| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich aufWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.10.2012, 04:57
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich aufCode:
ATTFilter \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.10.2012, 07:54
| #17 |
 | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Eintrag wurde gelöscht wie vorgegeben:
__________________Code:
ATTFilter 08:45:30.0706 0868 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:45:30.0859 0868 ============================================================
08:45:30.0859 0868 Current date / time: 2012/10/07 08:45:30.0859
08:45:30.0859 0868 SystemInfo:
08:45:30.0859 0868
08:45:30.0860 0868 OS Version: 6.0.6002 ServicePack: 2.0
08:45:30.0860 0868 Product type: Workstation
08:45:30.0860 0868 ComputerName: JOSHUA
08:45:30.0860 0868 UserName: Wolfgang
08:45:30.0860 0868 Windows directory: C:\Windows
08:45:30.0860 0868 System windows directory: C:\Windows
08:45:30.0860 0868 Processor architecture: Intel x86
08:45:30.0860 0868 Number of processors: 2
08:45:30.0860 0868 Page size: 0x1000
08:45:30.0860 0868 Boot type: Normal boot
08:45:30.0860 0868 ============================================================
08:45:33.0175 0868 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:45:33.0177 0868 ============================================================
08:45:33.0177 0868 \Device\Harddisk0\DR0:
08:45:33.0195 0868 MBR partitions:
08:45:33.0195 0868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B800, BlocksNum 0x1400000
08:45:33.0195 0868 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x142B800, BlocksNum 0xC768800
08:45:33.0221 0868 ============================================================
08:45:33.0377 0868 C: <-> \Device\Harddisk0\DR0\Partition2
08:45:33.0566 0868 D: <-> \Device\Harddisk0\DR0\Partition1
08:45:33.0567 0868 ============================================================
08:45:33.0567 0868 Initialize success
08:45:33.0567 0868 ============================================================
08:45:41.0512 3968 ============================================================
08:45:41.0512 3968 Scan started
08:45:41.0512 3968 Mode: Manual; SigCheck; TDLFS;
08:45:41.0512 3968 ============================================================
08:45:42.0985 3968 ================ Scan system memory ========================
08:45:42.0985 3968 System memory - ok
08:45:42.0985 3968 ================ Scan services =============================
08:45:43.0688 3968 [ 553BA53445795CBC0D4F9FA37EB855A6 ] acedrv10 C:\Windows\system32\drivers\acedrv10.sys
08:45:43.0922 3968 acedrv10 - ok
08:45:43.0951 3968 [ 8CE00B6A46962A1808B19CD1DAE5170C ] acehlp10 C:\Windows\system32\drivers\acehlp10.sys
08:45:43.0967 3968 acehlp10 - ok
08:45:44.0033 3968 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
08:45:44.0077 3968 ACPI - ok
08:45:44.0165 3968 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:45:44.0197 3968 adp94xx - ok
08:45:44.0247 3968 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:45:44.0269 3968 adpahci - ok
08:45:44.0284 3968 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
08:45:44.0302 3968 adpu160m - ok
08:45:44.0311 3968 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:45:44.0328 3968 adpu320 - ok
08:45:44.0381 3968 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:45:44.0512 3968 AeLookupSvc - ok
08:45:44.0586 3968 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
08:45:44.0643 3968 AFD - ok
08:45:44.0708 3968 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:45:44.0734 3968 agp440 - ok
08:45:44.0803 3968 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
08:45:44.0962 3968 aic78xx - ok
08:45:45.0053 3968 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
08:45:45.0408 3968 ALG - ok
08:45:45.0437 3968 [ 5C42A992E68724D2CD3DDB4FC3B0409F ] aliide C:\Windows\system32\drivers\aliide.sys
08:45:45.0453 3968 aliide - ok
08:45:45.0475 3968 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys
08:45:45.0492 3968 amdagp - ok
08:45:45.0521 3968 [ 849DFACDDE533DA5D1810F0CAF84EB19 ] amdide C:\Windows\system32\drivers\amdide.sys
08:45:45.0557 3968 amdide - ok
08:45:45.0584 3968 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
08:45:45.0839 3968 AmdK7 - ok
08:45:45.0913 3968 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:45:46.0010 3968 AmdK8 - ok
08:45:46.0334 3968 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
08:45:46.0350 3968 AntiVirSchedulerService - ok
08:45:46.0431 3968 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
08:45:46.0445 3968 AntiVirService - ok
08:45:46.0519 3968 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
08:45:46.0635 3968 Appinfo - ok
08:45:46.0670 3968 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
08:45:46.0686 3968 arc - ok
08:45:46.0736 3968 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:45:46.0752 3968 arcsas - ok
08:45:46.0973 3968 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:45:46.0987 3968 aspnet_state - ok
08:45:47.0067 3968 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:45:47.0156 3968 AsyncMac - ok
08:45:47.0187 3968 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
08:45:47.0202 3968 atapi - ok
08:45:47.0304 3968 [ F8A2A11291A994B1A1F0867CFFAA6E18 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
08:45:47.0382 3968 Ati External Event Utility - ok
08:45:47.0456 3968 [ 72BC628AF75C4C3250F2A3BAC260265A ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
08:45:47.0473 3968 atksgt - ok
08:45:47.0563 3968 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:45:47.0648 3968 AudioEndpointBuilder - ok
08:45:47.0658 3968 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:45:47.0684 3968 Audiosrv - ok
08:45:47.0760 3968 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
08:45:47.0774 3968 avgntflt - ok
08:45:47.0862 3968 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
08:45:47.0877 3968 avipbb - ok
08:45:47.0937 3968 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
08:45:47.0950 3968 avkmgr - ok
08:45:48.0018 3968 [ 08015D34F6FDD0B355805BAD978497C3 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
08:45:48.0088 3968 bcm4sbxp - ok
08:45:48.0141 3968 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
08:45:48.0185 3968 Beep - ok
08:45:48.0269 3968 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
08:45:48.0343 3968 BFE - ok
08:45:48.0444 3968 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
08:45:48.0503 3968 BITS - ok
08:45:48.0510 3968 blbdrive - ok
08:45:48.0563 3968 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:45:48.0726 3968 bowser - ok
08:45:48.0775 3968 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
08:45:48.0837 3968 BrFiltLo - ok
08:45:48.0859 3968 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
08:45:49.0012 3968 BrFiltUp - ok
08:45:49.0054 3968 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
08:45:49.0118 3968 Browser - ok
08:45:49.0160 3968 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
08:45:49.0222 3968 Brserid - ok
08:45:49.0243 3968 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
08:45:49.0314 3968 BrSerWdm - ok
08:45:49.0361 3968 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
08:45:49.0447 3968 BrUsbMdm - ok
08:45:49.0473 3968 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
08:45:49.0540 3968 BrUsbSer - ok
08:45:49.0594 3968 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
08:45:49.0647 3968 BthEnum - ok
08:45:49.0691 3968 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:45:49.0751 3968 BTHMODEM - ok
08:45:49.0786 3968 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:45:49.0835 3968 BthPan - ok
08:45:49.0924 3968 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
08:45:49.0974 3968 BTHPORT - ok
08:45:50.0002 3968 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
08:45:50.0078 3968 BthServ - ok
08:45:50.0111 3968 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
08:45:50.0182 3968 BTHUSB - ok
08:45:50.0249 3968 [ 4A28E7BD365377D0512B7EF8C7596D2C ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:45:50.0280 3968 btwaudio - ok
08:45:50.0309 3968 [ 5FFDE57253D665067B0886612817EB11 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
08:45:50.0454 3968 btwavdt - ok
08:45:50.0562 3968 [ AB07DC8B05C31A4F95FC73019BE9DB15 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:45:50.0600 3968 btwrchid - ok
08:45:50.0670 3968 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:45:50.0734 3968 cdfs - ok
08:45:50.0820 3968 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:45:50.0988 3968 cdrom - ok
08:45:51.0062 3968 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
08:45:51.0125 3968 CertPropSvc - ok
08:45:51.0178 3968 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
08:45:51.0243 3968 circlass - ok
08:45:51.0267 3968 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
08:45:51.0292 3968 CLFS - ok
08:45:51.0310 3968 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:45:51.0325 3968 clr_optimization_v2.0.50727_32 - ok
08:45:51.0411 3968 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:45:51.0441 3968 clr_optimization_v4.0.30319_32 - ok
08:45:51.0495 3968 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:45:51.0705 3968 CmBatt - ok
08:45:51.0734 3968 [ DE11A06E187756ECB86CFA82DAC40FF7 ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:45:51.0750 3968 cmdide - ok
08:45:51.0798 3968 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:45:51.0821 3968 Compbatt - ok
08:45:51.0830 3968 COMSysApp - ok
08:45:51.0841 3968 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:45:51.0856 3968 crcdisk - ok
08:45:51.0876 3968 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
08:45:51.0983 3968 Crusoe - ok
08:45:52.0081 3968 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:45:52.0136 3968 CryptSvc - ok
08:45:52.0192 3968 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:45:52.0252 3968 DcomLaunch - ok
08:45:52.0321 3968 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:45:52.0388 3968 DfsC - ok
08:45:53.0008 3968 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
08:45:53.0172 3968 DFSR - ok
08:45:53.0322 3968 [ D8522960163FA593694E441194A9A574 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
08:45:53.0337 3968 dg_ssudbus - ok
08:45:53.0575 3968 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
08:45:53.0616 3968 Dhcp - ok
08:45:53.0734 3968 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
08:45:53.0753 3968 disk - ok
08:45:53.0783 3968 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:45:53.0894 3968 Dnscache - ok
08:45:53.0946 3968 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:45:53.0992 3968 dot3svc - ok
08:45:54.0084 3968 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
08:45:54.0115 3968 DPS - ok
08:45:54.0191 3968 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:45:54.0247 3968 drmkaud - ok
