD0EB0B ] KoneFltr C:\Windows\system32\drivers\Kone.sys
13:50:12.0871 4840 KoneFltr - ok
13:50:12.0902 4840 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:50:12.0949 4840 KSecDD - ok
13:50:12.0980 4840 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:50:13.0012 4840 KSecPkg - ok
13:50:13.0043 4840 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:50:13.0105 4840 ksthunk - ok
13:50:13.0136 4840 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:50:13.0214 4840 KtmRm - ok
13:50:13.0261 4840 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:50:13.0324 4840 LanmanServer - ok
13:50:13.0355 4840 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:50:13.0417 4840 LanmanWorkstation - ok
13:50:13.0448 4840 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:50:13.0511 4840 lltdio - ok
13:50:13.0526 4840 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:50:13.0636 4840 lltdsvc - ok
13:50:13.0667 4840 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:50:13.0745 4840 lmhosts - ok
13:50:13.0760 4840 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:50:13.0792 4840 LSI_FC - ok
13:50:13.0807 4840 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:50:13.0854 4840 LSI_SAS - ok
13:50:13.0854 4840 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:50:13.0885 4840 LSI_SAS2 - ok
13:50:13.0901 4840 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:50:13.0932 4840 LSI_SCSI - ok
13:50:13.0948 4840 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:50:14.0010 4840 luafv - ok
13:50:14.0041 4840 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:50:14.0119 4840 Mcx2Svc - ok
13:50:14.0150 4840 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:50:14.0182 4840 megasas - ok
13:50:14.0197 4840 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:50:14.0244 4840 MegaSR - ok
13:50:14.0275 4840 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:50:14.0338 4840 MMCSS - ok
13:50:14.0353 4840 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:50:14.0416 4840 Modem - ok
13:50:14.0462 4840 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:50:14.0494 4840 monitor - ok
13:50:14.0556 4840 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:50:14.0587 4840 mouclass - ok
13:50:14.0603 4840 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:50:14.0650 4840 mouhid - ok
13:50:14.0681 4840 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:50:14.0712 4840 mountmgr - ok
13:50:14.0790 4840 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:50:14.0852 4840 MozillaMaintenance - ok
13:50:14.0884 4840 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:50:14.0915 4840 mpio - ok
13:50:14.0930 4840 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:50:14.0993 4840 mpsdrv - ok
13:50:15.0086 4840 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:50:15.0196 4840 MpsSvc - ok
13:50:15.0227 4840 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:50:15.0289 4840 MRxDAV - ok
13:50:15.0320 4840 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:50:15.0367 4840 mrxsmb - ok
13:50:15.0414 4840 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:50:15.0461 4840 mrxsmb10 - ok
13:50:15.0492 4840 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:50:15.0539 4840 mrxsmb20 - ok
13:50:15.0554 4840 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:50:15.0586 4840 msahci - ok
13:50:15.0617 4840 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:50:15.0648 4840 msdsm - ok
13:50:15.0664 4840 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:50:15.0742 4840 MSDTC - ok
13:50:15.0788 4840 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:50:15.0851 4840 Msfs - ok
13:50:15.0851 4840 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:50:15.0913 4840 mshidkmdf - ok
13:50:15.0944 4840 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:50:15.0976 4840 msisadrv - ok
13:50:16.0007 4840 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:50:16.0116 4840 MSiSCSI - ok
13:50:16.0116 4840 msiserver - ok
13:50:16.0163 4840 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:50:16.0256 4840 MSKSSRV - ok
13:50:16.0350 4840 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:50:16.0412 4840 MSPCLOCK - ok
13:50:16.0428 4840 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:50:16.0490 4840 MSPQM - ok
13:50:16.0522 4840 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:50:16.0553 4840 MsRPC - ok
13:50:16.0584 4840 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:50:16.0615 4840 mssmbios - ok
13:50:16.0631 4840 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:50:16.0678 4840 MSTEE - ok
13:50:16.0693 4840 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:50:16.0740 4840 MTConfig - ok
13:50:16.0771 4840 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:50:16.0802 4840 Mup - ok
13:50:16.0849 4840 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:50:16.0943 4840 napagent - ok
13:50:16.0974 4840 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:50:17.0021 4840 NativeWifiP - ok
13:50:17.0068 4840 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:50:17.0146 4840 NDIS - ok
13:50:17.0177 4840 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:50:17.0239 4840 NdisCap - ok
13:50:17.0255 4840 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:50:17.0317 4840 NdisTapi - ok
13:50:17.0364 4840 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:50:17.0442 4840 Ndisuio - ok
13:50:17.0504 4840 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:50:17.0598 4840 NdisWan - ok
13:50:17.0629 4840 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:50:17.0692 4840 NDProxy - ok
13:50:17.0738 4840 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:50:17.0770 4840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:50:17.0770 4840 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:50:17.0816 4840 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:50:17.0863 4840 NetBIOS - ok
13:50:17.0910 4840 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:50:17.0988 4840 NetBT - ok
13:50:18.0004 4840 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:50:18.0019 4840 Netlogon - ok
13:50:18.0066 4840 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:50:18.0144 4840 Netman - ok
13:50:18.0144 4840 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:50:18.0206 4840 netprofm - ok
13:50:18.0253 4840 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:50:18.0347 4840 NetTcpPortSharing - ok
13:50:18.0487 4840 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
13:50:18.0721 4840 netw5v64 - ok
13:50:18.0768 4840 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:50:18.0815 4840 nfrd960 - ok
13:50:18.0846 4840 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:50:18.0924 4840 NlaSvc - ok
13:50:18.0940 4840 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:50:19.0002 4840 Npfs - ok
13:50:19.0033 4840 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:50:19.0111 4840 nsi - ok
