| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: In jedem Textfeld erscheinen ständig unendlich viele *x*Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.10.2012, 10:04
| #46 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  In jedem Textfeld erscheinen ständig unendlich viele *x* Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es bitte nochmal.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.10.2012, 18:18
| #47 |
 | In jedem Textfeld erscheinen ständig unendlich viele *x* Combofix.exe funktioniert nicht mehr?? Alles gemacht wie beschrieben!! Combofix gestartet, beginnt und das wars, Curser blinkt aber es passiert Stundenlang absolut nichts!! Rechner manuell neu gestartet, Symbol Combofix.exe ist verschwunden! :O Und was nun? PC startet und läuft normal...
__________________Code:
ATTFilter Kannst du das auch mal bitte durchschauen?!
Advanced SystemCare Diagnosebericht v1.0
Datum: 2012.10.18 19:48:03
----------------------------------
01 - Betriebssystem
----------------------------------
0101 - Betriebssystem : Windows 7 Home Premium 32-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120830-0333)
0102 - Sprache : German (Regional Setting: German)
0103 - BIOS : Default System BIOS
0104 - Prozessor : Pentium(R) Dual-Core CPU T4500 @ 2.30GHz (2 CPUs), ~2.3GHz
0105 - Speicher : 4096MB RAM
0106 - Verfügbarer BS Speicher : 3328MB RAM
0107 - Page File : 3474MB used, 3178MB available
0108 - Windows Dir : C:\Windows
0109 - DirectX Version : DirectX 11
0110 - DX Setup Parameter : Not found
0111 - DPI Einstellungen: Nutzer: 96 DPI (100 percent)
0112 - DPI Einstellungen: System: 120 DPI (125 percent)
0113 - DWM DPI Skalierung : Disabled
0114 - DxDiag Version : 6.01.7601.17514
----------------------------------
02 - Prozessor
----------------------------------
0201 - Überschrift : Pentium(R) Dual-Core CPU T4500 @ 2.30GHz x2 ~2300MHz
0202 - Jetzige Taktfrequenz : 2300MHz
0203 - L1-Cache : 64,00 KB
0204 - L2-Cache : 1,00 MB
----------------------------------
03 - Videoadapter
----------------------------------
0301 - Kartenname : NVIDIA GeForce 9100M G
0302 - Hedrsteller : NVIDIA
0303 - Chip Typ : GeForce 9100M G
0304 - DAC Typ : Integrated RAMDAC
0305 - Geräteschlüssel : Enum\PCI\VEN_10DE&DEV_086E&SUBSYS_76211462&REV_B1
0306 - Speicher anzeigen : 1647 MB
0307 - AdapterRAM : 256,00 MB
0308 - Jetziger Modus : 1920 x 1080 (32 bit) (60Hz)
0309 - Monitorname : PnP-Monitor (Standard)
0310 - Treibername : nvd3dum.dll,nvwgf2um.dll,nvwgf2um.dll
0311 - Treiberversion : 8.17.0012.6658
0312 - Treiber Sprache : English
0313 - DDI Version : 10
0314 - Treiber Model : WDDM 1.1
0315 - Treiber Beta : False
0316 - Treiber Debug : False
0317 - Treiberdatum : 1/8/2011 05:27:00
0318 - Treibergröße : 10078312
0319 - VDD : Nicht zutreffend
0320 - Mini VDD : Nicht zutreffend
0321 - Mini VDD Datum : n/a
0322 - Mini VDD Größe : 0
0323 - Geräteidntifikation : {D7B71E3E-4B2E-11CF-D06D-2D560FC2C535}
0324 - Anbieter ID : 0x10DE
0325 - Geräte ID : 0x086E
0326 - SubSys ID : 0x76211462
0327 - Revision ID : 0x00B1
0328 - Driver Strong Name : oem139.inf:NVIDIA_SetA_Devices.NTx86.6.1:Section012:8.17.12.6658:pci\ven_10de&dev_086e&subsys_76211462
0329 - Rank of Driver : 00E60001
0330 - Video Beschleunigung : ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C
0331 - Deinterlace Caps : {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
0332 - D3D9 Overlay : Supported
0333 - DXVA-HD : Supported
0334 - DDraw Status : Enabled
0335 - D3D Status : Enabled
0336 - ABG Status : Enabled
0337 - Bemerkungen : No problems found.
0338 - OpenGL : 6.1.7600.16385 (win7_rtm.090713-1255)
----------------------------------
04 - Speicher
----------------------------------
0401 - Gesamtspeicher : 3,25 GB
0402 - Freier Speicher : 787,83 MB
0403 - Pagefile gesamt : 6,50 GB
0404 - Pagefile frei : 3,10 GB
0405 - Bank Label : BANK0
0406 - Geschwindigkeit : 4199 MHz
0407 - Gesamtbreite : 64 Bits
0408 - Kapazität : 2,00 GB
0405 - Bank Label : BANK2
0406 - Geschwindigkeit : 4199 MHz
0407 - Gesamtbreite : 64 Bits
0408 - Kapazität : 2,00 GB
----------------------------------
05 - Netzwerk
----------------------------------
0501 - Beschreibung : Realtek PCIe GBE Family Controller
0502 - Treiberdatum : 6-10-2011
0503 - Treiberversion : 7.46.610.2011
0501 - Beschreibung : Bluetooth PAN Network Adapter
0502 - Treiberdatum : 3-5-2007
0503 - Treiberversion : 6.0.12.56
----------------------------------
06 - Mainboard
----------------------------------
0601 - Model : MS-7621
0602 - Hedrsteller : MEDIONPC
----------------------------------
07 - Soung-Gerät
----------------------------------
0701 - Beschreibung : Lautsprecher (Realtek High Definition Audio)
0702 - Sound-Playback voreingestellt: True
0703 - Stimm-Playback voreingestellt: True
0704 - Hardware ID : HDAUDIO\FUNC_01&VEN_10EC&DEV_0889&SUBSYS_14627621&REV_1000
0705 - Hersteller ID : 1
0706 - Produkt ID : 100
0707 - Typ : WDM
0708 - Treibername : RTKVHDA.sys
0709 - Treiberversion : 6.00.0001.5978
0710 - Treiberattribute : Final Retail
0711 - Datum und Größe : 11/10/2009 20:43:32
0713 - Treiberanbieter : Realtek Semiconductor Corp.
0714 - Min./Max. Sampl-Rate : 4642746, 4642746
0715 - Static/Strm HW Mix Puffer: 4642746, 4642746
0716 - Static/Strm HW 3D Puffer : 4642746, 4642746
0717 - HW Speicher : 4642754
0718 - Stimm-Management : False
0719 - EAX (tm) 2.0 Listen/Src : False, False
0720 - I3DL2(tm) Listen/Src : False, False
0721 - Bemerkungen : No problems found.
0701 - Beschreibung : Lautsprecher (Bluetooth SCO Audio)
0702 - Sound-Playback voreingestellt: False
0703 - Stimm-Playback voreingestellt: False
0704 - Hardware ID : {F12D3CF8-B11D-457e-8641-BE2AF2D6D204}\BLUELETSCOAUDIO
0705 - Hersteller ID : 1
0706 - Produkt ID : 100
0707 - Typ : WDM
0708 - Treibername : BlueletSCOAudio.sys
0709 - Treiberversion : 6.00.0015.0063
0710 - Treiberattribute : Final Retail
0711 - Datum und Größe : 6/24/2007 21:56:40
0713 - Treiberanbieter : IVT Corporation
0714 - Min./Max. Sampl-Rate : 4642746, 4642746
0715 - Static/Strm HW Mix Puffer: 4642746, 4642746
0716 - Static/Strm HW 3D Puffer : 4642746, 4642746
0717 - HW Speicher : 4642754
0718 - Stimm-Management : False
0719 - EAX (tm) 2.0 Listen/Src : False, False
0720 - I3DL2(tm) Listen/Src : False, False
0721 - Bemerkungen : No problems found.