08:45:54.0403 3968 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:45:54.0463 3968 DXGKrnl - ok
08:45:54.0587 3968 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
08:45:54.0920 3968 e1express - ok
08:45:55.0057 3968 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
08:45:55.0213 3968 E1G60 - ok
08:45:55.0315 3968 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
08:45:55.0410 3968 EapHost - ok
08:45:55.0674 3968 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
08:45:55.0758 3968 Ecache - ok
08:45:55.0957 3968 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:45:56.0343 3968 ehRecvr - ok
08:45:56.0478 3968 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
08:45:56.0766 3968 ehSched - ok
08:45:56.0852 3968 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
08:45:56.0947 3968 ehstart - ok
08:45:57.0203 3968 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:45:57.0408 3968 elxstor - ok
08:45:57.0824 3968 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
08:45:58.0365 3968 EMDMgmt - ok
08:45:58.0428 3968 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
08:45:58.0491 3968 EventSystem - ok
08:45:58.0680 3968 [ F10E7AA8BDF4488E3DFA989B8E7F7C9F ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
08:45:58.0766 3968 EvtEng ( UnsignedFile.Multi.Generic ) - warning
08:45:58.0766 3968 EvtEng - detected UnsignedFile.Multi.Generic (1)
08:45:58.0834 3968 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
08:45:58.0884 3968 exfat - ok
08:45:58.0941 3968 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:45:59.0013 3968 fastfat - ok
08:45:59.0059 3968 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:45:59.0145 3968 fdc - ok
08:45:59.0199 3968 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
08:45:59.0271 3968 fdPHost - ok
08:45:59.0298 3968 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
08:45:59.0388 3968 FDResPub - ok
08:45:59.0419 3968 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:45:59.0463 3968 FileInfo - ok
08:45:59.0485 3968 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:45:59.0529 3968 Filetrace - ok
08:45:59.0558 3968 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:45:59.0629 3968 flpydisk - ok
08:45:59.0693 3968 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:45:59.0715 3968 FltMgr - ok
08:45:59.0854 3968 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
08:45:59.0988 3968 FontCache - ok
08:46:00.0084 3968 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:46:00.0100 3968 FontCache3.0.0.0 - ok
08:46:00.0144 3968 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:46:00.0193 3968 Fs_Rec - ok
08:46:00.0240 3968 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:46:00.0273 3968 gagp30kx - ok
08:46:00.0317 3968 getPlusHelper - ok
08:46:00.0386 3968 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
08:46:00.0521 3968 gpsvc - ok
08:46:00.0658 3968 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9912216cfd88b C:\Program Files\Google\Update\GoogleUpdate.exe
08:46:00.0672 3968 gupdate1c9912216cfd88b - ok
08:46:00.0694 3968 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:46:00.0707 3968 gupdatem - ok
08:46:00.0762 3968 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:46:00.0819 3968 HdAudAddService - ok
08:46:00.0942 3968 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:46:01.0086 3968 HDAudBus - ok
08:46:01.0128 3968 [ FCB3F4BE408F72C1BD81BCABA87FC22F ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:46:01.0187 3968 HidBth - ok
08:46:01.0226 3968 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
08:46:01.0303 3968 HidIr - ok
08:46:01.0340 3968 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
08:46:01.0358 3968 hidserv - ok
08:46:01.0392 3968 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:46:01.0441 3968 HidUsb - ok
08:46:01.0486 3968 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:46:01.0552 3968 hkmsvc - ok
08:46:01.0575 3968 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
08:46:01.0609 3968 HpCISSs - ok
08:46:01.0821 3968 [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
08:46:01.0981 3968 HSF_DPV - ok
08:46:02.0002 3968 [ 31F949D452201F2F0AF0C88D7DB512CD ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
08:46:02.0038 3968 HSXHWAZL - ok
08:46:02.0162 3968 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:46:02.0271 3968 HTTP - ok
08:46:02.0302 3968 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
08:46:02.0323 3968 i2omp - ok
08:46:02.0377 3968 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:46:02.0417 3968 i8042prt - ok
08:46:02.0443 3968 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
08:46:02.0464 3968 iaStorV - ok
08:46:02.0658 3968 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:46:02.0683 3968 IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:46:02.0683 3968 IDriverT - detected UnsignedFile.Multi.Generic (1)
08:46:02.0784 3968 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:46:02.0845 3968 idsvc - ok
08:46:02.0900 3968 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:46:02.0935 3968 iirsp - ok
08:46:03.0139 3968 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
08:46:03.0197 3968 IKEEXT - ok
08:46:03.0278 3968 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
08:46:03.0324 3968 intelide - ok
08:46:03.0408 3968 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:46:03.0481 3968 intelppm - ok
08:46:03.0556 3968 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:46:03.0627 3968 IPBusEnum - ok
08:46:03.0644 3968 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:46:03.0684 3968 IpFilterDriver - ok
08:46:03.0720 3968 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:46:03.0774 3968 iphlpsvc - ok
08:46:03.0780 3968 IpInIp - ok
08:46:03.0857 3968 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
08:46:03.0920 3968 IPMIDRV - ok
08:46:03.0974 3968 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
08:46:04.0093 3968 IPNAT - ok
08:46:04.0140 3968 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:46:04.0170 3968 IRENUM - ok
08:46:04.0198 3968 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:46:04.0214 3968 isapnp - ok
08:46:04.0315 3968 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
08:46:04.0335 3968 iScsiPrt - ok
08:46:04.0367 3968 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
08:46:04.0400 3968 iteatapi - ok
08:46:04.0418 3968 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
08:46:04.0433 3968 iteraid - ok
08:46:04.0473 3968 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:46:04.0489 3968 kbdclass - ok
08:46:04.0583 3968 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:46:04.0630 3968 kbdhid - ok
08:46:04.0668 3968 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
08:46:04.0735 3968 KeyIso - ok
08:46:04.0857 3968 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:46:04.0888 3968 KSecDD - ok
08:46:04.0995 3968 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
08:46:05.0086 3968 KtmRm - ok
08:46:05.0124 3968 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
08:46:05.0184 3968 LanmanServer - ok
08:46:05.0244 3968 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:46:05.0306 3968 LanmanWorkstation - ok
08:46:05.0345 3968 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
08:46:05.0359 3968 lirsgt - ok
08:46:05.0413 3968 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:46:05.0482 3968 lltdio - ok
08:46:05.0514 3968 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:46:05.0561 3968 lltdsvc - ok
08:46:05.0601 3968 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:46:05.0651 3968 lmhosts - ok
08:46:05.0753 3968 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:46:05.0770 3968 LSI_FC - ok
08:46:05.0803 3968 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:46:05.0838 3968 LSI_SAS - ok
08:46:05.0871 3968 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:46:05.0887 3968 LSI_SCSI - ok
08:46:05.0942 3968 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
08:46:05.0988 3968 luafv - ok
08:46:06.0047 3968 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:46:06.0074 3968 Mcx2Svc - ok
08:46:06.0121 3968 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
08:46:06.0149 3968 mdmxsdk - ok
08:46:06.0171 3968 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
08:46:06.0192 3968 megasas - ok
08:46:06.0233 3968 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
08:46:06.0285 3968 MMCSS - ok
08:46:06.0302 3968 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
08:46:06.0359 3968 Modem - ok
08:46:06.0410 3968 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:46:06.0454 3968 monitor - ok
08:46:06.0493 3968 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:46:06.0508 3968 mouclass - ok
08:46:06.0539 3968 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:46:06.0605 3968 mouhid - ok
08:46:06.0656 3968 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
08:46:06.0692 3968 MountMgr - ok
08:46:06.0733 3968 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
08:46:06.0749 3968 mpio - ok
08:46:06.0767 3968 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:46:06.0825 3968 mpsdrv - ok
08:46:06.0884 3968 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
08:46:06.0952 3968 MpsSvc - ok
08:46:06.0966 3968 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
08:46:06.0983 3968 Mraid35x - ok
08:46:07.0019 3968 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:46:07.0062 3968 MRxDAV - ok
08:46:07.0096 3968 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:46:07.0157 3968 mrxsmb - ok
08:46:07.0201 3968 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:46:07.0258 3968 mrxsmb10 - ok
08:46:07.0283 3968 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:46:07.0300 3968 mrxsmb20 - ok
08:46:07.0323 3968 [ 0D1C042188FFE61A702A9DF5944DE5BA ] msahci C:\Windows\system32\drivers\msahci.sys
08:46:07.0341 3968 msahci - ok
08:46:07.0358 3968 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:46:07.0373 3968 msdsm - ok
08:46:07.0419 3968 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
08:46:07.0487 3968 MSDTC - ok
08:46:07.0521 3968 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:46:07.0570 3968 Msfs - ok
08:46:07.0596 3968 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:46:07.0614 3968 msisadrv - ok
08:46:07.0689 3968 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:46:07.0890 3968 MSiSCSI - ok
08:46:07.0899 3968 msiserver - ok
08:46:07.0946 3968 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:46:07.0992 3968 MSKSSRV - ok
08:46:08.0052 3968 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:46:08.0112 3968 MSPCLOCK - ok
08:46:08.0132 3968 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:46:08.0161 3968 MSPQM - ok
08:46:08.0201 3968 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:46:08.0218 3968 MsRPC - ok