13:50:19.0111 4840 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:50:19.0174 4840 nsiproxy - ok
13:50:19.0236 4840 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:50:19.0314 4840 Ntfs - ok
13:50:19.0330 4840 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:50:19.0408 4840 Null - ok
13:50:19.0673 4840 [ B34E9BFBD9C61048EF6281C3E7EC210A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:50:20.0141 4840 nvlddmkm - ok
13:50:20.0172 4840 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:50:20.0219 4840 nvraid - ok
13:50:20.0234 4840 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:50:20.0281 4840 nvstor - ok
13:50:20.0328 4840 [ DFDA089BB2CD0FF7E789E2EF6BA1E4BA ] nvsvc C:\Windows\system32\nvvsvc.exe
13:50:20.0390 4840 nvsvc - ok
13:50:20.0468 4840 [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
13:50:21.0092 4840 nvUpdatusService - ok
13:50:21.0124 4840 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:50:21.0155 4840 nv_agp - ok
13:50:21.0264 4840 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:50:21.0326 4840 odserv - ok
13:50:21.0389 4840 [ 44A9473D72983DD484B4F1BF0D946571 ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
13:50:21.0436 4840 OEM02Dev - ok
13:50:21.0451 4840 [ 766F689564BC30E5A91F8621CE65AD68 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
13:50:21.0498 4840 OEM02Vfx - ok
13:50:21.0514 4840 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:50:21.0545 4840 ohci1394 - ok
13:50:21.0654 4840 [ FD85186C9F1ABE012DDF44C233552129 ] OS Selector C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
13:50:21.0748 4840 OS Selector - ok
13:50:21.0794 4840 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:50:21.0841 4840 ose - ok
13:50:21.0888 4840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:50:21.0950 4840 p2pimsvc - ok
13:50:21.0966 4840 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:50:22.0013 4840 p2psvc - ok
13:50:22.0044 4840 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:50:22.0075 4840 Parport - ok
13:50:22.0106 4840 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:50:22.0138 4840 partmgr - ok
13:50:22.0153 4840 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:50:22.0216 4840 PcaSvc - ok
13:50:22.0247 4840 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:50:22.0278 4840 pci - ok
13:50:22.0294 4840 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:50:22.0340 4840 pciide - ok
13:50:22.0356 4840 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:50:22.0403 4840 pcmcia - ok
13:50:22.0418 4840 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:50:22.0450 4840 pcw - ok
13:50:22.0481 4840 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:50:22.0559 4840 PEAUTH - ok
13:50:22.0621 4840 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:50:22.0699 4840 PeerDistSvc - ok
13:50:22.0777 4840 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:50:22.0824 4840 PerfHost - ok
13:50:22.0886 4840 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:50:23.0027 4840 pla - ok
13:50:23.0058 4840 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:50:23.0136 4840 PlugPlay - ok
13:50:23.0183 4840 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:50:23.0230 4840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:50:23.0230 4840 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:50:23.0261 4840 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:50:23.0292 4840 PNRPAutoReg - ok
13:50:23.0323 4840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:50:23.0354 4840 PNRPsvc - ok
13:50:23.0401 4840 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:50:23.0432 4840 Point64 - ok
13:50:23.0464 4840 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:50:23.0557 4840 PolicyAgent - ok
13:50:23.0573 4840 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:50:23.0651 4840 Power - ok
13:50:23.0666 4840 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:50:23.0729 4840 PptpMiniport - ok
13:50:23.0760 4840 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:50:23.0807 4840 Processor - ok
13:50:23.0854 4840 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:50:23.0900 4840 ProfSvc - ok
13:50:23.0916 4840 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:50:23.0947 4840 ProtectedStorage - ok
13:50:23.0994 4840 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:50:24.0041 4840 Psched - ok
13:50:24.0088 4840 [ 0B6DEA0A1662CAB8F2BF339DC0752EF4 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
13:50:24.0134 4840 PSI_SVC_2 - ok
13:50:24.0166 4840 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:50:24.0275 4840 ql2300 - ok
13:50:24.0306 4840 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:50:24.0337 4840 ql40xx - ok
13:50:24.0384 4840 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:50:24.0431 4840 QWAVE - ok
13:50:24.0431 4840 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:50:24.0478 4840 QWAVEdrv - ok
13:50:24.0493 4840 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:50:24.0571 4840 RasAcd - ok
13:50:24.0618 4840 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:50:24.0665 4840 RasAgileVpn - ok
13:50:24.0680 4840 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:50:24.0821 4840 RasAuto - ok
13:50:24.0852 4840 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:50:24.0914 4840 Rasl2tp - ok
13:50:24.0946 4840 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:50:25.0024 4840 RasMan - ok
13:50:25.0024 4840 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:50:25.0102 4840 RasPppoe - ok
13:50:25.0117 4840 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:50:25.0195 4840 RasSstp - ok
13:50:25.0226 4840 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:50:25.0289 4840 rdbss - ok
13:50:25.0304 4840 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:50:25.0351 4840 rdpbus - ok
13:50:25.0367 4840 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:50:25.0429 4840 RDPCDD - ok
13:50:25.0460 4840 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:50:25.0507 4840 RDPDR - ok
13:50:25.0538 4840 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:50:25.0601 4840 RDPENCDD - ok
13:50:25.0616 4840 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:50:25.0679 4840 RDPREFMP - ok
13:50:25.0710 4840 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:50:25.0772 4840 RDPWD - ok
13:50:25.0819 4840 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:50:25.0850 4840 rdyboost - ok
13:50:25.0882 4840 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:50:25.0944 4840 RemoteAccess - ok
13:50:25.0975 4840 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:50:26.0053 4840 RemoteRegistry - ok
13:50:26.0100 4840 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:50:26.0147 4840 RFCOMM - ok
13:50:26.0194 4840 [ E31960692CBB3A8BCDF300BC1D889E1F ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
13:50:26.0240 4840 rimmptsk - ok
13:50:26.0256 4840 [ BB9EDC55B0B8CB4FCD713428820E0776 ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
13:50:26.0303 4840 rimsptsk - ok