0701 - Beschreibung : Realtek Digital Output (Realtek High Definition Audio)
0702 - Sound-Playback voreingestellt: False
0703 - Stimm-Playback voreingestellt: False
0704 - Hardware ID : HDAUDIO\FUNC_01&VEN_10EC&DEV_0889&SUBSYS_14627621&REV_1000
0705 - Hersteller ID : 1
0706 - Produkt ID : 100
0707 - Typ : WDM
0708 - Treibername : RTKVHDA.sys
0709 - Treiberversion : 6.00.0001.5978
0710 - Treiberattribute : Final Retail
0711 - Datum und Größe : 11/10/2009 20:43:32
0713 - Treiberanbieter : Realtek Semiconductor Corp.
0714 - Min./Max. Sampl-Rate : 4642746, 4642746
0715 - Static/Strm HW Mix Puffer: 4642746, 4642746
0716 - Static/Strm HW 3D Puffer : 4642746, 4642746
0717 - HW Speicher : 4642754
0718 - Stimm-Management : False
0719 - EAX (tm) 2.0 Listen/Src : False, False
0720 - I3DL2(tm) Listen/Src : False, False
0721 - Bemerkungen : No problems found.
----------------------------------
08 - Festplatte
----------------------------------
0801 - Model : WDC WD10 EARS-00Y5B1 SCSI Disk Device(Western Digital)
0802 - Medientyp : Fixed hard disk media
0803 - Größe : 931,51 GB
0804 - Schnittstellentyp : Serial ATA
0805 - Treiberdatum : 6-21-2006
0806 - Treiberversion : 6.1.7600.16385
0807 - Überschrift : C:\
0808 - Kapazität : 910,41 GB
0809 - Freier Speicher : 583,94 GB
0810 - Laufwerktyp : 3-Fest
0811 - Dateisystem : NTFS
0807 - Überschrift : D:\
0808 - Kapazität : 20,00 GB
0809 - Freier Speicher : 10,35 GB
0810 - Laufwerktyp : 3-Fest
0811 - Dateisystem : NTFS
----------------------------------
09 - Prozess
----------------------------------
0901 - 0000 Idle 0 0 0
0901 - 0004 System 0 0 0
0901 - 013c smss.exe 0 0 0 normal C:\Windows\system32
0901 - 01d0 csrss.exe 0 0 0 normal C:\Windows\system32
0901 - 0224 wininit.exe 0 0 0 high C:\Windows\system32
0901 - 0230 csrss.exe 1 174 83 normal C:\Windows\system32
0901 - 0258 services.exe 0 0 0 normal C:\Windows\system32
0901 - 026c lsass.exe 0 0 0 normal C:\Windows\system32
0901 - 0274 lsm.exe 0 0 0 normal C:\Windows\system32
0901 - 02d8 svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 0310 ascsvc.exe 0 0 0 high C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 0328 winlogon.exe 1 7 0 high C:\Windows\system32
0901 - 03c8 svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 0418 svchost.exe 0 0 0 normal C:\Windows\System32
0901 - 0454 svchost.exe 0 0 0 normal C:\Windows\System32
0901 - 0478 svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 0528 svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 0550 svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 05b4 AvastSvc.exe 0 0 0 normal C:\Program Files\AVAST Software\Avast
0901 - 0628 spoolsv.exe 0 0 0 normal C:\Windows\System32
0901 - 06b4 Dwm.exe 1 17 2 high C:\Windows\system32
0901 - 06cc taskhost.exe 1 83 40 normal C:\Windows\system32
0901 - 07d8 Explorer.EXE 1 285 206 normal C:\Windows
0901 - 01b0 svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 021c IMFsrv.exe 0 0 0 normal C:\Program Files\IObit\IObit Malware Fighter
0901 - 0414 GoogleCrashHandler.exe 0 0 0 idle C:\Program Files\Google\Update\1.3.21.123
0901 - 06a4 aavus.exe 0 0 0 normal C:\Program Files\AAVUpdateManager
0901 - 0794 schedul2.exe 0 0 0 normal C:\Program Files\Common Files\Acronis\Schedule2
0901 - 073c armsvc.exe 0 0 0 normal C:\Program Files\Common Files\Adobe\ARM\1.0
0901 - 0688 schedhlp.exe 1 9 4 normal C:\Program Files\Common Files\Acronis\Schedule2
0901 - 0804 SeaPort.EXE 0 0 0 normal C:\Program Files\Microsoft\BingBar
0901 - 0830 BTNtService.exe 0 0 0 high C:\Program Files\IVT Corporation\BlueSoleil
0901 - 0864 NServiceEntry.exe 0 0 0 normal C:\Program Files\Motorola Media Link
0901 - 0884 svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 08a8 fbguard.exe 0 0 0 normal C:\Program Files\Firebird\Firebird_2_1\bin
0901 - 08d4 PresentationFontCache.exe 0 0 0 normal C:\Windows\Microsoft.Net\Framework\v3.0\WPF
0901 - 092c IGDCTRL.EXE 0 0 0 normal C:\Program Files\FRITZ!DSL
0901 - 094c IJPLMSVC.EXE 0 0 0 normal C:\Program Files\Canon\IJPLM
0901 - 096c MotoHelperService.exe 0 0 0 normal C:\Program Files\Motorola Mobility\Motorola Device Manager
0901 - 09e8 PassThruSvr.exe 0 0 0 normal C:\Program Files\HTC\Internet Pass-Through
0901 - 0a10 PDAgent.exe 0 0 0 normal C:\Program Files\Raxco\PerfectDisk10
0901 - 0a5c ForwardDaemon.exe 0 0 0 normal C:\Program Files\Motorola\MotForwardDaemon
0901 - 0a84 RichVideo.exe 0 0 0 normal C:\Program Files\CyberLink\Shared files
0901 - 0aa8 PSIA.exe 0 0 0 normal C:\Program Files\Secunia\PSI
0901 - 0ab0 MotoHelperAgent.exe 1 19 21 normal C:\Program Files\Motorola Mobility\Motorola Device Manager
0901 - 0af0 c2c_service.exe 0 0 0 normal C:\ProgramData\Skype\Toolbars\Skype C2C Service
0901 - 0b40 StartSkysolSvc.exe 0 0 0 normal C:\Program Files\IVT Corporation\BlueSoleil
0901 - 0b60 svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 0b80 TomTomHOMEService.exe 0 0 0 normal C:\Program Files\TomTom HOME 2
0901 - 0ba4 svchost.exe 0 0 0 normal C:\Windows\System32
0901 - 0c44 WLIDSVC.EXE 0 0 0 normal C:\Program Files\Common Files\Microsoft Shared\Windows Live
0901 - 0c60 WMI_Hook_Service.exe 0 0 0 normal C:\Program Files\msi\OSD hot keys
0901 - 0c98 YahooAUService.exe 0 0 0 normal C:\Program Files\Yahoo!\SoftwareUpdate
0901 - 0d04 SDWinSec.exe 0 0 0 normal C:\Program Files\Spybot - Search & Destroy
0901 - 0e70 WLIDSvcM.exe 0 0 0 normal C:\Program Files\Common Files\Microsoft Shared\Windows Live
0901 - 0f0c CLMLSvc.exe 1 15 6 normal C:\Program Files\CyberLink\Power2Go
0901 - 0f14 RtHDVCpl.exe 1 54 20 normal C:\Program Files\Realtek\Audio\HDA
0901 - 0f24 pptd40nt.exe 1 13 4 normal C:\Program Files\ScanSoft\PaperPort
0901 - 0f48 wmdc.exe 1 9 3 normal C:\Windows\WindowsMobile
0901 - 0f6c BJMYPRT.EXE 1 18 13 normal C:\Program Files\Canon\MyPrinter
0901 - 0f7c CNSEMAIN.EXE 1 115 23 normal C:\Program Files\Canon\Solution Menu EX
0901 - 0c2c svchost.exe 0 0 0 normal C:\Windows\system32
0901 - 1044 SearchIndexer.exe 0 0 0 normal C:\Windows\system32
0901 - 10a0 fbserver.exe 0 0 0 normal C:\Program Files\Firebird\Firebird_2_1\bin
0901 - 115c PDAgentS1.exe 1 9 4 normal C:\Program Files\Raxco\PerfectDisk10
0901 - 1208 unsecapp.exe 0 0 0 normal C:\Windows\system32\wbem
0901 - 1210 AvastUI.exe 1 141 44 normal C:\Program Files\AVAST Software\Avast
0901 - 12f4 wmiprvse.exe 0 0 0 normal C:\Windows\system32\wbem
0901 - 1370 adm_tray.exe 1 25 10 normal C:\Program Files\Acronis\DriveMonitor
0901 - 13d4 wmpnetwk.exe 0 0 0 normal C:\Program Files\Windows Media Player
0901 - 1498 jusched.exe 1 9 2 normal C:\Program Files\Common Files\Java\Java Update
0901 - 14b0 sidebar.exe 1 115 181 normal C:\Program Files\Windows Sidebar
0901 - 155c KiesPDLR.exe 1 10 13 normal C:\Program Files\Samsung\Kies\External\FirmwareUpdate
0901 - 15bc Kies.exe 1 9 8 normal C:\Program Files\Samsung\Kies
0901 - 15e0 svchost.exe 0 0 0 normal C:\Windows\System32