08:46:08.0238 3968 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:46:08.0254 3968 mssmbios - ok
08:46:08.0290 3968 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:46:08.0365 3968 MSTEE - ok
08:46:08.0385 3968 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
08:46:08.0423 3968 Mup - ok
08:46:08.0507 3968 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
08:46:08.0636 3968 napagent - ok
08:46:08.0738 3968 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:46:08.0852 3968 NativeWifiP - ok
08:46:09.0050 3968 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:46:09.0105 3968 NDIS - ok
08:46:09.0159 3968 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:46:09.0223 3968 NdisTapi - ok
08:46:09.0239 3968 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:46:09.0283 3968 Ndisuio - ok
08:46:09.0307 3968 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:46:09.0347 3968 NdisWan - ok
08:46:09.0371 3968 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:46:09.0418 3968 NDProxy - ok
08:46:09.0459 3968 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:46:09.0518 3968 NetBIOS - ok
08:46:09.0604 3968 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
08:46:09.0645 3968 netbt - ok
08:46:09.0679 3968 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
08:46:09.0695 3968 Netlogon - ok
08:46:09.0797 3968 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
08:46:09.0873 3968 Netman - ok
08:46:09.0944 3968 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
08:46:09.0995 3968 netprofm - ok
08:46:10.0034 3968 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:46:10.0077 3968 NetTcpPortSharing - ok
08:46:10.0359 3968 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
08:46:10.0523 3968 NETw4v32 - ok
08:46:10.0699 3968 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:46:10.0756 3968 nfrd960 - ok
08:46:10.0794 3968 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:46:10.0827 3968 NlaSvc - ok
08:46:10.0866 3968 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:46:11.0005 3968 Npfs - ok
08:46:11.0086 3968 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
08:46:11.0135 3968 nsi - ok
08:46:11.0158 3968 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:46:11.0239 3968 nsiproxy - ok
08:46:11.0366 3968 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:46:11.0425 3968 Ntfs - ok
08:46:11.0465 3968 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
08:46:11.0607 3968 ntrigdigi - ok
08:46:11.0727 3968 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
08:46:11.0761 3968 Null - ok
08:46:12.0975 3968 [ DC89868592D74DE404406C9420C3F277 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:46:13.0873 3968 nvlddmkm - ok
08:46:13.0913 3968 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:46:13.0988 3968 nvraid - ok
08:46:14.0024 3968 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:46:14.0070 3968 nvstor - ok
08:46:14.0101 3968 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:46:14.0170 3968 nv_agp - ok
08:46:14.0176 3968 NwlnkFlt - ok
08:46:14.0185 3968 NwlnkFwd - ok
08:46:14.0246 3968 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
08:46:14.0339 3968 ohci1394 - ok
08:46:14.0407 3968 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:46:14.0420 3968 ose - ok
08:46:14.0511 3968 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
08:46:14.0591 3968 p2pimsvc - ok
08:46:14.0611 3968 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
08:46:14.0641 3968 p2psvc - ok
08:46:14.0685 3968 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
08:46:14.0772 3968 Parport - ok
08:46:14.0812 3968 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:46:14.0830 3968 partmgr - ok
08:46:14.0846 3968 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
08:46:14.0937 3968 Parvdm - ok
08:46:14.0974 3968 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
08:46:15.0020 3968 PcaSvc - ok
08:46:15.0099 3968 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
08:46:15.0148 3968 pccsmcfd - ok
08:46:15.0200 3968 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
08:46:15.0230 3968 pci - ok
08:46:15.0267 3968 [ 54D23DC5B5072311116826FDB7F6E83E ] pciide C:\Windows\system32\DRIVERS\pciide.sys
08:46:15.0283 3968 pciide - ok
08:46:15.0326 3968 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:46:15.0344 3968 pcmcia - ok
08:46:15.0405 3968 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:46:15.0541 3968 PEAUTH - ok
08:46:15.0679 3968 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
08:46:15.0748 3968 pla - ok
08:46:15.0814 3968 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:46:15.0859 3968 PlugPlay - ok
08:46:15.0989 3968 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
08:46:16.0063 3968 PNRPAutoReg - ok
08:46:16.0078 3968 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
08:46:16.0132 3968 PNRPsvc - ok
08:46:16.0198 3968 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:46:16.0235 3968 PolicyAgent - ok
08:46:16.0323 3968 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:46:16.0398 3968 PptpMiniport - ok
08:46:16.0477 3968 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
08:46:16.0538 3968 Processor - ok
08:46:16.0580 3968 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
08:46:16.0609 3968 ProfSvc - ok
08:46:16.0624 3968 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
08:46:16.0640 3968 ProtectedStorage - ok
08:46:16.0685 3968 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
08:46:16.0730 3968 PSched - ok
08:46:16.0761 3968 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
08:46:16.0799 3968 PxHelp20 - ok
08:46:16.0861 3968 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:46:16.0918 3968 ql2300 - ok
08:46:16.0972 3968 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:46:16.0989 3968 ql40xx - ok
08:46:17.0047 3968 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
08:46:17.0183 3968 QWAVE - ok
08:46:17.0223 3968 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:46:17.0301 3968 QWAVEdrv - ok
08:46:17.0535 3968 [ A6201FD4D96F7FA7DB3AD609BE60FF5C ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
08:46:17.0691 3968 R300 - ok
08:46:17.0761 3968 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:46:17.0817 3968 RasAcd - ok
08:46:17.0857 3968 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
08:46:17.0925 3968 RasAuto - ok
08:46:17.0969 3968 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:46:18.0028 3968 Rasl2tp - ok
08:46:18.0071 3968 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
08:46:18.0119 3968 RasMan - ok
08:46:18.0146 3968 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:46:18.0186 3968 RasPppoe - ok
08:46:18.0204 3968 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:46:18.0235 3968 RasSstp - ok
08:46:18.0306 3968 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:46:18.0354 3968 rdbss - ok
08:46:18.0377 3968 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:46:18.0433 3968 RDPCDD - ok
08:46:18.0481 3968 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
08:46:18.0528 3968 rdpdr - ok
08:46:18.0535 3968 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:46:18.0565 3968 RDPENCDD - ok
08:46:18.0641 3968 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:46:18.0713 3968 RDPWD - ok
08:46:18.0750 3968 [ 7274BD434B6165BAA382BDD87F6CA4CE ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
08:46:18.0781 3968 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
08:46:18.0781 3968 RegSrvc - detected UnsignedFile.Multi.Generic (1)
08:46:18.0835 3968 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:46:18.0885 3968 RemoteAccess - ok
08:46:18.0927 3968 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:46:18.0974 3968 RemoteRegistry - ok
08:46:19.0017 3968 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:46:19.0067 3968 RFCOMM - ok
08:46:19.0100 3968 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
08:46:19.0128 3968 rimmptsk - ok
08:46:19.0160 3968 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
08:46:19.0200 3968 rimsptsk - ok
08:46:19.0285 3968 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
08:46:19.0390 3968 rismxdp - ok
08:46:19.0603 3968 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
08:46:19.0666 3968 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
08:46:19.0666 3968 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
08:46:19.0710 3968 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
08:46:19.0730 3968 RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
08:46:19.0730 3968 RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
08:46:19.0757 3968 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
08:46:19.0788 3968 RpcLocator - ok
08:46:19.0893 3968 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
08:46:19.0930 3968 RpcSs - ok
08:46:20.0000 3968 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:46:20.0045 3968 rspndr - ok
08:46:20.0055 3968 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
08:46:20.0072 3968 SamSs - ok
08:46:20.0116 3968 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:46:20.0145 3968 sbp2port - ok
08:46:20.0165 3968 SBRE - ok
08:46:20.0207 3968 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:46:20.0258 3968 SCardSvr - ok
08:46:20.0354 3968 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
08:46:20.0443 3968 Schedule - ok
08:46:20.0475 3968 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:46:20.0499 3968 SCPolicySvc - ok
08:46:20.0581 3968 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
08:46:20.0617 3968 sdbus - ok
08:46:20.0660 3968 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:46:20.0731 3968 SDRSVC - ok
08:46:20.0749 3968 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:46:20.0820 3968 secdrv - ok
08:46:20.0848 3968 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
08:46:20.0892 3968 seclogon - ok
08:46:20.0939 3968 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
08:46:20.0990 3968 SENS - ok
08:46:21.0010 3968 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
08:46:21.0077 3968 Serenum - ok
08:46:21.0111 3968 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
08:46:21.0164 3968 Serial - ok
08:46:21.0205 3968 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:46:21.0289 3968 sermouse - ok
08:46:21.0487 3968 [ E802089FEC30A95FDFD218995308F9B3 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
08:46:21.0530 3968 ServiceLayer - ok
08:46:21.0561 3968 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
08:46:21.0608 3968 SessionEnv - ok
08:46:21.0676 3968 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
08:46:21.0730 3968 sffdisk - ok
08:46:21.0776 3968 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:46:21.0858 3968 sffp_mmc - ok
08:46:21.0909 3968 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
08:46:21.0933 3968 sffp_sd - ok
08:46:21.0971 3968 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:46:22.0020 3968 sfloppy - ok