13:50:26.0318 4840 [ 481C3FDEACAAE04B74C58288DBC91DF9 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
13:50:26.0350 4840 rismxdp - ok
13:50:26.0443 4840 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:50:26.0584 4840 RpcEptMapper - ok
13:50:26.0599 4840 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:50:26.0646 4840 RpcLocator - ok
13:50:26.0677 4840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:50:26.0740 4840 RpcSs - ok
13:50:26.0771 4840 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:50:26.0833 4840 rspndr - ok
13:50:26.0849 4840 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:50:26.0927 4840 s3cap - ok
13:50:26.0927 4840 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:50:26.0958 4840 SamSs - ok
13:50:27.0036 4840 [ A0540477B5283DD06642A184756C63FF ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
13:50:27.0083 4840 SAVAdminService - ok
13:50:27.0130 4840 [ 2192AE4D310ADB821B38595150F5A384 ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
13:50:27.0161 4840 SAVOnAccess - ok
13:50:27.0192 4840 [ B8A272D4E91EFB366E16BEA0FA42D7EE ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
13:50:27.0223 4840 SAVService - ok
13:50:27.0301 4840 [ 152EE68830FFB13F0B1FEC6C9B99644F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
13:50:27.0364 4840 SbieDrv - ok
13:50:27.0364 4840 [ FD0287131D91352F225EBB5CD3527952 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
13:50:27.0410 4840 SbieSvc - ok
13:50:27.0442 4840 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:50:27.0473 4840 sbp2port - ok
13:50:27.0504 4840 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:50:27.0582 4840 SCardSvr - ok
13:50:27.0613 4840 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:50:27.0691 4840 scfilter - ok
13:50:27.0738 4840 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:50:27.0816 4840 Schedule - ok
13:50:27.0847 4840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:50:27.0894 4840 SCPolicySvc - ok
13:50:27.0925 4840 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
13:50:27.0956 4840 sdbus - ok
13:50:28.0003 4840 [ 7D67AEABEB597C602EDB5B3AE316E96A ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
13:50:28.0019 4840 sdcfilter - ok
13:50:28.0050 4840 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:50:28.0097 4840 SDRSVC - ok
13:50:28.0159 4840 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:50:28.0237 4840 secdrv - ok
13:50:28.0268 4840 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:50:28.0315 4840 seclogon - ok
13:50:28.0362 4840 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:50:28.0409 4840 SENS - ok
13:50:28.0424 4840 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:50:28.0471 4840 SensrSvc - ok
13:50:28.0487 4840 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:50:28.0518 4840 Serenum - ok
13:50:28.0534 4840 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:50:28.0565 4840 Serial - ok
13:50:28.0596 4840 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:50:28.0627 4840 sermouse - ok
13:50:28.0674 4840 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:50:28.0721 4840 SessionEnv - ok
13:50:28.0752 4840 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:50:28.0799 4840 sffdisk - ok
13:50:28.0799 4840 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:50:28.0830 4840 sffp_mmc - ok
13:50:28.0846 4840 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:50:28.0877 4840 sffp_sd - ok
13:50:28.0877 4840 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:50:28.0908 4840 sfloppy - ok
13:50:28.0955 4840 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:50:29.0438 4840 SharedAccess - ok
13:50:29.0485 4840 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:50:29.0563 4840 ShellHWDetection - ok
13:50:29.0657 4840 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:50:29.0704 4840 SiSRaid2 - ok
13:50:29.0704 4840 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:50:29.0735 4840 SiSRaid4 - ok
13:50:29.0797 4840 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:50:30.0125 4840 SkypeUpdate - ok
13:50:30.0125 4840 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:50:30.0187 4840 Smb - ok
13:50:30.0234 4840 [ B2AA7562BA5858633FCDCD246E8D6730 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
13:50:30.0265 4840 snapman - ok
13:50:30.0296 4840 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:50:30.0343 4840 SNMPTRAP - ok
13:50:30.0421 4840 [ 8A12AB5DE877B8F97D5EE70E16A5C9B2 ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
13:50:30.0468 4840 Sophos AutoUpdate Service - ok
13:50:30.0546 4840 [ BD03374253F79CE7A716A870DC85BD84 ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
13:50:30.0577 4840 Sophos Web Control Service - ok
13:50:30.0624 4840 [ 69FBE35A8165ADBC313AA7F64B868CA1 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
13:50:30.0655 4840 SophosBootDriver - ok
13:50:30.0686 4840 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:50:30.0718 4840 spldr - ok
13:50:30.0764 4840 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:50:30.0827 4840 Spooler - ok
13:50:30.0936 4840 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:50:31.0264 4840 sppsvc - ok
13:50:31.0295 4840 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:50:31.0373 4840 sppuinotify - ok
13:50:31.0404 4840 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:50:31.0466 4840 srv - ok
13:50:31.0482 4840 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:50:31.0513 4840 srv2 - ok
13:50:31.0560 4840 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:50:31.0700 4840 SrvHsfHDA - ok
13:50:31.0732 4840 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:50:31.0810 4840 SrvHsfV92 - ok
13:50:31.0841 4840 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:50:31.0903 4840 SrvHsfWinac - ok
13:50:31.0919 4840 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:50:31.0966 4840 srvnet - ok
13:50:32.0012 4840 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:50:32.0059 4840 SSDPSRV - ok
13:50:32.0075 4840 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:50:32.0137 4840 SstpSvc - ok
13:50:32.0168 4840 Steam Client Service - ok
13:50:32.0231 4840 [ 6086B60F2E36D06A063CB07ED0524332 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:50:32.0356 4840 Stereo Service - ok
13:50:32.0387 4840 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:50:32.0434 4840 stexstor - ok
13:50:32.0465 4840 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:50:32.0527 4840 stisvc - ok
13:50:32.0543 4840 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:50:32.0574 4840 storflt - ok
13:50:32.0605 4840 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
13:50:32.0683 4840 StorSvc - ok
13:50:32.0699 4840 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:50:32.0730 4840 storvsc - ok
13:50:32.0746 4840 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:50:32.0777 4840 swenum - ok
13:50:32.0902 4840 [ 6A91F997BB4B569BF993801017E7122C ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