0901 - 16a0 ASCTray.exe 1 76 56 normal C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 16e8 StCenter.exe 1 217 72 normal C:\Program Files\FRITZ!DSL
0901 - 1700 Dropbox.exe 1 55 30 normal C:\Users\zr7driver\AppData\Roaming\Dropbox\bin
0901 - 1714 FritzDsl.exe 1 158 40 normal C:\Program Files\FRITZ!DSL
0901 - 1738 FwebProt.exe 1 509 169 normal C:\Program Files\FRITZ!DSL
0901 - 1768 BlueSoleil.exe 1 96 52 high C:\Program Files\IVT Corporation\BlueSoleil
0901 - 1444 sua.exe 0 0 0 normal C:\Program Files\Secunia\PSI
0901 - 14d8 BlueSoleil VoIP Plugin.exe 1 16 27 normal C:\Program Files\IVT Corporation\BlueSoleil
0901 - 0094 IMF.exe 1 1759 227 normal C:\Program Files\IObit\IObit Malware Fighter
0901 - 00c4 DllHost.exe 0 0 0 normal C:\Windows\system32
0901 - 1e6c InputPersonalization.exe 1 9 5 below normal C:\Program Files\Common Files\Microsoft Shared\Ink
0901 - 1ec4 FABS.exe 0 0 0 normal C:\Program Files\Common Files\MAGIX Services\Database\bin
0901 - 0c18 WISPTIS.EXE 1 431 165 high C:\Windows\SYSTEM32
0901 - 0e64 chrome.exe 1 152 79 normal C:\Program Files\Google\Chrome\Application
0901 - 0dc0 chrome.exe 1 14 4 normal C:\Program Files\Google\Chrome\Application
0901 - 1964 chrome.exe 1 9 1 normal C:\Program Files\Google\Chrome\Application
0901 - 1aa8 chrome.exe 1 10 1 normal C:\Program Files\Google\Chrome\Application
0901 - 1ab8 chrome.exe 1 12 1 normal C:\Program Files\Google\Chrome\Application
0901 - 1a9c chrome.exe 1 10 1 normal C:\Program Files\Google\Chrome\Application
0901 - 1a88 chrome.exe 1 10 1 normal C:\Program Files\Google\Chrome\Application
0901 - 1ae4 chrome.exe 1 12 1 normal C:\Program Files\Google\Chrome\Application
0901 - 1ae0 chrome.exe 1 10 1 normal C:\Program Files\Google\Chrome\Application
0901 - 0e3c chrome.exe 1 499 1 normal C:\Program Files\Google\Chrome\Application
0901 - 0854 chrome.exe 1 11 8 normal C:\Program Files\Google\Chrome\Application
0901 - 0720 chrome.exe 1 546 1 normal C:\Program Files\Google\Chrome\Application
0901 - 0334 chrome.exe 1 164 1 below normal C:\Program Files\Google\Chrome\Application
0901 - 0d78 chrome.exe 1 241 1 normal C:\Program Files\Google\Chrome\Application
0901 - 1998 audiodg.exe 0 0 0
0901 - 0b48 Asc.exe 1 1734 297 normal C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 05bc ToolBox.exe 1 403 107 normal C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 19a4 chrome.exe 1 20 1 normal C:\Program Files\Google\Chrome\Application
0901 - 0ef4 taskeng.exe 1 9 3 normal C:\Windows\system32
0901 - 0824 svchost.exe 0 0 0 normal C:\Windows\System32
0901 - 1740 Sus10_SysExplorer.exe 1 102 49 normal C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 1924 wmiprvse.exe 0 0 0 normal C:\Windows\system32\wbem
----------------------------------
10 - Dienst
----------------------------------
1001 - AAV UpdateService - ["C:\Program Files\AAVUpdateManager\aavus.exe"]
1001 - Acronis Scheduler2 Service - ["C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe"]
1001 - Adobe Acrobat Update Service - ["C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"]
1001 - Advanced SystemCare Service 5 - [C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013\ascsvc.exe]
1001 - Anwendungserfahrung - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Anwendungsinformationen - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Windows-Audio-Endpunkterstellung - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Windows-Audio - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - avast! Antivirus - ["C:\Program Files\AVAST Software\Avast\AvastSvc.exe"]
1001 - BBUpdate - ["C:\Program Files\Microsoft\BingBar\SeaPort.EXE"]
1001 - Basisfiltermodul - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]
1001 - Intelligenter Hintergrundübertragungsdienst - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - BlueSoleil Hid Service - [C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe]
1001 - Computerbrowser - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Kryptografiedienste - [C:\Windows\system32\svchost.exe -k NetworkService]
1001 - DeviceMonitorService - ["C:\Program Files\Motorola Media Link\NServiceEntry.exe"]
1001 - DHCP-Client - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - DNS-Client - [C:\Windows\system32\svchost.exe -k NetworkService]
1001 - Extensible Authentication-Protokoll - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - Windows-Ereignisprotokoll - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - COM+-Ereignissystem - [C:\Windows\system32\svchost.exe -k LocalService]
1001 - Funktionssuchanbieter-Host - [C:\Windows\system32\svchost.exe -k LocalService]
1001 - Funktionssuche-Ressourcenveröffentlichung - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Firebird Guardian - DefaultInstance - ["C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe" -s DefaultInstance]
1001 - Firebird Server - DefaultInstance - ["C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe" -s DefaultInstance]
1001 - Windows-Dienst für Schriftartencache - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Windows Presentation Foundation-Schriftartcache 3.0.0.0 - [C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe]
1001 - Zugriff auf Eingabegeräte - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Heimnetzgruppen-Listener - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Heimnetzgruppen-Anbieter - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - AVM IGD CTRL Service - ["C:\Program Files\FRITZ!DSL\IGDCTRL.EXE"]
1001 - Canon Inkjet Printer/Scanner/Fax Extended Survey Program - [C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE]
1001 - IKE- und AuthIP IPsec-Schlüsselerstellungsmodule - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - IMF Service - [C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe]
1001 - PnP-X-IP-Busenumerator - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - IP-Hilfsdienst - [C:\Windows\System32\svchost.exe -k NetSvcs]
1001 - CNG-Schlüsselisolation - [C:\Windows\system32\lsass.exe]
1001 - Server - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Arbeitsstationsdienst - [C:\Windows\System32\svchost.exe -k NetworkService]
1001 - TCP/IP-NetBIOS-Hilfsdienst - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - Multimediaklassenplaner - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Motorola Device Manager Service - [C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe]
1001 - Windows-Firewall - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]
1001 - Netzwerkverbindungen - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Netzwerklistendienst - [C:\Windows\System32\svchost.exe -k LocalService]
1001 - NLA (Network Location Awareness) - [C:\Windows\System32\svchost.exe -k NetworkService]
1001 - Netzwerkspeicher-Schnittstellendienst - [C:\Windows\system32\svchost.exe -k LocalService]
1001 - Peernetzwerkidentitäts-Manager - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]