08:46:22.0133 3968 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:46:22.0280 3968 SharedAccess - ok
08:46:22.0325 3968 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:46:22.0390 3968 ShellHWDetection - ok
08:46:22.0427 3968 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys
08:46:22.0444 3968 sisagp - ok
08:46:22.0457 3968 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
08:46:22.0472 3968 SiSRaid2 - ok
08:46:22.0485 3968 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:46:22.0502 3968 SiSRaid4 - ok
08:46:22.0701 3968 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
08:46:22.0920 3968 slsvc - ok
08:46:22.0955 3968 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
08:46:23.0009 3968 SLUINotify - ok
08:46:23.0056 3968 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:46:23.0089 3968 Smb - ok
08:46:23.0134 3968 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:46:23.0151 3968 SNMPTRAP - ok
08:46:23.0200 3968 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
08:46:23.0249 3968 spldr - ok
08:46:23.0317 3968 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
08:46:23.0353 3968 Spooler - ok
08:46:23.0627 3968 [ D390675B8CE45E5FB359338E5E649329 ] sptd C:\Windows\system32\Drivers\sptd.sys
08:46:23.0628 3968 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: D390675B8CE45E5FB359338E5E649329
08:46:23.0631 3968 sptd ( LockedFile.Multi.Generic ) - warning
08:46:23.0631 3968 sptd - detected LockedFile.Multi.Generic (1)
08:46:23.0703 3968 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:46:23.0770 3968 srv - ok
08:46:23.0896 3968 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:46:23.0945 3968 srv2 - ok
08:46:23.0966 3968 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:46:24.0037 3968 srvnet - ok
08:46:24.0116 3968 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:46:24.0540 3968 SSDPSRV - ok
08:46:24.0683 3968 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
08:46:24.0694 3968 ssmdrv - ok
08:46:24.0734 3968 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:46:24.0819 3968 SstpSvc - ok
08:46:24.0937 3968 [ 1B4052F016BA5E087689ABA536A0A927 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
08:46:24.0986 3968 ssudmdm - ok
08:46:25.0050 3968 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
08:46:25.0073 3968 StarOpen ( UnsignedFile.Multi.Generic ) - warning
08:46:25.0073 3968 StarOpen - detected UnsignedFile.Multi.Generic (1)
08:46:25.0266 3968 [ 9CEA131B5EB0EA653F6B3EA80B54956D ] STHDA C:\Windows\system32\drivers\stwrt.sys
08:46:25.0403 3968 STHDA - ok
08:46:25.0452 3968 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
08:46:25.0502 3968 stisvc - ok
08:46:25.0573 3968 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
08:46:25.0610 3968 stllssvr ( UnsignedFile.Multi.Generic ) - warning
08:46:25.0610 3968 stllssvr - detected UnsignedFile.Multi.Generic (1)
08:46:25.0678 3968 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:46:25.0693 3968 swenum - ok
08:46:25.0744 3968 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
08:46:25.0796 3968 swprv - ok
08:46:25.0829 3968 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
08:46:25.0855 3968 Symc8xx - ok
08:46:25.0873 3968 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
08:46:25.0888 3968 Sym_hi - ok
08:46:25.0915 3968 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
08:46:25.0945 3968 Sym_u3 - ok
08:46:25.0995 3968 [ 1F5192248A364D4AB68DB063D18A2139 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:46:26.0010 3968 SynTP - ok
08:46:26.0051 3968 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
08:46:26.0123 3968 SysMain - ok
08:46:26.0163 3968 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:46:26.0198 3968 TabletInputService - ok
08:46:26.0267 3968 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:46:26.0324 3968 TapiSrv - ok
08:46:26.0396 3968 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
08:46:26.0445 3968 TBS - ok
08:46:26.0587 3968 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:46:26.0703 3968 Tcpip - ok
08:46:26.0755 3968 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
08:46:26.0795 3968 Tcpip6 - ok
08:46:26.0901 3968 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:46:26.0935 3968 tcpipreg - ok
08:46:26.0959 3968 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:46:27.0012 3968 TDPIPE - ok
08:46:27.0029 3968 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:46:27.0083 3968 TDTCP - ok
08:46:27.0130 3968 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:46:27.0178 3968 tdx - ok
08:46:27.0222 3968 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:46:27.0238 3968 TermDD - ok
08:46:27.0437 3968 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
08:46:27.0591 3968 TermService - ok
08:46:27.0682 3968 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
08:46:27.0703 3968 Themes - ok
08:46:27.0710 3968 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
08:46:27.0740 3968 THREADORDER - ok
08:46:27.0776 3968 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
08:46:27.0832 3968 TrkWks - ok
08:46:27.0942 3968 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:46:27.0978 3968 TrustedInstaller - ok
08:46:28.0019 3968 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:46:28.0080 3968 tssecsrv - ok
08:46:28.0146 3968 [ 6A29CD69D1128BDF49A705BEFC614A5B ] TuneUp.Defrag C:\Windows\System32\TuneUpDefragService.exe
08:46:28.0182 3968 TuneUp.Defrag - ok
08:46:28.0371 3968 [ 51EE2913ED525DE18FDA96DCCBC5386A ] TuneUp.ProgramStatisticsSvc C:\Windows\System32\TUProgSt.exe
08:46:28.0408 3968 TuneUp.ProgramStatisticsSvc - ok
08:46:28.0467 3968 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
08:46:28.0483 3968 tunmp - ok
08:46:28.0521 3968 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:46:28.0558 3968 tunnel - ok
08:46:28.0590 3968 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:46:28.0620 3968 uagp35 - ok
08:46:28.0726 3968 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:46:28.0799 3968 udfs - ok
08:46:28.0830 3968 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:46:28.0862 3968 UI0Detect - ok
08:46:28.0881 3968 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:46:28.0914 3968 uliagpkx - ok
08:46:28.0945 3968 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
08:46:28.0967 3968 uliahci - ok
08:46:28.0986 3968 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
08:46:29.0003 3968 UlSata - ok
08:46:29.0020 3968 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
08:46:29.0037 3968 ulsata2 - ok
08:46:29.0058 3968 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:46:29.0088 3968 umbus - ok
08:46:29.0224 3968 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
08:46:29.0258 3968 upnphost - ok
08:46:29.0358 3968 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:46:29.0414 3968 usbccgp - ok
08:46:29.0453 3968 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:46:29.0538 3968 usbcir - ok
08:46:29.0592 3968 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:46:29.0616 3968 usbehci - ok
08:46:29.0663 3968 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:46:29.0801 3968 usbhub - ok
08:46:29.0895 3968 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:46:30.0013 3968 usbohci - ok
08:46:30.0088 3968 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
08:46:30.0139 3968 usbprint - ok
08:46:30.0306 3968 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:46:30.0404 3968 USBSTOR - ok
08:46:30.0501 3968 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:46:30.0556 3968 usbuhci - ok
08:46:30.0597 3968 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
08:46:30.0637 3968 UxSms - ok
08:46:30.0675 3968 [ 2E2E93041C8058BC7DE6F0D743C4A0C6 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
08:46:30.0688 3968 UxTuneUp - ok
08:46:30.0750 3968 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
08:46:30.0800 3968 vds - ok
08:46:30.0857 3968 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:46:30.0928 3968 vga - ok
08:46:30.0986 3968 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
08:46:31.0034 3968 VgaSave - ok
08:46:31.0059 3968 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys
08:46:31.0093 3968 viaagp - ok
08:46:31.0126 3968 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
08:46:31.0192 3968 ViaC7 - ok
08:46:31.0225 3968 [ C0ACE9D0F5A5EE0B00F58345947A57FC ] viaide C:\Windows\system32\drivers\viaide.sys
08:46:31.0242 3968 viaide - ok
08:46:31.0277 3968 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:46:31.0316 3968 volmgr - ok
08:46:31.0391 3968 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:46:31.0431 3968 volmgrx - ok
08:46:31.0519 3968 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:46:31.0542 3968 volsnap - ok
08:46:31.0568 3968 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:46:31.0603 3968 vsmraid - ok
08:46:31.0764 3968 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
08:46:31.0857 3968 VSS - ok
08:46:31.0925 3968 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
08:46:31.0992 3968 W32Time - ok
08:46:32.0064 3968 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:46:32.0145 3968 WacomPen - ok
08:46:32.0205 3968 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
08:46:32.0243 3968 Wanarp - ok
08:46:32.0249 3968 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:46:32.0274 3968 Wanarpv6 - ok
08:46:32.0517 3968 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:46:32.0663 3968 wcncsvc - ok
08:46:32.0751 3968 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:46:32.0794 3968 WcsPlugInService - ok
08:46:32.0859 3968 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
08:46:32.0874 3968 Wd - ok
08:46:33.0078 3968 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:46:33.0123 3968 Wdf01000 - ok
08:46:33.0193 3968 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:46:33.0245 3968 WdiServiceHost - ok
08:46:33.0250 3968 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:46:33.0283 3968 WdiSystemHost - ok
08:46:33.0335 3968 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
08:46:33.0356 3968 WebClient - ok
08:46:33.0404 3968 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:46:33.0464 3968 Wecsvc - ok
08:46:33.0496 3968 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:46:33.0541 3968 wercplsupport - ok
08:46:33.0584 3968 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
08:46:33.0628 3968 WerSvc - ok
08:46:33.0709 3968 [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
08:46:33.0750 3968 winachsf - ok
08:46:33.0931 3968 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
08:46:33.0955 3968 WinDefend - ok
08:46:33.0963 3968 WinHttpAutoProxySvc - ok
08:46:34.0163 3968 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:46:34.0205 3968 Winmgmt - ok
08:46:34.0420 3968 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
08:46:34.0563 3968 WinRM - ok