13:50:33.0307 4840 swi_service - ok
13:50:33.0463 4840 [ AA17EA2EF6E050904426C027C8F5BD01 ] swi_update_64 C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe
13:50:33.0604 4840 swi_update_64 - ok
13:50:33.0635 4840 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:50:33.0697 4840 swprv - ok
13:50:33.0728 4840 [ 8F63178D1DB81BB79270AE55ECDD8321 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:50:33.0760 4840 SynTP - ok
13:50:33.0822 4840 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:50:33.0916 4840 SysMain - ok
13:50:33.0947 4840 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:50:33.0994 4840 TabletInputService - ok
13:50:34.0025 4840 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:50:34.0118 4840 TapiSrv - ok
13:50:34.0118 4840 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:50:34.0196 4840 TBS - ok
13:50:34.0259 4840 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:50:34.0321 4840 Tcpip - ok
13:50:34.0384 4840 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:50:34.0430 4840 TCPIP6 - ok
13:50:34.0462 4840 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:50:34.0508 4840 tcpipreg - ok
13:50:34.0540 4840 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:50:34.0602 4840 TDPIPE - ok
13:50:34.0633 4840 [ 0735948466EC4FD24AA4AD36448C6888 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
13:50:34.0680 4840 tdrpman - ok
13:50:34.0711 4840 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:50:34.0742 4840 TDTCP - ok
13:50:34.0789 4840 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:50:34.0867 4840 tdx - ok
13:50:34.0883 4840 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:50:34.0914 4840 TermDD - ok
13:50:34.0945 4840 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:50:35.0039 4840 TermService - ok
13:50:35.0070 4840 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:50:35.0117 4840 Themes - ok
13:50:35.0132 4840 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:50:35.0179 4840 THREADORDER - ok
13:50:35.0195 4840 [ 8FF7D3276F47938AD11FD15B4EB1ABF6 ] tifsfilter C:\Windows\system32\DRIVERS\tifsfilt.sys
13:50:35.0226 4840 tifsfilter - ok
13:50:35.0273 4840 [ 5D21EC50C03387B9519E87A303D0850B ] timounter C:\Windows\system32\DRIVERS\timntr.sys
13:50:35.0304 4840 timounter - ok
13:50:35.0335 4840 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:50:35.0398 4840 TrkWks - ok
13:50:35.0460 4840 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:50:35.0522 4840 TrustedInstaller - ok
13:50:35.0569 4840 [ 7C9159A4647AC97CFA106BFB38789FB8 ] TryAndDecideService c:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
13:50:35.0632 4840 TryAndDecideService - ok
13:50:35.0678 4840 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:50:35.0741 4840 tssecsrv - ok
13:50:35.0788 4840 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:50:35.0834 4840 TsUsbFlt - ok
13:50:35.0881 4840 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:50:35.0944 4840 tunnel - ok
13:50:35.0959 4840 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:50:36.0006 4840 uagp35 - ok
13:50:36.0037 4840 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:50:36.0131 4840 udfs - ok
13:50:36.0178 4840 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:50:36.0209 4840 UI0Detect - ok
13:50:36.0240 4840 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:50:36.0302 4840 uliagpkx - ok
13:50:36.0349 4840 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
13:50:36.0380 4840 umbus - ok
13:50:36.0396 4840 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:50:36.0427 4840 UmPass - ok
13:50:36.0458 4840 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:50:36.0505 4840 UmRdpService - ok
13:50:36.0521 4840 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:50:36.0568 4840 upnphost - ok
13:50:36.0614 4840 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:50:36.0692 4840 usbaudio - ok
13:50:36.0724 4840 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:50:36.0833 4840 usbccgp - ok
13:50:37.0004 4840 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:50:37.0129 4840 usbcir - ok
13:50:37.0145 4840 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:50:37.0176 4840 usbehci - ok
13:50:37.0192 4840 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:50:37.0238 4840 usbhub - ok
13:50:37.0254 4840 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:50:37.0301 4840 usbohci - ok
13:50:37.0332 4840 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:50:37.0379 4840 usbprint - ok
13:50:37.0426 4840 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:50:37.0488 4840 usbscan - ok
13:50:37.0504 4840 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:50:37.0550 4840 USBSTOR - ok
13:50:37.0566 4840 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:50:37.0613 4840 usbuhci - ok
13:50:37.0628 4840 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:50:37.0660 4840 usbvideo - ok
13:50:37.0691 4840 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:50:37.0753 4840 UxSms - ok
13:50:37.0769 4840 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:50:37.0784 4840 VaultSvc - ok
13:50:37.0800 4840 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:50:37.0831 4840 vdrvroot - ok
13:50:37.0878 4840 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:50:37.0956 4840 vds - ok
13:50:37.0987 4840 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:50:38.0034 4840 vga - ok
13:50:38.0050 4840 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:50:38.0112 4840 VgaSave - ok
13:50:38.0112 4840 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:50:38.0159 4840 vhdmp - ok
13:50:38.0174 4840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:50:38.0206 4840 viaide - ok
13:50:38.0221 4840 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:50:38.0252 4840 vmbus - ok
13:50:38.0268 4840 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:50:38.0284 4840 VMBusHID - ok
13:50:38.0315 4840 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:50:38.0346 4840 volmgr - ok
13:50:38.0377 4840 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:50:38.0408 4840 volmgrx - ok
13:50:38.0440 4840 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:50:38.0471 4840 volsnap - ok
13:50:38.0549 4840 [ 3B98AB9849754CB88265111422441DF7 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
13:50:38.0611 4840 vpnagent - ok
13:50:38.0642 4840 [ 13E6D95E7AC67ABB7A1196557EF8849F ] vpnva C:\Windows\system32\DRIVERS\vpnva64.sys
13:50:38.0658 4840 vpnva - ok
13:50:38.0705 4840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:50:38.0767 4840 vsmraid - ok
13:50:38.0830 4840 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:50:38.0939 4840 VSS - ok
13:50:38.0954 4840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:50:39.0001 4840 vwifibus - ok
13:50:39.0048 4840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:50:39.0188 4840 W32Time - ok
13:50:39.0220 4840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:50:39.0282 4840 WacomPen - ok