1001 - Peernetzwerk-Gruppenzuordnung - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]
1001 - Internet Pass-Through Service - [C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe]
1001 - Programmkompatibilitäts-Assistent-Dienst - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - PDAgent - ["C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe"]
1001 - Plug & Play - [C:\Windows\system32\svchost.exe -k DcomLaunch]
1001 - Peer Name Resolution-Protokoll - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]
1001 - Stromversorgung - [C:\Windows\system32\svchost.exe -k DcomLaunch]
1001 - Benutzerprofildienst - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - PST Service - [C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe]
1001 - Windows Mobile-basierte Geräteverbindungen - [C:\Windows\system32\svchost.exe -k WindowsMobile]
1001 - RAS-Verbindungsverwaltung - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - Cyberlink RichVideo Service(CRVS) - ["C:\Program Files\CyberLink\Shared files\RichVideo.exe"]
1001 - Sicherheitskonto-Manager - [C:\Windows\system32\lsass.exe]
1001 - SBSD Security Center Service - [C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe]
1001 - Sekundäre Anmeldung - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Secunia PSI Agent - ["C:\Program Files\Secunia\PSI\PSIA.exe" --start-service]
1001 - Secunia Update Agent - ["C:\Program Files\Secunia\PSI\sua.exe" --start-service]
1001 - Shellhardwareerkennung - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - Skype C2C Service - ["C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"]
1001 - Druckwarteschlange - [C:\Windows\System32\spoolsv.exe]
1001 - SSDP-Suche - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]
1001 - SSTP-Dienst - [C:\Windows\system32\svchost.exe -k LocalService]
1001 - Start BT in service - [C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe]
1001 - Windows-Bilderfassung (WIA) - [C:\Windows\system32\svchost.exe -k imgsvc]
1001 - Superfetch - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Telefonie - [C:\Windows\System32\svchost.exe -k NetworkService]
1001 - Designs - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - TomTomHOMEService - [C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe]
1001 - Überwachung verteilter Verknüpfungen (Client) - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - UPnP-Gerätehost - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Sitzungs-Manager für Desktopfenster-Manager - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Windows Mobile 2003-basierte Gerätekonnektivität - [C:\Windows\system32\svchost.exe -k WindowsMobile]
1001 - Windows-Fehlerberichterstattungsdienst - [C:\Windows\System32\svchost.exe -k WerSvcGroup]
1001 - Windows Defender - [C:\Windows\System32\svchost.exe -k secsvcs]
1001 - Windows-Verwaltungsinstrumentation - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Automatische WLAN-Konfiguration - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Windows Live ID Sign-in Assistant - ["C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"]
1001 - WMI_Hook_Service - ["C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe"]
1001 - Windows Media Player-Netzwerkfreigabedienst - ["C:\Program Files\Windows Media Player\wmpnetwk.exe"]
1001 - Sicherheitscenter - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - Windows Search - [C:\Windows\system32\SearchIndexer.exe /Embedding]
1001 - Windows Update - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Windows Driver Foundation - Benutzermodus-Treiberframework - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Yahoo! Updater - ["C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"]
----------------------------------
11 - Windows Express
----------------------------------
1101 - System-Score : 4.1
1102 - Speicher-Score : 5.6
1103 - CPU Score : 5.6
1104 - Grafik-Score : 4.1
1105 - Gaming Score : 5.2
1106 - Disk Score : 5.9
----------------------------------
12 - Ereignislog
----------------------------------
1201 - Zeit : 18.10.2012 11:51:44
1202 - Quelle : SideBySide
1203 - Beschreibung : Fehler beim Generieren des Aktivierungskontextes für "c:\program files\freecommander\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\freecommander\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
1201 - Zeit : 18.10.2012 11:48:51
1202 - Quelle : SideBySide
1203 - Beschreibung : Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
1201 - Zeit : 18.10.2012 11:41:23
1202 - Quelle : SideBySide
1203 - Beschreibung : Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Motorola Media Link\NMDllHost.exe.Manifest". Die abhängige Assemblierung "NeroAPIFiles,processorArchitecture="x86",type="win32",version="9.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
1201 - Zeit : 18.10.2012 02:22:35
1202 - Quelle : Application Error
1203 - Beschreibung : Name der fehlerhaften Anwendung: tdsskiller.exe, Version: 2.8.13.0, Zeitstempel: 0x50781aa9 Name des fehlerhaften Moduls: WLDAP32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba62 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000176c ID des fehlerhaften Prozesses: 0xf38 Startzeit der fehlerhaften Anwendung: 0x01cdac93dbe3bdf0 Pfad der fehlerhaften Anwendung: C:\Users\zr7driver\Downloads\tdsskiller.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\WLDAP32.dll Berichtskennung: 9f1d7e50-1887-11e2-85df-001583096ec8
1201 - Zeit : 19.10.2012 01:08:45
1202 - Quelle : Service Control Manager
1203 - Beschreibung : Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Lbd SBRE
1201 - Zeit : 19.10.2012 01:08:08
1202 - Quelle : EventLog
1203 - Beschreibung : Das System wurde zuvor am 18.10.2012 um 11:44:52 unerwartet heruntergefahren.
1201 - Zeit : 18.10.2012 17:37:48
1202 - Quelle : Service Control Manager
1203 - Beschreibung : Dienst "Skype C2C Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
1201 - Zeit : 18.10.2012 10:12:24
1202 - Quelle : Service Control Manager
1203 - Beschreibung : Der Dienst "Advanced SystemCare Service 5" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
1201 - Zeit : 18.10.2012 10:06:12
1202 - Quelle : Service Control Manager
1203 - Beschreibung : Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Lbd SBRE
1201 - Zeit : 18.10.2012 10:03:43
1202 - Quelle : EventLog
1203 - Beschreibung : Das System wurde zuvor am 18.10.2012 um 04:02:08 unerwartet heruntergefahren.
1201 - Zeit : 18.10.2012 03:37:00
1202 - Quelle : Service Control Manager
1203 - Beschreibung : Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Lbd SBRE
1201 - Zeit : 18.10.2012 03:36:47
1202 - Quelle : Service Control Manager
1203 - Beschreibung : Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
1201 - Zeit : 18.10.2012 03:36:47
1202 - Quelle : Service Control Manager
1203 - Beschreibung : Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SBSD Security Center Service erreicht.