08:46:34.0651 3968 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:46:34.0721 3968 Wlansvc - ok
08:46:34.0764 3968 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
08:46:34.0834 3968 WmiAcpi - ok
08:46:34.0892 3968 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:46:35.0004 3968 wmiApSrv - ok
08:46:35.0117 3968 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:46:35.0245 3968 WMPNetworkSvc - ok
08:46:35.0299 3968 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:46:35.0449 3968 WPCSvc - ok
08:46:35.0559 3968 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:46:35.0638 3968 WPDBusEnum - ok
08:46:35.0703 3968 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
08:46:35.0829 3968 WpdUsb - ok
08:46:36.0063 3968 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:46:36.0095 3968 WPFFontCache_v0400 - ok
08:46:36.0133 3968 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:46:36.0178 3968 ws2ifsl - ok
08:46:36.0212 3968 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
08:46:36.0241 3968 wscsvc - ok
08:46:36.0249 3968 WSearch - ok
08:46:36.0438 3968 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
08:46:36.0529 3968 wuauserv - ok
08:46:36.0649 3968 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:46:36.0681 3968 WUDFRd - ok
08:46:36.0721 3968 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:46:36.0754 3968 wudfsvc - ok
08:46:36.0793 3968 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
08:46:36.0820 3968 XAudio - ok
08:46:36.0876 3968 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
08:46:36.0896 3968 XAudioService - ok
08:46:36.0954 3968 ================ Scan global ===============================
08:46:37.0022 3968 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
08:46:37.0140 3968 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
08:46:37.0224 3968 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
08:46:37.0354 3968 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
08:46:37.0358 3968 [Global] - ok
08:46:37.0359 3968 ================ Scan MBR ==================================
08:46:37.0378 3968 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:46:38.0514 3968 \Device\Harddisk0\DR0 - ok
08:46:38.0516 3968 ================ Scan VBR ==================================
08:46:38.0545 3968 [ CAD60F4449ACA2C65347DAD7024CC1A6 ] \Device\Harddisk0\DR0\Partition1
08:46:38.0576 3968 \Device\Harddisk0\DR0\Partition1 - ok
08:46:38.0597 3968 [ ECBD938FC5C24153E16F139973F09DF4 ] \Device\Harddisk0\DR0\Partition2
08:46:38.0599 3968 \Device\Harddisk0\DR0\Partition2 - ok
08:46:38.0600 3968 ============================================================
08:46:38.0600 3968 Scan finished
08:46:38.0600 3968 ============================================================
08:46:38.0615 3584 Detected object count: 8
08:46:38.0616 3584 Actual detected object count: 8
08:49:38.0753 3584 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:38.0753 3584 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:38.0756 3584 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:38.0756 3584 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:38.0760 3584 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:38.0760 3584 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:38.0763 3584 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:38.0763 3584 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:38.0763 3584 RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:38.0763 3584 RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:38.0766 3584 sptd ( LockedFile.Multi.Generic ) - skipped by user
08:49:38.0766 3584 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
08:49:38.0769 3584 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:38.0769 3584 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:38.0772 3584 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:38.0772 3584 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:42.0717 1908 Deinitialize success
|
|
07.10.2012, 09:16
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
07.10.2012, 09:56
| #19 |
| | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Das log von Combofix: Code:
ATTFilter ComboFix 12-10-04.02 - Wolfgang 07.10.2012 10:42:06.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.2007 [GMT 2:00]
ausgeführt von:: c:\users\Standart\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\version.txt
c:\programdata\CB031D1D89.sys
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\users\Standart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
c:\users\Standart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Uninstall Windows Vista Recovery.lnk
c:\users\Standart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Windows Vista Recovery.lnk
c:\users\Standart\AppData\Roaming\Niomd
c:\users\Standart\AppData\Roaming\Niomd\ofoq.owk
c:\users\Wolfgang\AppData\Roaming\inst.exe
c:\windows\IsUn0407.exe
c:\windows\iun6002.exe
c:\windows\system32\muzapp.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-07 bis 2012-10-07 ))))))))))))))))))))))))))))))
.
.
2012-10-07 08:49 . 2012-10-07 08:49 -------- d-----w- c:\users\Wolfgang\AppData\Local\temp
2012-10-07 08:49 . 2012-10-07 08:49 -------- d-----w- c:\users\Wolfgang.Joshua\AppData\Local\temp
2012-10-07 08:49 . 2012-10-07 08:49 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2012-10-07 08:49 . 2012-10-07 08:49 -------- d-----w- c:\users\TEMP.Joshua\AppData\Local\temp
2012-10-07 06:39 . 2012-10-07 06:39 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-05 15:38 . 2012-10-05 15:38 -------- d-----w- C:\_OTL
2012-10-02 10:09 . 2012-10-02 10:09 -------- d-----w- c:\program files\ESET
2012-10-02 10:05 . 2012-10-02 10:05 -------- d-----w- c:\users\Wolfgang.Joshua.000\AppData\Roaming\Avira
2012-10-02 10:02 . 2012-10-02 10:02 -------- d-----w- c:\users\Wolfgang.Joshua.000\AppData\Local\Mozilla
2012-10-02 10:01 . 2012-10-02 11:03 -------- d-----w- c:\users\Wolfgang.Joshua.000\AppData\Local\PasswordSafe
2012-09-29 14:45 . 2012-10-05 15:40 -------- d-----w- c:\users\Standart\AppData\Roaming\Refi
2012-09-29 11:27 . 2012-09-29 11:27 -------- d-----w- c:\users\Standart\AppData\Local\Winamp Toolbar
2012-09-29 08:09 . 2012-09-29 08:09 -------- d-----w- c:\users\Standart\AppData\Roaming\phonostar GmbH
2012-09-29 07:47 . 2012-09-29 07:47 -------- d-----w- c:\users\Standart\AppData\Roaming\streamripper
2012-09-29 07:45 . 2012-09-29 08:05 -------- d-----w- c:\users\Standart\AppData\Roaming\Winamp
2012-09-29 07:43 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-09-29 07:40 . 2012-09-29 07:40 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2012-09-29 07:40 . 2012-09-29 11:44 -------- d-----w- c:\program files\Winamp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-07 15:04 . 2012-04-20 18:07 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-21 15:09 . 2012-08-21 15:09 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-21 15:09 . 2011-06-02 08:18 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-25 16:24 . 2011-07-12 17:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 815104]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-10-04 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-10-04 86016]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-09 348664]
.
c:\users\Wolfgang.Joshua.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Password Safe.lnk - c:\program files\Password Safe\pwsafe.exe [2012-6-21 3825152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Printkey2000.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
backup=c:\windows\pss\Printkey2000.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Wolfgang^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BUFFALO NAS Navigator.lnk]
path=c:\users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator.lnk
backup=c:\windows\pss\BUFFALO NAS Navigator.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-09-18 14:16 171464 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2011-11-29 19:58 935312 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2011-11-29 19:58 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2006-11-05 10:22 221184 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-06-02 09:56 24264488 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
S2 acedrv10;acedrv10;c:\windows\system32\drivers\acedrv10.sys [x]
S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-07 c:\windows\Tasks\1-Klick-Wartung.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 11:45]
.
2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-17 17:06]
.
2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-17 17:06]
.
2012-10-07 c:\windows\Tasks\User_Feed_Synchronization-{2AACFABE-3B33-4DAF-B213-B138ADF0F46B}.job
- c:\windows\system32\msfeedssync.exe [2011-04-17 06:57]
.
2012-10-07 c:\windows\Tasks\User_Feed_Synchronization-{8B064243-A5B6-4219-86F7-5D7CF3E2AFC6}.job
- c:\windows\system32\msfeedssync.exe [2011-04-17 06:57]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
TCP: Interfaces\{2FF582BE-CF30-47B1-892B-CFCD9A4900A2}: NameServer = 192.168.2.1
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Wolfgang.Joshua.000\AppData\Roaming\Mozilla\Firefox\Profiles\0pv0bhrv.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-RunOnce-OTL - c:\users\Standart\Desktop\OTL.exe
MSConfigStartUp-AnyDVD - c:\program files\SlySoft\AnyDVD\AnyDVD.exe
MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
MSConfigStartUp-NokiaMusic FastStart - c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-10-07 10:49
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-10-07 10:52:23
ComboFix-quarantined-files.txt 2012-10-07 08:52
.
Vor Suchlauf: 19 Verzeichnis(se), 22.494.519.296 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 22.215.032.832 Bytes frei
.
- - End Of File - - 656E35314096A82FF70B30213AEDDDB4
|
|
07.10.2012, 18:05
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.10.2012, 20:33
| #21 |
| | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Alles ohne große Probleme erledigt, hier der Scan von GMER: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-07 21:03:07
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM120JI rev.YF100-15
Running: 5hofgytt.exe; Driver: C:\Users\WOLFGA~1.000\AppData\Local\Temp\pwldypow.sys
---- System - GMER 1.0.15 ----
SSDT 900893BE ZwCreateSection
SSDT 900893C8 ZwRequestWaitReplyPort
SSDT 900893C3 ZwSetContextThread
SSDT 900893CD ZwSetSecurityObject
SSDT 900893D2 ZwSystemDebugControl
SSDT 9008935F ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 215 822F08D8 4 Bytes [BE, 93, 08, 90]
.text ntkrnlpa.exe!KeSetEvent + 539 822F0BFC 4 Bytes [C8, 93, 08, 90] {ENTER 0x893, 0x90}
.text ntkrnlpa.exe!KeSetEvent + 56D 822F0C30 4 Bytes [C3, 93, 08, 90]
.text ntkrnlpa.exe!KeSetEvent + 5D1 822F0C94 4 Bytes [CD, 93, 08, 90]
.text ntkrnlpa.exe!KeSetEvent + 619 822F0CDC 4 Bytes [D2, 93, 08, 90]
.text ...