13:50:39.0329 4840 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:50:39.0376 4840 WANARP - ok
13:50:39.0391 4840 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:50:39.0438 4840 Wanarpv6 - ok
13:50:39.0485 4840 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:50:39.0594 4840 wbengine - ok
13:50:39.0610 4840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:50:39.0656 4840 WbioSrvc - ok
13:50:39.0688 4840 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:50:39.0750 4840 wcncsvc - ok
13:50:39.0766 4840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:50:39.0812 4840 WcsPlugInService - ok
13:50:39.0828 4840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:50:39.0859 4840 Wd - ok
13:50:39.0890 4840 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:50:39.0937 4840 Wdf01000 - ok
13:50:39.0937 4840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:50:40.0078 4840 WdiServiceHost - ok
13:50:40.0078 4840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:50:40.0109 4840 WdiSystemHost - ok
13:50:40.0140 4840 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:50:40.0171 4840 WebClient - ok
13:50:40.0202 4840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:50:40.0265 4840 Wecsvc - ok
13:50:40.0280 4840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:50:40.0358 4840 wercplsupport - ok
13:50:40.0374 4840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:50:40.0452 4840 WerSvc - ok
13:50:40.0468 4840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:50:40.0530 4840 WfpLwf - ok
13:50:40.0546 4840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:50:40.0577 4840 WIMMount - ok
13:50:40.0592 4840 WinDefend - ok
13:50:40.0608 4840 WinHttpAutoProxySvc - ok
13:50:40.0670 4840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:50:40.0748 4840 Winmgmt - ok
13:50:40.0826 4840 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:50:40.0936 4840 WinRM - ok
13:50:40.0982 4840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:50:41.0045 4840 Wlansvc - ok
13:50:41.0154 4840 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:50:41.0248 4840 wlidsvc - ok
13:50:41.0263 4840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:50:41.0294 4840 WmiAcpi - ok
13:50:41.0326 4840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:50:41.0404 4840 wmiApSrv - ok
13:50:41.0419 4840 WMPNetworkSvc - ok
13:50:41.0435 4840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:50:41.0497 4840 WPCSvc - ok
13:50:41.0528 4840 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:50:41.0560 4840 WPDBusEnum - ok
13:50:41.0591 4840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:50:41.0684 4840 ws2ifsl - ok
13:50:41.0700 4840 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:50:41.0747 4840 wscsvc - ok
13:50:41.0747 4840 WSearch - ok
13:50:41.0840 4840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:50:41.0934 4840 wuauserv - ok
13:50:41.0965 4840 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:50:42.0028 4840 WudfPf - ok
13:50:42.0059 4840 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:50:42.0121 4840 WUDFRd - ok
13:50:42.0168 4840 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:50:42.0230 4840 wudfsvc - ok
13:50:42.0246 4840 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:50:42.0293 4840 WwanSvc - ok
13:50:42.0324 4840 ================ Scan global ===============================
13:50:42.0371 4840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:50:42.0402 4840 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:50:42.0433 4840 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:50:42.0464 4840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:50:42.0496 4840 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:50:42.0511 4840 [Global] - ok
13:50:42.0511 4840 ================ Scan MBR ==================================
13:50:42.0527 4840 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:50:42.0917 4840 \Device\Harddisk0\DR0 - ok
13:50:42.0932 4840 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR3
13:50:43.0510 4840 \Device\Harddisk2\DR3 - ok
13:50:43.0510 4840 ================ Scan VBR ==================================
13:50:43.0510 4840 [ D5ECAB37825E9C13F1E399622B0B6D56 ] \Device\Harddisk0\DR0\Partition1
13:50:43.0510 4840 \Device\Harddisk0\DR0\Partition1 - ok
13:50:43.0541 4840 [ 9E54EED0D9ABCD12E0673443732B59B1 ] \Device\Harddisk0\DR0\Partition2
13:50:43.0541 4840 \Device\Harddisk0\DR0\Partition2 - ok
13:50:43.0556 4840 [ 44F65BFC474D5047DD0AD7C18AD06F48 ] \Device\Harddisk0\DR0\Partition3
13:50:43.0556 4840 \Device\Harddisk0\DR0\Partition3 - ok
13:50:43.0572 4840 [ 661C736FFCFE213C26942D9D3A86E292 ] \Device\Harddisk0\DR0\Partition4
13:50:43.0572 4840 \Device\Harddisk0\DR0\Partition4 - ok
13:50:43.0588 4840 [ C040069D74C650B3B861EF0E2241FA9E ] \Device\Harddisk2\DR3\Partition1
13:50:43.0588 4840 \Device\Harddisk2\DR3\Partition1 - ok
13:50:43.0588 4840 ============================================================
13:50:43.0588 4840 Scan finished
13:50:43.0588 4840 ============================================================
13:50:43.0603 4560 Detected object count: 7
13:50:43.0603 4560 Actual detected object count: 7
13:54:37.0448 4560 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:54:37.0448 4560 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:54:37.0448 4560 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:54:37.0448 4560 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:54:37.0463 4560 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
13:54:37.0463 4560 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:54:37.0463 4560 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:54:37.0463 4560 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:54:37.0463 4560 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
13:54:37.0463 4560 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:54:37.0463 4560 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:54:37.0463 4560 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:54:37.0463 4560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:54:37.0463 4560 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
26.09.2012, 15:59
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mozilla/Browser öffnet manche Seiten nicht Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.09.2012, 21:41
| #25 |
| | Mozilla/Browser öffnet manche Seiten nichtCode:
ATTFilter ComboFix 12-09-30.01 - S5470 30.09.2012 21:42:16.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4094.2532 [GMT 2:00]
ausgeführt von:: c:\users\S5470\Desktop\ComboFix.exe
AV: Sophos Anti-Virus *Disabled/Updated* {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
SP: Sophos Anti-Virus *Disabled/Updated* {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\S5470\AppData\Local\assembly\tmp
.
Infizierte Kopie von c:\windows\SysWow64\userinit.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-28 bis 2012-09-30 ))))))))))))))))))))))))))))))
.
.