1201 - Zeit : 18.10.2012 03:36:02
1202 - Quelle : EventLog
1203 - Beschreibung : Das System wurde zuvor am 17.10.2012 um 21:35:08 unerwartet heruntergefahren.
----------------------------------
Dateiende - 40138 Bytes
|
|
18.10.2012, 20:14
| #48 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | In jedem Textfeld erscheinen ständig unendlich viele *x* Warum soll ich mir irgendein Log durchsehen? Lass mich das bitte auf meinem Weg erledigen
__________________Letzter Versuch mit Combofix, lade es nochmal neu runter und probier es im abgesicherten Modus mit Netzwerktreibern
__________________ |
|
18.10.2012, 21:07
| #49 |
| | In jedem Textfeld erscheinen ständig unendlich viele *x* Combofix Logfile: Code:
ATTFilter ComboFix 12-10-18.03 - zr7driver 18.10.2012 21:49:48.2.2 - x86 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3327.2667 [GMT 2:00]
ausgeführt von:: c:\users\zr7driver\Desktop\ComboFix.exe
AV: Advanced SystemCare with Antivirus *Disabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\users\ZR7DRI~1\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
c:\users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
c:\windows\IsUn0407.exe
c:\windows\system32\DEBUG.log
c:\windows\system32\msstdfmt.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\pt\Lagoon.resources.dll
c:\windows\system32\spool\prtprocs\w32x86\ppbiPr.dll
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nvsvc
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-18 bis 2012-10-18 ))))))))))))))))))))))))))))))
.
.
2012-10-18 19:58 . 2012-10-18 19:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-18 03:37 . 2012-10-18 03:37 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1D3BA1D-F1E1-4967-9614-7CC8F9E400B8}\offreg.dll
2012-10-18 02:21 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1D3BA1D-F1E1-4967-9614-7CC8F9E400B8}\mpengine.dll
2012-10-18 02:12 . 2011-11-21 16:58 340624 ----a-w- c:\windows\system32\drivers\trufos.sys
2012-10-18 02:12 . 2012-03-15 12:16 353096 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2012-10-18 02:12 . 2012-10-18 02:12 -------- d-----w- c:\programdata\{D76294E6-03B8-4971-AF2E-3F846161A690}
2012-10-18 02:12 . 2012-10-18 02:12 -------- d-----w- c:\programdata\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}
2012-10-18 02:12 . 2012-10-18 02:12 -------- d-----w- c:\programdata\iobit
2012-10-17 19:34 . 2012-10-18 19:58 -------- d-----w- c:\users\zr7driver\AppData\Local\temp
2012-10-16 18:33 . 2012-10-16 18:33 -------- d-----w- C:\_OTL
2012-10-13 08:43 . 2012-10-17 19:33 -------- d-----w- c:\users\zr7driver\AppData\Local\assembly
2012-10-12 19:16 . 2012-10-12 19:16 -------- d-----w- c:\program files\SmartTools
2012-10-12 19:14 . 2012-10-12 19:14 -------- d-----w- c:\users\zr7driver\AppData\Roaming\SmartTools
2012-10-12 13:18 . 2012-10-11 01:05 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2012-10-12 13:18 . 2012-10-11 01:05 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2012-10-11 21:02 . 2012-10-11 21:02 -------- d-----w- c:\program files\VS Revo Group
2012-10-10 23:05 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 23:05 . 2012-09-14 18:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 23:05 . 2012-08-20 17:40 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-10 23:03 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 23:03 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 23:03 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 23:03 . 2012-08-31 17:18 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 23:03 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 23:03 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 23:03 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-08 07:41 . 2012-10-08 07:41 -------- d-----w- c:\program files\ESET
2012-10-06 23:11 . 2012-10-06 23:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-06 23:11 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-05 16:48 . 2012-10-13 19:57 -------- d-----w- c:\programdata\Avira
2012-09-29 14:19 . 2012-09-29 14:19 -------- d-----w- c:\users\zr7driver\AppData\Roaming\Lexware
2012-09-29 14:14 . 2012-09-29 14:20 -------- d-----w- c:\programdata\Lexware
2012-09-29 14:14 . 2012-09-29 14:14 -------- d-----w- c:\program files\Lexware
2012-09-29 14:11 . 2012-09-29 14:15 -------- d-----w- c:\program files\Common Files\Lexware
2012-09-29 14:11 . 2012-09-29 14:19 -------- d-----w- c:\users\zr7driver\AppData\Local\Lexware
2012-09-28 19:41 . 2012-10-18 17:08 -------- d-----w- c:\users\zr7driver\AppData\Roaming\Wise Care 365
2012-09-28 19:41 . 2012-09-28 19:41 -------- d-----w- c:\program files\Wise
2012-09-26 06:42 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 09:34 . 2012-03-30 02:45 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 09:34 . 2011-05-23 02:41 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-01 21:01 . 2012-09-01 21:01 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-01 21:01 . 2010-11-20 11:50 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-28 17:41 . 2012-08-28 17:41 25200 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2012-08-28 17:41 . 2012-08-28 17:41 12400 ----a-w- c:\windows\system32\drivers\ggflt.sys
2012-08-22 17:16 . 2012-09-12 12:10 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 12:10 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-12 12:10 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 12:10 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 09:13 . 2012-02-26 11:56 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-02-26 11:56 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-02-26 11:56 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-02-26 11:56 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-02-24 23:09 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-02-26 11:56 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-12-13 10:33 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-02-26 11:56 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-02 16:57 . 2012-09-12 12:10 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-07-31 10:42 . 2012-09-15 14:55 181344 ----a-w- c:\windows\system32\drivers\ssudserd.sys
2012-07-31 10:42 . 2012-09-15 14:55 181344 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-31 10:42 . 2012-09-15 14:55 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-10-11 01:05 . 2012-09-07 16:31 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-31 21432]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-08-31 964024]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare with Antivirus 2013\ASCTray.exe" [2012-07-26 299392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-11-10 7866912]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"adm_tray.exe"="c:\program files\Acronis\DriveMonitor\adm_tray.exe" [2011-02-24 470120]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-12 365632]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"mumservice"="c:\program files\Motorola\Software Update\mumservice.exe" [2011-06-03 1066304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-09-28 4473728]
.
c:\users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-25 26909544]
FRITZ!DSL Internet.lnk - c:\program files\FRITZ!DSL\FritzDsl.exe [2009-7-27 987960]
FRITZ!DSL Protect.lnk - c:\program files\FRITZ!DSL\FwebProt.exe [2009-4-9 1061688]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\gprs.exe [2007-12-27 43608]
FRITZ!DSL Startcenter.lnk - c:\windows\Installer\{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}\Icon2457326B4.exe [2010-9-14 29184]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files\DSL-Manager\DslMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ pdboot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk]
backup=c:\windows\pss\PHOTOfunSTUDIO 5.2 HD Edition.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
backup=c:\windows\pss\Secunia PSI Tray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2011-06-17 01:41 4401152 ----a-w- c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2012-03-28 00:53 404568 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
2010-10-29 12:55 983552 ----a-w- c:\programdata\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2012-04-17 13:05 651264 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-08-31 00:52 21432 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-08-31 00:52 3524536 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2010-09-15 08:11 339312 ----a-w- c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2012-05-25 02:25 6595928 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Miranda Fusion]
2011-03-28 19:22 967508 ----a-w- c:\program files\MirandaFusion\fusiontools\mfstart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mumservice]
2011-06-03 13:58 1066304 ----a-w- c:\program files\Motorola\Software Update\mumservice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-05-11 19:55 724536 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-02-28 16:48 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2012-01-23 04:43 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-12-09 10:45 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 AAV UpdateService;AAV UpdateService;c:\program files\AAVUpdateManager\aavus.exe [x]
R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare with Antivirus 2013\ascsvc.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [x]
R2 DeviceMonitorService;DeviceMonitorService;c:\program files\Motorola Media Link\NServiceEntry.exe [x]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE [x]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [x]
R2 Motorola Device Manager;Motorola Device Manager Service;c:\program files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [x]
R2 PST Service;PST Service;c:\program files\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [x]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files\Wise\Wise Care 365\BootTime.exe [x]
R2 WMI_Hook_Service;WMI_Hook_Service;c:\program files\msi\OSD hot keys\WMI_Hook_Service.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys [x]
R3 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\IObit\Advanced SystemCare with Antivirus 2013\ascavsvc.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 cpuz135;cpuz135;c:\program files\CPUID\PC Wizard 2012\pcwiz_x32.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [x]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\C10F.tmp [x]
R3 MFE_RR;MFE_RR;c:\users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NxpCap;CTX capture service;c:\windows\system32\DRIVERS\NxpCap.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [x]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S3 hidkmdf;Microsoft HID Class Shim for KMDF;c:\windows\system32\DRIVERS\hidkmdf.sys [x]
S3 NW1950;NextWindow 1950 Touch Screen;c:\windows\system32\DRIVERS\NW1950.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 09:34]
.