? C:\Windows\System32\Drivers\sptd.sys Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8EE07360, 0x35B8D2, 0xE8000020]
.text USBPORT.SYS!DllUnload 8F86A41B 5 Bytes JMP 8652F538
.reloc C:\Windows\system32\drivers\acehlp10.sys section is executable [0x8F99CB80, 0x37FC7, 0xE0000060]
.text a7bjv531.SYS 8A581000 22 Bytes [82, 83, 21, 82, 6C, 82, 21, ...]
.text a7bjv531.SYS 8A581017 106 Bytes [00, 32, 57, 77, 80, 3D, 55, ...]
.text a7bjv531.SYS 8A581082 74 Bytes [25, 82, F8, AD, 2E, 82, E6, ...]
.text a7bjv531.SYS 8A5810CE 73 Bytes [00, 00, 00, 00, 01, C2, 03, ...]
.text a7bjv531.SYS 8A581118 185 Bytes [3F, 48, 3E, 8A, 3C, CC, 3D, ...]
.text ...
.reloc C:\Windows\system32\drivers\acedrv10.sys section is executable [0xA12FF000, 0x459C1, 0xE0000060]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA1345300, 0x3ACC8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA1388300, 0x1B7E, 0xE8000020]
? C:\Users\WOLFGA~1.000\AppData\Local\Temp\inyafakj.sys Das System kann die angegebene Datei nicht finden. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3128] ntdll.dll!DbgUiRemoteBreakin 77DBCD44 1 Byte [C3]
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3748] USER32.dll!SetWindowLongA 7645E7CD 5 Bytes JMP 616FA2FB C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3748] USER32.dll!SetWindowLongW 764613B4 5 Bytes JMP 616FA28D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3748] USER32.dll!GetWindowInfo 7646428E 5 Bytes JMP 61501BD2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3748] USER32.dll!TrackPopupMenu 764714F3 5 Bytes JMP 6150219D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[4024] ntdll.dll!LdrLoadDll 77D59378 5 Bytes JMP 00F91410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8068261E] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [80681AD4] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [80682748] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [80681B9C] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [80681C1A] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8069729A] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortNotification] 000000DC
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortWritePortUchar] 000000A2
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortWritePortUlong] 00000333
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 000003D8
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 0000024D
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortGetScatterGatherList] 00000201
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortReadPortUchar] 000001EF
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortStallExecution] 0000031F
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortGetParentBusType] 000000A1
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortRequestCallback] 0000025C
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 000003BE
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 00000215
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortCompleteRequest] 000000DD
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortMoveMemory] 00000190
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 00000182
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 00000363
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 00000258
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortReadPortUshort] 0000030E
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 0000017E
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortInitialize] 00000254
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortGetDeviceBase] 0000019E
IAT \SystemRoot\System32\Drivers\a7bjv531.SYS[ataport.SYS!AtaPortDeviceStateChange] 000000AB
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 84B771E8
Device \FileSystem\fastfat \FatCdrom 89997528
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\volmgr \Device\VolMgrControl 84B741E8
Device \Driver\usbuhci \Device\USBPDO-0 8661D530
Device \Driver\usbuhci \Device\USBPDO-1 8661D530
Device \Driver\PCI_NTPNP5717 \Device\00000052 sptd.sys
Device \Driver\usbuhci \Device\USBPDO-2 8661D530
Device \Driver\usbuhci \Device\USBPDO-3 8661D530
Device \Driver\usbehci \Device\USBPDO-4 8660F790
Device \Driver\volmgr \Device\HarddiskVolume1 84B741E8
Device \Driver\volmgr \Device\HarddiskVolume2 84B741E8
Device \Driver\cdrom \Device\CdRom0 8659B1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 84B761E8
Device \Driver\atapi \Device\Ide\IdePort0 84B761E8
Device \Driver\atapi \Device\Ide\IdePort1 84B761E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 84B761E8
Device \Driver\volmgr \Device\HarddiskVolume3 84B741E8
Device \Driver\cdrom \Device\CdRom1 8659B1E8
Device \Driver\volmgr \Device\HarddiskVolume4 84B741E8
Device \Driver\netbt \Device\NetBt_Wins_Export 89294790
Device \Driver\iScsiPrt \Device\RaidPort0 866AC1E8
Device \Driver\usbuhci \Device\USBFDO-0 8661D530
Device \Driver\usbuhci \Device\USBFDO-1 8661D530
Device \Driver\netbt \Device\NetBT_Tcpip_{AA6E897D-42F9-4B33-92E7-8FD5DBE9B426} 89294790
Device \Driver\usbuhci \Device\USBFDO-2 8661D530
Device \Driver\usbuhci \Device\USBFDO-3 8661D530
Device \Driver\usbehci \Device\USBFDO-4 8660F790
Device \Driver\netbt \Device\NetBT_Tcpip_{2FF582BE-CF30-47B1-892B-CFCD9A4900A2} 89294790
Device \Driver\a7bjv531 \Device\Scsi\a7bjv5311Port3Path0Target0Lun0 866CE1E8
Device \Driver\a7bjv531 \Device\Scsi\a7bjv5311 866CE1E8
Device \FileSystem\fastfat \Fat 89997528
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000b0d31c433
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00197ee85f30
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00197ee85f30@0016b812c00f 0x05 0x53 0x03 0x2F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00197ee85f30@c8979f380a2f 0xC6 0x2F 0xE1 0xEB ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00197ee85f30@2c44014b6da1 0x2B 0xD4 0x21 0xBB ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x56 0x4B 0x77 0x8E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x6F 0x47 0x88 0xA4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6D 0x9F 0x1B 0xA1 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000b0d31c433 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00197ee85f30 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00197ee85f30@0016b812c00f 0x05 0x53 0x03 0x2F ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00197ee85f30@c8979f380a2f 0xC6 0x2F 0xE1 0xEB ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00197ee85f30@2c44014b6da1 0x2B 0xD4 0x21 0xBB ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x56 0x4B 0x77 0x8E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x6F 0x47 0x88 0xA4 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6D 0x9F 0x1B 0xA1 ...
---- Files - GMER 1.0.15 ----
File C:\Users\Standart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S6R3HI5P\version[1].xml 243 bytes
File C:\Users\Standart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S6R3HI5P\version[2].htm 2175 bytes
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:08:57 on 07.10.2012 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DModem.cpl" - ? - C:\Windows\system32\DModem.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "iPROSet.cpl" - "Intel Corporation" - C:\Windows\system32\iPROSet.cpl "ISUSPM.cpl" - "InstallShield Software Corporation" - C:\Windows\system32\ISUSPM.cpl "PhysX.cpl" - ? - C:\Windows\system32\PhysX.cpl "stacgui.cpl" - "SigmaTel, Inc." - C:\Windows\system32\stacgui.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "PROSet Tools" - "Intel Corporation" - C:\Windows\System32\iPROSet.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "a7bjv531" (a7bjv531) - "Microsoft Corporation" - C:\Windows\system32\drivers\a7bjv531.sys (Hidden registry entry, rootkit activity | File signed by Microsoft) "acedrv10" (acedrv10) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv10.sys "acehlp10" (acehlp10) - "Protect Software GmbH" - C:\Windows\system32\drivers\acehlp10.sys "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\WOLFGA~1.000\AppData\Local\Temp\catchme.sys (File not found) "inyafakj" (inyafakj) - ? - C:\Users\WOLFGA~1.000\AppData\Local\Temp\inyafakj.sys (Hidden registry entry, rootkit activity | File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "pwldypow" (pwldypow) - ? - C:\Users\WOLFGA~1.000\AppData\Local\Temp\pwldypow.sys (Hidden registry entry, rootkit activity | File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "SBRE" (SBRE) - ? - C:\Windows\system32\drivers\SBREdrv.sys (File not found) "sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys (File is exclusively opened, access blocked) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "StarOpen" (StarOpen) - ? - C:\Windows\system32\drivers\StarOpen.sys (File found, but it contains no detailed information) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {DE902992-61FC-4A01-8091-53E1895C9775} "CDR Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {7AD101F2-0B93-4D66-A1CA-DF73F3C4377B} "CDR preview provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {7FA63AC0-F5BC-4F3B-A9CF-94328D812B62} "CDR Property Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {1462EBAA-96E7-4D93-9A66-0E4068DE4FCF} "CDR Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {DE902994-61FC-4A01-8091-53E1895C9775} "CMX Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {1462EBAC-96E7-4D93-9A66-0E4068DE4FCF} "CMX Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {DE902993-61FC-4A01-8091-53E1895C9775} "CPT Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {7FA63AC1-F5BC-4F3B-A9CF-94328D812B62} "CPT Property Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {1462EBAB-96E7-4D93-9A66-0E4068DE4FCF} "CPT Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson Datei-Manager" - ? - (File not found | COM-object registry key not found) {4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2009\DseShExt-x86.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2009\SDShelEx-win32.dll {44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll (File found, but it contains no detailed information) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} "Zylom Games Player" - "Zylom Games" - C:\ProgramData\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll / hxxp://game.zylom.com/activex/zylomgamesplayer.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@btrez.dll,-4015" - ? - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Wolfgang.Joshua.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Password Safe.lnk" - "SourceForge.net" - C:\Program Files\Password Safe\pwsafe.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Canon BJ Language Monitor MG5200 series" - "CANON INC." - C:\Windows\system32\CNMLMAE.DLL "Canon BJNP Port" - "CANON INC." - C:\Windows\system32\CNMNPPM.DLL "HP Master Monitor" - "Hewlett-Packard" - C:\Windows\system32\HPBMMON.DLL "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll "Redirected Port" - ? - C:\Windows\system32\redmonnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll "@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101" (getPlusHelper) - ? - C:\Program Files\NOS\bin\getPlus_Helper.dll (File not found) "@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Google Update Service (gupdate1c9912216cfd88b)" (gupdate1c9912216cfd88b) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel Corporation" - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe "Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel Corporation" - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-07 21:10:21