2012-09-30 20:27 . 2012-09-30 20:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-09-30 20:27 . 2012-09-30 20:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-30 14:19 . 2012-09-30 20:28 -------- d-----w- c:\programdata\Avanquest Bluetooth SDK
2012-09-30 14:02 . 2012-09-30 14:02 -------- d-----w- c:\users\S5470\AppData\Local\Sony
2012-09-30 13:45 . 2012-09-30 13:45 -------- d-----w- c:\programdata\Sony
2012-09-30 13:45 . 2012-09-30 13:45 -------- d-----w- c:\program files (x86)\Sony
2012-09-29 10:22 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A25B569E-A9BE-40DF-B3DB-88B4FD3E635A}\mpengine.dll
2012-09-26 11:13 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-25 19:51 . 2012-09-25 19:51 -------- d-----w- c:\programdata\WEBREG
2012-09-25 19:02 . 2012-09-25 19:51 -------- d-----w- c:\users\S5470\AppData\Roaming\HP
2012-09-25 19:01 . 2012-09-25 19:01 -------- d-----w- c:\users\S5470\AppData\Local\HP
2012-09-25 18:57 . 2012-09-25 18:57 -------- d-----w- c:\programdata\HP Product Assistant
2012-09-25 18:56 . 2012-09-25 18:56 -------- d-----w- c:\windows\SysWow64\spool
2012-09-25 17:35 . 2012-09-25 17:35 -------- d-----w- C:\_OTL
2012-09-25 16:40 . 2012-09-25 16:40 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-09-24 21:26 . 2012-09-24 21:26 -------- d-----w- c:\program files (x86)\Common Files\HP
2012-09-24 21:26 . 2012-09-24 21:26 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2012-09-24 21:25 . 2012-09-25 18:58 -------- d-----w- c:\program files (x86)\HP
2012-09-24 21:24 . 2012-09-25 19:01 -------- d-----w- c:\programdata\HP
2012-09-24 21:24 . 2009-07-08 10:51 938496 ----a-w- c:\windows\system32\hpowiax5.dll
2012-09-24 21:24 . 2009-07-08 10:51 642360 ----a-w- c:\windows\system32\hpzids40.dll
2012-09-24 21:24 . 2009-07-08 10:51 540672 ----a-w- c:\windows\system32\hppldcoi.dll
2012-09-24 21:24 . 2009-07-08 10:51 505344 ----a-w- c:\windows\system32\hpovst12.dll
2012-09-24 21:24 . 2009-07-08 10:51 1403904 ----a-w- c:\windows\system32\hpotiop5.dll
2012-09-15 15:13 . 2012-09-15 15:13 -------- d-----w- c:\program files (x86)\ESET
2012-09-12 12:24 . 2012-09-12 12:24 -------- d-----w- c:\users\S5470\AppData\Roaming\Malwarebytes
2012-09-12 12:24 . 2012-09-12 12:24 -------- d-----w- c:\programdata\Malwarebytes
2012-09-12 12:24 . 2012-09-12 12:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-12 12:24 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-12 06:28 . 2012-09-12 06:28 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-09-12 06:28 . 2012-09-12 06:28 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-12 06:28 . 2012-09-12 06:28 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-09-12 06:28 . 2012-09-12 06:28 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-09-12 06:28 . 2012-09-12 06:28 192600 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-09-12 06:28 . 2012-09-12 06:28 114144 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-09-11 22:00 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-11 22:00 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-11 22:00 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-11 22:00 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-11 22:00 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-11 22:00 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-11 22:00 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-10 21:11 . 2012-09-10 21:12 -------- d-----w- c:\program files\Microsoft Silverlight
2012-09-10 21:11 . 2012-09-10 21:12 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-09-10 20:58 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-09-10 20:58 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-09-10 20:44 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-09-10 20:18 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-09-10 20:18 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-09-10 20:16 . 2012-04-07 12:31 3216384 ----a-w- c:\windows\system32\msi.dll
2012-09-10 20:16 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-09-10 20:16 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-09-10 20:16 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-09-10 20:16 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-09-10 20:16 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-09-10 20:16 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-09-10 20:16 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-09-10 20:16 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-09-10 20:16 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-09-10 19:57 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-09-10 19:57 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-09-10 19:57 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-09-10 19:57 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-09-10 19:56 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-09-10 19:56 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-09-10 19:56 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-09-10 19:52 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-09-10 19:52 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-09-10 19:49 . 2012-09-10 19:49 -------- d-----w- c:\users\S5470\AppData\Local\Tracker Software
2012-09-10 06:09 . 2012-09-10 06:09 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-10 06:09 . 2012-09-10 06:09 -------- d-----w- c:\program files (x86)\Java
2012-09-09 20:22 . 2012-09-09 20:22 -------- d-----w- c:\users\S5470\AppData\Local\Macromedia
2012-09-09 18:53 . 2012-09-09 18:53 144672 ----a-w- c:\windows\system32\drivers\savonaccess.sys
2012-09-09 18:52 . 2012-09-09 18:52 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-25 11:50 . 2012-04-21 23:26 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-25 11:50 . 2011-07-22 19:11 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-11 22:01 . 2011-07-22 17:19 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-10 06:09 . 2011-07-29 12:05 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-09 18:53 . 2012-04-21 23:16 37400 ----a-w- c:\windows\system32\SophosBootTasks.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-03-24 597736]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2012-09-09 900160]
"Kone"="c:\program files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE" [2011-02-18 1666560]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-08-31 2622232]
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-08-31 907040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 swi_update_64;Sophos Web Intelligence Update;c:\programdata\Sophos\Web Intelligence\swi_update_64.exe [2012-09-09 2009152]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-25 250288]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-24 52320]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-03-24 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-03-24 9096]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-12 114144]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-26 46176]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
R3 sdcfilter;sdcfilter;c:\windows\system32\DRIVERS\sdcfilter.sys [2012-04-21 36640]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys [2011-07-22 25608]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-11 270912]
S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys [2012-09-09 144672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 OS Selector;Acronis OS Selector Activator;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-09-30 2155848]
S2 SAVAdminService;Sophos Anti-Virus Statusreporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2012-09-17 216640]
S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2012-09-09 139840]
S2 Sophos Web Control Service;Sophos Web Control Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [2012-09-09 357400]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2012-09-17 2863168]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2011-09-22 645048]
S3 bcm44amd64;Broadcom 440x 10/100-integrierter Controller-XP-Treiber;c:\windows\system32\DRIVERS\b44amd64.sys [2009-06-10 87552]
S3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [2008-12-11 15488]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 11:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-05-21 326760]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-08-31 140568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
LSP: c:\programdata\Sophos\Web Intelligence\swi_ifslsp.dll
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\S5470\AppData\Roaming\Mozilla\Firefox\Profiles\ay543qgo.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-994605533-1841656101-3182983877-1000\Software\SecuROM\License information*]
"datasecu"=hex:ad,76,a2,f0,ba,cf,c3,36,47,cc,3a,85,55,d6,de,2e,5a,7e,e7,4b,7d,
df,50,24,cb,83,8b,31,0c,be,88,e5,9c,57,bf,5c,4a,17,c7,14,e3,22,34,17,ac,7d,\
"rkeysecu"=hex:45,fc,de,95,0b,c6,6d,63,72,5f,7c,e9,07,6e,26,a8
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Sophos\AutoUpdate\ALsvc.exe
c:\program files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-30 22:36:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-30 20:36
.