2012-10-18 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-09-24 21:31]
.
2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-12 00:11]
.
2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-12 00:11]
.
2012-10-18 c:\windows\Tasks\Wise Care 365.job
- c:\program files\Wise\Wise Care 365\WiseTray.exe [2012-09-28 15:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
LSP: c:\program files\FRITZ!DSL\\sarah.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - ExtSQL: 2012-08-31 03:53; {d37dc5d0-431d-44e5-8c91-49419370caa1}; c:\users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF - ExtSQL: 2012-09-07 18:31; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2012-09-10 14:08; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: 2012-09-15 11:41; info@convert2mp3.net; c:\users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\info@convert2mp3.net.xpi
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKU-Default-Run-FRITZ!protect - FwebProt.exe
MSConfigStartUp-Guard.Mail.ru - c:\program files\Guard-ICQ\GuardICQ.exe
MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\C10F.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSAFEERASE04.00.00.01MSWINDOWS"="DBBDE485235254DA409CBF48BE3C1F1BD86E5899A5F2553E33D4006CC7C97065BAA1FEA54662FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555A2D97226D213B5558EDD5E5BE2F6E66734B006E3C3B66076731806CE860A1F6B6FC2A0539A21BA6173BC5FC22C1322E6C00AF44FD9E51076621278C4823976BAE299F9D9D29132E6434FDE0F2BA4179B4861969E54BDC7E0192D98740532DB282979B44637615BE5F63AB529C7C8873696754EC670256F150FA3DD1689A35DA587B27E30202B8A82420A65295725AB2D6A2992029F67C77DB1CF5625BD235EAB363A19F497E9E666CAEA05EDE0BD9079F78370508834DF815F32A05F042997B5E3A9D8B4DE81ECBE2B2EBE9721FE1699E42F85F0039E9E11ECEC7149F211904430BDA7D168366BBA70CB510B89B5720ECDFA85EC9E9E3E9EA1CA11A8561BA859305603755D3086109C5C8E713E942D5EBF5A380D9A10CBA13B36DC0A2B6C157D6C79FB8D97FEB676271EDBB898B2A3123FE378DEEDB02993E7BE43BB258ED93DE3D0B7C6A613C62BF7F23512230A8638C15335B5C2A40CF2CD98CA51296BD3270627EE984FC1D7EF6F60A7712079DA623485F127F4747EC4031D89215355B0CEB76F6FB807445B875D12569103C278A57400C78D16895E0C14C52C4872FE724C53BC9A247CB81CBA89D2F5EDF50C8C1CD5E6DD07ED355D5780B374238603713AA449669B0C9F33D6AC96D24952E019639F87F775F2A90132BDAAB4D6C8DBD83AECF0DAA3CADE12ADF473C9A82DAF719C8CCEE67FD4FD24303393D7CAA26B25EE62B515828041FB910622CD53C6C83FED4BD1128E752F72E83CF757A833F4AA7F2C3CC7C427F0085DF381E4D71A647E01FE46F4D1E79B6F76A98AC4604CA1109868CB383D7002A2EBC9922A87521D0104BF861F3BF707F0F6BF1DC326F47D50E8A8D33DFCBE698C9E857CCA77D0EF6A279812347FA1181F0E35A78EEE67F839A46FE3C65D29FE585B98880900AA4134A1860CEA1B98DAF9E0B7C76EF61168EE04B931D57A7C82EC8869A3BBBF27D42BAB7E3B0EC93FBE519BE53C463D97846741F094FDB3B6940894D161CC1743D7EE04660A7D10B296CBEB54E809064EE8EC9C788A69AF8CB8386E20F63BAA3056756B1987ACB13D9A63050BD43FD6C1969ED924B5D5D265DAE28C973E196350C409A867E623BA6266E41E862E06FB2FF27041BC58944C5C47BD666B358BEFBF78438413FE7B78D6F7F37036C28B8389C4A71D015C0A8BC0AFD5F8C7FCCEC0C7AB17CDD34BE4FC043384BBFE0916C1F738E0BE20CFB0C316A889C4C9DC2F8A6AFC4754D269A39F88E06142B795FC4E54608878BF6215ED15AC8ECE83BD10C6DBEE6FEE319C0EF8B42A28CAAC26"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1420)
c:\users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\Sophos\Windows Shortcut Exploit Protection Tool\SophosLinkIconHandler32.dll
.
Zeit der Fertigstellung: 2012-10-18 22:00:48
ComboFix-quarantined-files.txt 2012-10-18 20:00
.
Vor Suchlauf: 26 Verzeichnis(se), 626.661.556.224 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 626.544.930.816 Bytes frei
.