-----------------------------
21:10:21.692 OS Version: Windows 6.0.6002 Service Pack 2
21:10:21.692 Number of processors: 2 586 0xF06
21:10:21.693 ComputerName: JOSHUA UserName:
21:10:22.731 Initialize success
21:12:18.223 AVAST engine defs: 12100701
21:12:28.409 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:12:28.411 Disk 0 Vendor: SAMSUNG_HM120JI YF100-15 Size: 114473MB BusType: 3
21:12:28.726 Disk 0 MBR read successfully
21:12:28.729 Disk 0 MBR scan
21:12:28.750 Disk 0 Windows VISTA default MBR code
21:12:28.825 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 86 MB offset 63
21:12:29.002 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 178176
21:12:29.087 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 102097 MB offset 21149696
21:12:29.094 Disk 0 Partition - 00 0F Extended LBA 2048 MB offset 230244352
21:12:29.293 Disk 0 Partition 4 00 DD MSDOS5.0 2047 MB offset 230246400
21:12:29.406 Disk 0 scanning sectors +234438656
21:12:29.993 Disk 0 scanning C:\Windows\system32\drivers
21:13:55.458 Service scanning
21:14:14.986 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
21:14:21.968 Modules scanning
21:14:43.538 Disk 0 trace - called modules:
21:14:43.575 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x84b761e8]<<
21:14:43.581 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d51ac8]
21:14:43.587 3 CLASSPNP.SYS[8a9ab8b3] -> nt!IofCallDriver -> [0x85579898]
21:14:43.592 5 acpi.sys[807a16bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8557b5e0]
21:14:43.598 \Driver\atapi[0x855b3890] -> IRP_MJ_CREATE -> 0x84b761e8
21:14:44.197 AVAST engine scan C:\Windows
21:14:49.699 AVAST engine scan C:\Windows\system32
21:20:41.870 AVAST engine scan C:\Windows\system32\drivers
21:22:25.659 AVAST engine scan C:\Users\Wolfgang.Joshua.000
21:25:37.896 AVAST engine scan C:\ProgramData
21:27:43.453 Scan finished successfully
21:28:23.983 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
21:28:23.989 The log file has been saved successfully to "C:\aswMBR.txt"
|
|
07.10.2012, 20:50
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.10.2012, 17:57
| #23 |
| | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Das ging ein bisschen länger, hier das Malwarebyte log: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.10.08.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Wolfgang :: JOSHUA [Administrator] 08.10.2012 18:11:55 mbam-log-2012-10-08 (20-07-13).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 449463 Laufzeit: 1 Stunde(n), 49 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\TDSSKiller_Quarantine\07.10.2012_08.22.01\tdlfs0000\tsk0003.dta (Rootkit.Agent) -> Keine Aktion durchgeführt. C:\TDSSKiller_Quarantine\07.10.2012_08.22.01\tdlfs0000\tsk0007.dta (Rootkit.Agent) -> Keine Aktion durchgeführt. C:\TDSSKiller_Quarantine\07.10.2012_08.22.01\tdlfs0000\tsk0008.dta (Rootkit.TDSS) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/08/2012 at 11:15 PM
Application Version : 5.6.1008
Core Rules Database Version : 9359
Trace Rules Database Version: 7171
Scan type : Complete Scan
Total Scan Time : 02:59:37
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator (Limited User)
Memory items scanned : 626
Memory threats detected : 0
Registry items scanned : 40708
Registry threats detected : 0
File items scanned : 164317
File threats detected : 220
Adware.Tracking Cookie
C:\Users\Standart\AppData\Roaming\Microsoft\Windows\Cookies\SI8YJBBY.txt [ /doubleclick.net ]
C:\Users\Standart\AppData\Roaming\Microsoft\Windows\Cookies\39QCBKSG.txt [ /fastclick.net ]
C:\Users\Standart\AppData\Roaming\Microsoft\Windows\Cookies\Y4WEY0GB.txt [ /adfarm1.adition.com ]
C:\Users\Standart\AppData\Roaming\Microsoft\Windows\Cookies\P0Y82I7E.txt [ /apmebf.com ]
C:\Users\Standart\AppData\Roaming\Microsoft\Windows\Cookies\WUYBRU67.txt [ /mediaplex.com ]
C:\Users\Standart\AppData\Roaming\Microsoft\Windows\Cookies\HL28GLI7.txt [ /ad1.adfarm1.adition.com ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\220Y312T.txt [ Cookie:standart@doubleclick.net/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y6T30JT8.txt [ Cookie:standart@tracker.vinsight.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\PCSH2ZG7.txt [ Cookie:standart@casalemedia.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\22IQ97XP.txt [ Cookie:standart@adx2.chip.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\G7X11QCL.txt [ Cookie:standart@track.adform.net/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\I541WWZK.txt [ Cookie:standart@www.etracker.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRWU9XOR.txt [ Cookie:standart@www.zanox-affiliate.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y1IW9A35.txt [ Cookie:standart@fl01.ct2.comclick.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\GMLZUN3M.txt [ Cookie:standart@e2.emediate.se/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\E9QKL029.txt [ Cookie:standart@yieldmanager.net/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\QVUKI9MS.txt [ Cookie:standart@ad4.adfarm1.adition.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\HTFCG733.txt [ Cookie:standart@zanox.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\G0S4TXB5.txt [ Cookie:standart@imrworldwide.com/cgi-bin ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\T86WTET1.txt [ Cookie:standart@ru4.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\UGF8U4JG.txt [ Cookie:standart@tribalfusion.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\ME0KW673.txt [ Cookie:standart@rambler.ru/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\3OJRSAEK.txt [ Cookie:standart@tradedoubler.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\T4711FUY.txt [ Cookie:standart@serving-sys.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\5PCZ3UO5.txt [ Cookie:standart@atwola.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\01S5BS2U.txt [ Cookie:standart@fastclick.net/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\LJSPDMS9.txt [ Cookie:standart@ad.mlnadvertising.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\QWHER5KH.txt [ Cookie:standart@ad.yieldmanager.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\0KMGUB71.txt [ Cookie:standart@traffictrack.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\K2JJPUS1.txt [ Cookie:standart@im.banner.t-online.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\OUJBIWA9.txt [ Cookie:standart@ar.atwola.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\UU9P3I5F.txt [ Cookie:standart@bs.serving-sys.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZSVJSLRA.txt [ Cookie:standart@adfarm1.adition.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\VBHK9K6N.txt [ Cookie:standart@atdmt.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\E4RNO1M2.txt [ Cookie:standart@adtech.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\YUGT752H.txt [ Cookie:standart@ad3.adfarm1.adition.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\L68RDC2E.txt [ Cookie:standart@tacoda.at.atwola.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\F44PJT4H.txt [ Cookie:standart@adxpose.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\88N3TOT9.txt [ Cookie:standart@zanox-affiliate.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\5FOMPYWV.txt [ Cookie:standart@eas.apm.emediate.eu/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\XNX0LYTR.txt [ Cookie:standart@collective-media.net/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\93GHYNT6.txt [ Cookie:standart@imedia.cz/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\69PR9NTO.txt [ Cookie:standart@adbrite.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\0CSR5V6P.txt [ Cookie:standart@revsci.net/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\KM6V1KSV.txt [ Cookie:standart@adserver.psinternet.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\EHK4HE25.txt [ Cookie:standart@ad.adnet.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJTDQSDI.txt [ Cookie:standart@ww251.smartadserver.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\0TGGD3O2.txt [ Cookie:standart@adx.chip.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\0G6FIB2P.txt [ Cookie:standart@ad2.adfarm1.adition.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\RGH7PLSH.txt [ Cookie:standart@mediaplex.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\B9BHKKBC.txt [ Cookie:standart@2o7.net/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\CD0SHKUM.txt [ Cookie:standart@webmasterplan.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\TGCLQCOK.txt [ Cookie:standart@ad.dyntracker.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\C0YSGXC8.txt [ Cookie:standart@ad.zanox.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\GEOQWHE0.txt [ Cookie:standart@teufel-media.de/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\LKBQPTM5.txt [ Cookie:standart@ad1.adfarm1.adition.com/ ]
C:\USERS\STANDART\AppData\Roaming\Microsoft\Windows\Cookies\Low\PJM86I24.txt [ Cookie:standart@eliteprospects.com/ ]
C:\USERS\STANDART\Cookies\SI8YJBBY.txt [ Cookie:standart@doubleclick.net/ ]
C:\USERS\STANDART\Cookies\39QCBKSG.txt [ Cookie:standart@fastclick.net/ ]
C:\USERS\STANDART\Cookies\Y4WEY0GB.txt [ Cookie:standart@adfarm1.adition.com/ ]
C:\USERS\STANDART\Cookies\WUYBRU67.txt [ Cookie:standart@mediaplex.com/ ]