Vor Suchlauf: 11 Verzeichnis(se), 145.175.797.760 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 145.909.284.864 Bytes frei
.
- - End Of File - - 046170B791610CF76E67FF61C4CA5415
|
|
01.10.2012, 13:06
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mozilla/Browser öffnet manche Seiten nicht Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.10.2012, 21:35
| #27 |
| | Mozilla/Browser öffnet manche Seiten nicht So Scan-Marathon beendet GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-01 21:14:52
Windows 6.1.7601 Service Pack 1
Running: ditk53ws.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00197eda2267
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00197eda2267@001b59723436 0x92 0xB8 0xA7 0x12 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00197eda2267 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00197eda2267@001b59723436 0x92 0xB8 0xA7 0x12 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\Users\S5470\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\HP\xa0Update.lnk 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP\xa0Update.lnk 1
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:31:28 on 01.10.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Sophos Limited" - C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Acronis True Image Backup Archive Explorer" (timounter) - "Acronis" - C:\Windows\System32\DRIVERS\timntr.sys "Acronis True Image FS Filter" (tifsfilter) - "Acronis" - C:\Windows\System32\DRIVERS\tifsfilt.sys "Acronis Try&Decide and Restore Points filter" (tdrpman) - "Acronis" - C:\Windows\System32\DRIVERS\tdrpman.sys "epmntdrv" (epmntdrv) - ? - C:\Windows\system32\epmntdrv.sys (File found, but it contains no detailed information) "EuGdiDrv" (EuGdiDrv) - ? - C:\Windows\system32\EuGdiDrv.sys (File found, but it contains no detailed information) "Microsoft Mouse and Keyboard Center Filter Driver" (Point64) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\point64.sys "SAVOnAccess" (SAVOnAccess) - "Sophos Limited" - C:\Windows\System32\DRIVERS\savonaccess.sys "SbieDrv" (SbieDrv) - "SANDBOXIE L.T.D" - C:\Program Files\Sandboxie\SbieDrv.sys "sdcfilter" (sdcfilter) - "Sophos Limited" - C:\Windows\System32\DRIVERS\sdcfilter.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {8EF5DC20-419C-4E43-A088-DE5B5625CA47} "{8EF5DC20-419C-4E43-A088-DE5B5625CA47}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - c:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - c:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll {C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Extension" - "Acronis" - c:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll {DE902992-61FC-4A01-8091-53E1895C9775} "CDR Icon Handler" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {7AD101F2-0B93-4D66-A1CA-DF73F3C4377B} "CDR preview provider" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {7FA63AC0-F5BC-4F3B-A9CF-94328D812B62} "CDR Property Handler" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {1462EBAA-96E7-4D93-9A66-0E4068DE4FCF} "CDR Thumbnail provider" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {DE902994-61FC-4A01-8091-53E1895C9775} "CMX Icon Handler" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {1462EBAC-96E7-4D93-9A66-0E4068DE4FCF} "CMX Thumbnail provider" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} "ContextMenuHandler Class" - "Sophos Limited" - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExt.dll {DE902993-61FC-4A01-8091-53E1895C9775} "CPT Icon Handler" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {7FA63AC1-F5BC-4F3B-A9CF-94328D812B62} "CPT Property Handler" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {1462EBAB-96E7-4D93-9A66-0E4068DE4FCF} "CPT Thumbnail provider" - "Corel Corporation" - c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL {CF822AB4-6DB5-4FDA-BC28-E61DF36D2583} "PDF-XChange PDF Preview Provider" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {67EB453C-1BE1-48EC-AAF3-23B10277FCC1} "PDF-XChange PDF Property Handler" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {EBD0B8F4-A9A0-41B7-9695-030CD264D9C8} "PDF-XChange PDF Thumbnail Provider" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - C:\Program Files\Tracker Software\Shell Extensions\Win32\XCShInfo.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_35" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} "Java Plug-in 1.6.0_35" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_35" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_35.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Authentication packages" - "Acronis" - C:\Windows\system32\relog_ap.dll "Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\S5470\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "RocketDock" - ? - "C:\Program Files (x86)\RocketDock\RocketDock.exe" (File found, but it contains no detailed information) "SandboxieControl" - "SANDBOXIE L.T.D" - "C:\Program Files\Sandboxie\SbieCtrl.exe" -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "AcronisTimounterMonitor" - "Acronis" - c:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe "hpqSRMon" - "Hewlett-Packard" - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe "Kone" - "ROCCAT" - "C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE" "Sophos AutoUpdate Monitor" - "Sophos Limited" - C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "TrueImageMonitor.exe" - "Acronis" - c:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "pdfcmon" - "pdfforge GbR" - C:\Windows\system32\pdfcmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Acronis OS Selector Activator" (OS Selector) - ? - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe (File found, but it contains no detailed information) "Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - c:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe "Acronis Try And Decide Service" (TryAndDecideService) - ? - c:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe (File found, but it contains no detailed information) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "Cisco AnyConnect VPN Agent" (vpnagent) - "Cisco Systems, Inc." - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll "HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe "NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe "Sandboxie Service" (SbieSvc) - "SANDBOXIE L.T.D" - C:\Program Files\Sandboxie\SbieSvc.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "Sony PC Companion" (Sony PC Companion) - "Avanquest Software" - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe "Sophos Anti-Virus" (SAVService) - "Sophos Limited" - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe "Sophos Anti-Virus Statusreporter" (SAVAdminService) - "Sophos Limited" - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe "Sophos AutoUpdate Service" (Sophos AutoUpdate Service) - "Sophos Limited" - C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe "Sophos Web Control Service" (Sophos Web Control Service) - "Sophos Limited" - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe "Sophos Web Intelligence Service" (swi_service) - "Sophos Limited" - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe "Sophos Web Intelligence Update" (swi_update_64) - "Sophos Limited" - C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "Sophos Web Intelligence IFSLSP" - "Sophos Limited" - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-01 22:17:50