- - End Of File - - 4B103CB85B42C32C8CB4BDF81CA030B9
|
|
18.10.2012, 21:18
| #50 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | In jedem Textfeld erscheinen ständig unendlich viele *x* Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.10.2012, 03:05
| #51 |
| | In jedem Textfeld erscheinen ständig unendlich viele *x*Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-10-19 04:04:12
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\00000079 WDC_WD10 rev.80.0
Running: pzn62xhh.exe; Driver: C:\Users\ZR7DRI~1\AppData\Local\Temp\ugtyruog.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x9203E966]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device aswSP.SYS (avast! self protection module/AVAST Software)
Device Ntfs.sys (NT-Dateisystemtreiber/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 04:10:51 on 19.10.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Google Inc. Google Chrome 22.0.1229.94 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - "Raxco Software, Inc." - C:\Windows\system32\pdboot.exe [Common] -----( %SystemRoot%\Tasks )----- "Wise Care 365.job" - "WiseCleaner.com" - C:\Program Files\Wise\Wise Care 365\WiseTray.exe "GlaryInitialize.job" - "Glarysoft Ltd" - C:\Program Files\Glary Utilities\initialize.exe "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "Firebird2Control.cpl" - "IBPhoenix" - C:\Windows\system32\Firebird2Control.cpl "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "PCWizard.cpl" - "CPUID" - C:\Windows\system32\PCWizard.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ACEDRV09" (ACEDRV09) - "Protect Software GmbH" - C:\Windows\system32\drivers\ACEDRV09.sys "aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys "aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys "aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\System32\Drivers\aswrdr2.sys "aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys "aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys "avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys "bdfsfltr" (bdfsfltr) - "BitDefender" - C:\Windows\System32\DRIVERS\bdfsfltr.sys "catchme" (catchme) - ? - C:\Users\ZR7DRI~1\AppData\Local\Temp\catchme.sys (File not found) "cpuz135" (cpuz135) - "CPUID" - C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys "DefragFS" (DefragFS) - "Raxco Software, Inc." - C:\Windows\system32\drivers\DefragFS.sys "FileMonitor" (FileMonitor) - "IObit" - C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "Lbd" (Lbd) - ? - C:\Windows\System32\DRIVERS\Lbd.sys (File not found) "LG Bluetooth Bus Enumerator" (lgbusenum) - ? - C:\Windows\System32\DRIVERS\lgbtbus.sys (File not found) "LGE Mobile Composite USB Device" (usbbus) - ? - C:\Windows\System32\DRIVERS\lgusbbus.sys (File not found) "LGE Mobile USB Modem" (USBModem) - ? - C:\Windows\System32\DRIVERS\lgusbmodem.sys (File not found) "LGE Mobile USB Serial Port" (UsbDiag) - ? - C:\Windows\System32\DRIVERS\lgusbdiag.sys (File not found) "MEMSWEEP2" (MEMSWEEP2) - ? - C:\Windows\system32\C10F.tmp (File not found) "MFE_RR" (MFE_RR) - ? - C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys (File not found) "Mot ADB Interface Driver" (motandroidusb) - ? - C:\Windows\System32\Drivers\motoandroid.sys (File not found) "Motorola Inc. USB Device" (MotDev) - ? - C:\Windows\System32\DRIVERS\motodrv.sys (File not found) "PSI" (PSI) - "Secunia" - C:\Windows\System32\DRIVERS\psi_mf.sys "RegFilter" (RegFilter) - "IObit.com" - C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys "SANDRA" (SANDRA) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\Sandra.sys "SBRE" (SBRE) - ? - C:\Windows\system32\drivers\SBREdrv.sys (File not found) "Trufos" (Trufos) - "BitDefender S.R.L." - C:\Windows\System32\DRIVERS\TRUFOS.sys "ugtyruog" (ugtyruog) - ? - C:\Users\ZR7DRI~1\AppData\Local\Temp\ugtyruog.sys (Hidden registry entry, rootkit activity | File not found) "UrlFilter" (UrlFilter) - "IObit.com" - C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} "WOT Protocol" - "WOT Services Oy" - C:\Program Files\WOT\WOT.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll {DE902992-61FC-4A01-8091-53E1895C9775} "CDR Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {7AD101F2-0B93-4D66-A1CA-DF73F3C4377B} "CDR preview provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {7FA63AC0-F5BC-4F3B-A9CF-94328D812B62} "CDR Property Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {1462EBAA-96E7-4D93-9A66-0E4068DE4FCF} "CDR Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {DE902994-61FC-4A01-8091-53E1895C9775} "CMX Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {1462EBAC-96E7-4D93-9A66-0E4068DE4FCF} "CMX Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {DE902993-61FC-4A01-8091-53E1895C9775} "CPT Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {7FA63AC1-F5BC-4F3B-A9CF-94328D812B62} "CPT Property Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll {1462EBAB-96E7-4D93-9A66-0E4068DE4FCF} "CPT Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll {7506374C-A693-427B-8DDD-99DAFB79433D} "GeoSetterShellExt" - "Friedemann Schmidt" - C:\PROGRA~1\GeoSetter\GeoSetterShellExt.dll {72923739-5A47-40A3-9895-25AF0DFBB9E4} "Glary Utilities Context Menu Shell Extension" - "Glarysoft Ltd" - C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} "JetFlExt Class" - "JetAudio" - C:\Program Files\JetAudio\JetFlExt.dll {CD05BB5B-F022-4FA0-946F-3FF62896BED7} "LinkIconHandler Class" - "Sophos Plc" - C:\Program Files\Sophos\Windows Shortcut Exploit Protection Tool\SophosLinkIconHandler32.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\OFFICE11\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\OFFICE11\OLKFSTUB.DLL {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll {E8D43C7E-EFA1-41A2-9AD9-0CFECD1678B7} "SafeEraseObj Class" - "O&O Software GmbH" - C:\Program Files\OO Software\SafeErase\oosesh.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {21347690-EC41-4F9A-8887-1F4AEE672439} "Canon Easy-WebPrint EX" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll {D0D54496-CDFE-4B7E-AC72-08F5E5E3FFC8} "{D0D54496-CDFE-4B7E-AC72-08F5E5E3FFC8}" - ? - (File not found | COM-object registry key not found) -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 (HTTP value) -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Canon Easy-WebPrint EX" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "WOT" - "WOT Services Oy" - C:\Program Files\WOT\WOT.dll <binary data> "{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} "Installation Support" - "Yahoo! Inc." - C:\Program Files\Yahoo!\Common\Yinsthelper.dll / C:\Program Files\Yahoo!\Common\Yinsthelper.dll {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} "Microsoft Genuine Advantage Self Support Tool" - "Microsoft Corporation" - C:\Windows\system32\SelfHelpControl.DLL / hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab {17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\Windows\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {C345E174-3E87-4F41-A01C-B066A90A49B4} "{C345E174-3E87-4F41-A01C-B066A90A49B4}" - ? - (File not found | COM-object registry key not found) / hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "@C:\Windows\WindowsMobile\INetRepl.dll,-222" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} "AVG Do Not Track" - ? - (File not found | COM-object registry key not found) {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll "ICQ7.7" - "ICQ, LLC." - C:\Program Files\ICQ7.7\ICQ.exe {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "avast! WebRep" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll {8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BingExt.dll {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} "Canon Easy-WebPrint EX" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll {71576546-354D-41c9-AAE8-31F2EC22BF0D} "WOT" - "WOT Services Oy" - C:\Program Files\WOT\WOT.dll <binary data> "Yahoo! Toolbar" - "Yahoo! Inc." - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {02478D38-C3F9-4efb-9B51-7695ECA05670} "&Yahoo! Toolbar Helper" - "Yahoo! Inc." - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BingExt.dll {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} "Canon Easy-WebPrint EX BHO" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll {3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} "WOT Helper" - "WOT Services Oy" - C:\Program Files\WOT\WOT.dll [Known DLLs] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )----- "advapi32" - "Microsoft Corporation" - C:\Windows\system32\advapi32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "clbcatq" - "Microsoft Corporation" - C:\Windows\system32\clbcatq.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "COMDLG32" - "Microsoft Corporation" - C:\Windows\system32\COMDLG32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "DifxApi" - "Microsoft Corporation" - C:\Windows\system32\difxapi.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "gdi32" - "Microsoft Corporation" - C:\Windows\system32\gdi32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IERTUTIL" - "Microsoft Corporation" - C:\Windows\system32\IERTUTIL.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IMAGEHLP" - "Microsoft Corporation" - C:\Windows\system32\IMAGEHLP.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IMM32" - "Microsoft Corporation" - C:\Windows\system32\IMM32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "kernel32" - "Microsoft Corporation" - C:\Windows\system32\kernel32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "LPK" - "Microsoft Corporation" - C:\Windows\system32\LPK.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "MSCTF" - "Microsoft Corporation" - C:\Windows\system32\MSCTF.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "MSVCRT" - "Microsoft Corporation" - C:\Windows\system32\MSVCRT.