C:\USERS\STANDART\Cookies\HL28GLI7.txt [ Cookie:standart@ad1.adfarm1.adition.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\wolfgang@flixbanner.bearshare[1].txt [ Cookie:wolfgang@flixbanner.bearshare.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\wolfgang@questionmarket[1].txt [ Cookie:wolfgang@questionmarket.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\wolfgang@ad.zanox[1].txt [ Cookie:wolfgang@ad.zanox.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\wolfgang@atwola[1].txt [ Cookie:wolfgang@atwola.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\wolfgang@adx.chip[1].txt [ Cookie:wolfgang@adx.chip.de/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\wolfgang@guj.122.2o7[1].txt [ Cookie:wolfgang@guj.122.2o7.net/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\wolfgang@as1.falkag[1].txt [ Cookie:wolfgang@as1.falkag.de/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@serving-sys[2].txt [ Cookie:wolfgang@serving-sys.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@divx.adbureau[2].txt [ Cookie:wolfgang@divx.adbureau.net/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@statse.webtrendslive[2].txt [ Cookie:wolfgang@statse.webtrendslive.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@adopt.euroclick[2].txt [ Cookie:wolfgang@adopt.euroclick.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@www.etracker[1].txt [ Cookie:wolfgang@www.etracker.de/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@euros4click[1].txt [ Cookie:wolfgang@euros4click.de/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@ad.zanox[2].txt [ Cookie:wolfgang@ad.zanox.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@zanox[1].txt [ Cookie:wolfgang@zanox.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@ehg-idg.hitbox[1].txt [ Cookie:wolfgang@ehg-idg.hitbox.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@partners.webmasterplan[2].txt [ Cookie:wolfgang@partners.webmasterplan.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@tradedoubler[1].txt [ Cookie:wolfgang@tradedoubler.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@mediavantage[1].txt [ Cookie:wolfgang@mediavantage.de/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@eas.apm.emediate[2].txt [ Cookie:wolfgang@eas.apm.emediate.eu/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@imrworldwide[2].txt [ Cookie:wolfgang@imrworldwide.com/cgi-bin ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@ad.yieldmanager[1].txt [ Cookie:wolfgang@ad.yieldmanager.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@divx.112.2o7[1].txt [ Cookie:wolfgang@divx.112.2o7.net/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@indextools[1].txt [ Cookie:wolfgang@indextools.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@as1.falkag[1].txt [ Cookie:wolfgang@as1.falkag.de/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@komtrack[2].txt [ Cookie:wolfgang@komtrack.com/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@adtech[2].txt [ Cookie:wolfgang@adtech.de/ ]
C:\USERS\WOLFGANG\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@pro-market[2].txt [ Cookie:wolfgang@pro-market.net/ ]
C:\USERS\WOLFGANG\Cookies\wolfgang@flixbanner.bearshare[1].txt [ Cookie:wolfgang@flixbanner.bearshare.com/ ]
C:\USERS\WOLFGANG\Cookies\wolfgang@questionmarket[1].txt [ Cookie:wolfgang@questionmarket.com/ ]
C:\USERS\WOLFGANG\Cookies\wolfgang@ad.zanox[1].txt [ Cookie:wolfgang@ad.zanox.com/ ]
C:\USERS\WOLFGANG\Cookies\wolfgang@atwola[1].txt [ Cookie:wolfgang@atwola.com/ ]
C:\USERS\WOLFGANG\Cookies\wolfgang@adx.chip[1].txt [ Cookie:wolfgang@adx.chip.de/ ]
C:\USERS\WOLFGANG\Cookies\wolfgang@guj.122.2o7[1].txt [ Cookie:wolfgang@guj.122.2o7.net/ ]
C:\USERS\WOLFGANG\Cookies\wolfgang@as1.falkag[1].txt [ Cookie:wolfgang@as1.falkag.de/ ]
C:\USERS\WOLFGANG.JOSHUA\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@www.active-tracking[1].txt [ Cookie:wolfgang@www.active-tracking.de/ ]
C:\USERS\WOLFGANG.JOSHUA\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@ad.yieldmanager[2].txt [ Cookie:wolfgang@ad.yieldmanager.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\7EJ2XW9F.txt [ Cookie:wolfgang@ad2.adfarm1.adition.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\HV7UNY31.txt [ Cookie:wolfgang@adfarm1.adition.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\I2VYQLD4.txt [ Cookie:wolfgang@ad2.adfarm1.adition.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@2o7[1].txt [ Cookie:wolfgang@2o7.net/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\2HS1A2GC.txt [ Cookie:wolfgang@adfarm1.adition.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@atdmt[2].txt [ Cookie:wolfgang@atdmt.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@ad.adnet[1].txt [ Cookie:wolfgang@ad.adnet.de/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\13FSD5NH.txt [ Cookie:wolfgang@zanox.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@smartadserver[2].txt [ Cookie:wolfgang@smartadserver.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@tracking.quisma[1].txt [ Cookie:wolfgang@tracking.quisma.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@tradedoubler[1].txt [ Cookie:wolfgang@tradedoubler.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\wolfgang@ww251.smartadserver[1].txt [ Cookie:wolfgang@ww251.smartadserver.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\IYVOKCZ6.txt [ Cookie:wolfgang@tracking.mlsat02.de/tmobile/ ]
C:\USERS\WOLFGANG.JOSHUA.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\EPT11BSA.txt [ Cookie:wolfgang@webmasterplan.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\Cookies\7EJ2XW9F.txt [ Cookie:wolfgang@ad2.adfarm1.adition.com/ ]
C:\USERS\WOLFGANG.JOSHUA.000\Cookies\HV7UNY31.txt [ Cookie:wolfgang@adfarm1.adition.com/ ]
cdn1.static.youporn.phncdn.com [ C:\USERS\STANDART\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TSJ38KNE ]
core.saymedia.com [ C:\USERS\STANDART\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TSJ38KNE ]
s0.2mdn.net [ C:\USERS\STANDART\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\TSJ38KNE ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@AD.ANW[2].TXT [ /AD.ANW ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@IM.BANNER.T-ONLINE[1].TXT [ /IM.BANNER.T-ONLINE ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@HMT.CONNEXPROMOTIONS[2].TXT [ /HMT.CONNEXPROMOTIONS ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@AD.UK.TANGOZEBRA[1].TXT [ /AD.UK.TANGOZEBRA ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@WWW.ZANOX-AFFILIATE[1].TXT [ /WWW.ZANOX-AFFILIATE ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\WOLFGANG@PERF.OVERTURE[1].TXT [ /PERF.OVERTURE ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\WOLFGANG@ADSERVER.71I[1].TXT [ /ADSERVER.71I ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\WOLFGANG@AD.71I[1].TXT [ /AD.71I ]
C:\USERS\WOLFGANG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\WOLFGANG@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
statse.webtrendslive.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
bridge1.admarketplace.net [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.admarketplace.net [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
findmyhood.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.advertise.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
www.usenext.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
go.dynamic-tracking.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.usenext.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.vinvest.122.2o7.net [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.tracking.3gnet.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.www.traffictrack.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.kaspersky.122.2o7.net [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
n-traffic.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.bizzclick.com [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\WOLFGANG.JOSHUA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LWW4YSG.DEFAULT\COOKIES.SQLITE ]
C:\USERS\WOLFGANG.JOSHUA.000\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\WOLFGANG@AD4.ADFARM1.ADITION[1].TXT [ /AD4.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[1].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[1].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[1].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[2].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@VIDEOEGG.ADBUREAU[2].TXT [ /VIDEOEGG.ADBUREAU ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA6DEGREES[2].TXT [ /MEDIA6DEGREES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.ZANOX[1].TXT [ /AD.ZANOX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ZANOX[1].TXT [ /ZANOX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[1].TXT [ /BIZZCLICK ]
Trojan.Agent/Gen-RogueAV
C:\PROGRAM FILES\AGEIA TECHNOLOGIES\V2.4.1\NXCOOKING.DLL
 Kann es denn sein das mein I-Explorer zerschossen ist und ich den neu installieren muss ? Der tut immer noch nicht so wie er soll. LG Wolfgang |
|
09.10.2012, 19:06
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Nur Cookies, wahrscheinlich ein Fehlalarm und isolierte Elemente in der Q vom TDSS-Killer wurden gefunden Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.10.2012, 19:58
| #25 |
| | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Hat sich erledigt, ich hab auf die Version 7 downgegradet und jetzt klappt alles. Nun muss ich nur noch wieder updaten und dann sollte alles laufen. Vermute die Version 9 hat einen Schuss bekommen... Mein System ist nun wohl sauber ?  Tolle Arbeit ! LG Wolfgang |
|
09.10.2012, 20:19
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf IE7 ist keine Option! Das Teil ist zu alt! Installiere den IE9 wieder und schau ob sich dadurch der IE wieder glattgezogen hat
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2012, 06:37
| #27 |
| | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Ist schon klar, bin auch - voerst übergangsweise- umgestiegen auf Chrome bzw. Firefox. |
|
10.10.2012, 12:38
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Auch wenn du einen anderen Browser verwendest muss der IE so aktuell wie möglich sein! Der IE ist einfach zu tief im Betriebssystem drin, daher ist ein uralter IE7 keine Option!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2012, 19:05
| #29 |
| | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Alles erledigt ! Internet Explorer 9 erfolgreich installiert... |
|
11.10.2012, 11:42
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf Und der funzt jetzt auch? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Kein Zugang zu Antivirensoftware mehr, I-Explorer hängt sich auf |
| aufrufe, autorun, avg, avira, bho, browser, conduit, defender, dllhost.exe, explorer, firefox, format, ftp, google, home, hängt, internet, internet explorer, logfile, mozilla, plug-in, problem, registry, rundll, scan, schannel.dll, security, software, sweetim, temp, vista |
Linear-Darstellung