-----------------------------
22:17:50.194 OS Version: Windows x64 6.1.7601 Service Pack 1
22:17:50.194 Number of processors: 2 586 0xF0D
22:17:50.210 ComputerName: S5470-PC UserName: S5470
22:17:51.442 Initialize success
22:18:02.612 AVAST engine defs: 12100100
22:18:10.896 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
22:18:10.911 Disk 0 Vendor: ST9500420AS 0002SDM1 Size: 476940MB BusType: 11
22:18:10.927 Disk 0 MBR read successfully
22:18:10.927 Disk 0 MBR scan
22:18:10.942 Disk 0 Windows 7 default MBR code
22:18:10.942 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200004 MB offset 63
22:18:10.958 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 150099 MB offset 409609312
22:18:10.974 Disk 0 Partition - 00 05 Extended 126834 MB offset 717013081
22:18:10.989 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 30004 MB offset 717013144
22:18:11.005 Disk 0 Partition - 00 05 Extended 96830 MB offset 778463232
22:18:11.067 Disk 0 scanning C:\Windows\system32\drivers
22:18:36.589 Service scanning
22:19:19.161 Modules scanning
22:19:19.692 Disk 0 trace - called modules:
22:19:19.723 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:19:19.723 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044d8060]
22:19:19.723 3 CLASSPNP.SYS[fffff88001b1f43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0xfffffa8004153680]
22:19:22.281 AVAST engine scan C:\Windows
22:19:28.085 AVAST engine scan C:\Windows\system32
22:28:23.555 AVAST engine scan C:\Windows\system32\drivers
22:28:54.709 AVAST engine scan C:\Users\S5470
22:30:28.122 AVAST engine scan C:\ProgramData
22:32:40.519 Scan finished successfully
22:33:48.722 Disk 0 MBR has been saved successfully to "C:\Users\S5470\Desktop\MBR.dat"
22:33:48.738 The log file has been saved successfully to "C:\Users\S5470\Desktop\aswMBR.txt"
Geändert von sonpetitchou (01.10.2012 um 21:40 Uhr) |
|
02.10.2012, 14:46
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mozilla/Browser öffnet manche Seiten nicht Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.10.2012, 14:22
| #29 |
| | Mozilla/Browser öffnet manche Seiten nicht Alles klar. Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/07/2012 at 03:02 PM
Application Version : 5.5.1022
Core Rules Database Version : 9354
Trace Rules Database Version: 7166
Scan type : Complete Scan
Total Scan Time : 01:54:38
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 649
Memory threats detected : 0
Registry items scanned : 77941
Registry threats detected : 0
File items scanned : 156831
File threats detected : 234
Adware.Tracking Cookie
C:\Users\S5470\AppData\Roaming\Microsoft\Windows\Cookies\APZQ7Z03.txt [ /c.atdmt.com ]
C:\Users\S5470\AppData\Roaming\Microsoft\Windows\Cookies\O721DIVG.txt [ /atdmt.com ]
C:\USERS\S5470\Cookies\APZQ7Z03.txt [ Cookie:s5470@c.atdmt.com/ ]
C:\USERS\S5470\Cookies\O721DIVG.txt [ Cookie:s5470@atdmt.com/ ]
tracking.mlsat02.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
wbr-ads-01.odmedia.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
adserver1.mokono.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.amazonservices.122.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
top100.rambler.ru [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
top100.rambler.ru [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.tns-counter.ru [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
adserv.kwick.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
adserv.kwick.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
clicks.oxid-efire.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
s1.trafficmaxx.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
wkstats.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
wkstats.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
wkstats.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.pumaonlinestorede.112.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.ehg-sz.hitbox.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ads1.jurawelt.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
track.blogcounter.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
adserver.pc-cooling.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
wkstats.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www9.addfreestats.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.mediabrandsww.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ads.tgramedia.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
audit.median.hu [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.richmedia.yahoo.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adverticum.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adverticum.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
szmstat.sueddeutsche.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
stats.comunio.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
stats.comunio.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
stats.comunio.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdkigjdzklq.stats.esomniture.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.shinystat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
s4.shinystat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.freegofind.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.dailymotionpoc.112.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.clickbank.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
track.webstatistik-bw.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.clickbank.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\USERS\S5470\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AY543QGO.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.10.06.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 S5470 :: S5470-PC [Administrator] 06.10.2012 10:45:31 mbam-log-2012-10-06 (10-45-31).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Z:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 365316 Laufzeit: 1 Stunde(n), 1 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
07.10.2012, 19:46
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mozilla/Browser öffnet manche Seiten nicht Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Mozilla/Browser öffnet manche Seiten nicht |
| abstürzen, adobe, adobe flash player, application/pdf:, aufgehangen, autorun, bho, browser, explorer, firefox, flash player, format, helper, intranet, langs, logfile, malwarebytes, maus, microsoft, mozilla, nvidia, plug-in, problem, programme, registry, scan, seiten, software, tracker, windows, öffnet |
Linear-Darstellung