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "NORMALIZ" - "Microsoft Corporation" - C:\Windows\system32\NORMALIZ.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "NSI" - "Microsoft Corporation" - C:\Windows\system32\NSI.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "ole32" - "Microsoft Corporation" - C:\Windows\system32\ole32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "OLEAUT32" - "Microsoft Corporation" - C:\Windows\system32\OLEAUT32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "PSAPI" - "Microsoft Corporation" - C:\Windows\system32\PSAPI.DLL (Hidden registry entry, rootkit activity | File signed by Microsoft) "rpcrt4" - "Microsoft Corporation" - C:\Windows\system32\rpcrt4.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "sechost" - "Microsoft Corporation" - C:\Windows\system32\sechost.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "Setupapi" - "Microsoft Corporation" - C:\Windows\system32\Setupapi.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "SHELL32" - "Microsoft Corporation" - C:\Windows\system32\SHELL32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "SHLWAPI" - "Microsoft Corporation" - C:\Windows\system32\SHLWAPI.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "URLMON" - "Microsoft Corporation" - C:\Windows\system32\URLMON.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "user32" - "Microsoft Corporation" - C:\Windows\system32\user32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "USP10" - "Microsoft Corporation" - C:\Windows\system32\USP10.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WININET" - "Microsoft Corporation" - C:\Windows\system32\WININET.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WLDAP32" - "Microsoft Corporation" - C:\Windows\system32\WLDAP32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WS2_32" - "Microsoft Corporation" - C:\Windows\system32\WS2_32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) "FRITZ!DSL Internet.lnk" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\FritzDsl.exe (Shortcut exists | File exists) "FRITZ!DSL Protect.lnk" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\FwebProt.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "BlueSoleil.lnk" - "IVT Corporation." - C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "FRITZ!DSL Startcenter.lnk" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\StCenter.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Advanced SystemCare 5" - "IObit" - "C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013\ASCTray.exe" /AutoStart "KiesPDLR" - ? - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe "KiesPreload" - "Samsung" - C:\Program Files\Samsung\Kies\Kies.exe /preload -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Acronis Scheduler2 Service" - "Acronis" - "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" "adm_tray.exe" - ? - C:\Program Files\Acronis\DriveMonitor\adm_tray.exe "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui "CanonMyPrinter" - "CANON INC." - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon "CanonSolutionMenuEx" - "CANON INC." - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon "CLMLServer" - "CyberLink" - "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" "IndexSearch" - "ScanSoft, Inc." - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe "IObit Malware Fighter" - "IObit" - "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart "mumservice" - "Motorola" - C:\Program Files\Motorola\Software Update\mumservice.exe "PaperPort PTD" - "ScanSoft, Inc." - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "SSBkgdUpdate" - "Scansoft, Inc." - "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "FRITZ!fax Color Monitor" - "AVM Berlin" - C:\Windows\system32\FritzVistaColorMon.dll "FRITZ!fax Port Monitor" - "AVM Berlin" - C:\Windows\system32\FritzVistaMon.dll "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AAV UpdateService" (AAV UpdateService) - ? - C:\Program Files\AAVUpdateManager\aavus.exe "Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Advanced SystemCare Service 5" (AdvancedSystemCareService5) - "IObit" - C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013\ascsvc.exe "AdvancedSystemCareAntivirus" (ASCAntivirusSrv) - "IOBit" - C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013\ascavsvc.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe "avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe "AVM IGD CTRL Service" (IGDCTRL) - "AVM Berlin" - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE "BBUpdate" (BBUpdate) - "Microsoft Corporation" - C:\Program Files\Microsoft\BingBar\SeaPort.EXE "Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BBSvc.EXE "BlueSoleil Hid Service" (BlueSoleil Hid Service) - ? - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (File found, but it contains no detailed information) "Canon Inkjet Printer/Scanner/Fax Extended Survey Program" (IJPLMSVC) - ? - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared files\RichVideo.exe "Defragmentation-Service" (DfSdkS) - "mst software GmbH, Germany" - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe "DeviceMonitorService" (DeviceMonitorService) - "Nero AG" - C:\Program Files\Motorola Media Link\NServiceEntry.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Guardian - DefaultInstance" (FirebirdGuardianDefaultInstance) - "Firebird Project" - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe "Firebird Server - DefaultInstance" (FirebirdServerDefaultInstance) - "Firebird Project" - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "IMF Service" (IMFservice) - "IObit" - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe "Internet Pass-Through Service" (PassThru Service) - ? - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Motorola Device Manager Service" (Motorola Device Manager) - ? - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "PDAgent" (PDAgent) - "Raxco Software, Inc." - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe "PDEngine" (PDEngine) - "Raxco Software, Inc." - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe "PST Service" (PST Service) - "Motorola" - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe "SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe "Secunia PSI Agent" (Secunia PSI Agent) - "Secunia" - C:\Program Files\Secunia\PSI\PSIA.exe "Secunia Update Agent" (Secunia Update Agent) - "Secunia" - C:\Program Files\Secunia\PSI\sua.exe "ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe "SiSoftware Deployment Agent Service" (SandraAgentSrv) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe "Skype C2C Service" (Skype C2C Service) - "Skype Technologies S.A." - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe "Sony PC Companion" (Sony PC Companion) - "Avanquest Software" - C:\Program Files\Sony\Sony PC Companion\PCCService.exe "Start BT in service" (Start BT in service) - ? - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe (File found, but it contains no detailed information) "TomTomHOMEService" (TomTomHOMEService) - "TomTom" - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe "Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE "Wise Boot Assistant" (WiseBootAssistant) - "WiseCleaner.com" - C:\Program Files\Wise\Wise Care 365\BootTime.exe "WMI_Hook_Service" (WMI_Hook_Service) - "MICRO-STAR INT'L,.LTD." - C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe "Yahoo! Updater" (YahooAUService) - "Yahoo! Inc." - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "Sarah NSP" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\sarah.dll "WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "SARAH LSP" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\sarah.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-19 04:12:12
-----------------------------
04:12:12.297 OS Version: Windows 6.1.7601 Service Pack 1
04:12:12.297 Number of processors: 2 586 0x170A
04:12:12.301 ComputerName: ZR7DRIVER-PC UserName: zr7driver
04:12:14.830 Initialize success
04:12:14.966 AVAST engine defs: 12101802
04:13:11.623 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000079
04:13:11.629 Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
04:13:11.645 Disk 0 MBR read successfully
04:13:11.648 Disk 0 MBR scan
04:13:11.653 Disk 0 unknown MBR code
04:13:11.656 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
04:13:11.666 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 932262 MB offset 206848
04:13:11.688 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20480 MB offset 1909479424
04:13:11.710 Disk 0 Partition 4 00 12 Compaq diag NTFS 1025 MB offset 1951422464
04:13:11.717 Disk 0 scanning sectors +1953521664
04:13:11.773 Disk 0 scanning C:\Windows\system32\drivers
04:13:19.516 Service scanning
04:13:34.796 Modules scanning
04:13:49.341 Disk 0 trace - called modules:
04:13:49.365 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor32.sys
04:13:49.372 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8687a380]
04:13:49.377 3 CLASSPNP.SYS[8c40559e] -> nt!IofCallDriver -> [0x862cea80]
04:13:49.384 5 ACPI.sys[8bca03d4] -> nt!IofCallDriver -> \Device\00000079[0x86797a30]
04:13:52.413 AVAST engine scan C:\Windows
04:13:59.442 AVAST engine scan C:\Windows\system32
04:16:08.579 AVAST engine scan C:\Windows\system32\drivers
04:16:23.370 AVAST engine scan C:\Users\zr7driver
04:55:30.569 AVAST engine scan C:\ProgramData
05:15:19.977 Scan finished successfully
08:30:46.375 Disk 0 MBR has been saved successfully to "C:\Users\zr7driver\Desktop\MBR.dat"
08:30:46.394 The log file has been saved successfully to "C:\Users\zr7driver\Desktop\aswMBR.txt"
|
|
19.10.2012, 10:32
| #52 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | In jedem Textfeld erscheinen ständig unendlich viele *x* Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.10.2012, 17:29
| #53 |
| | In jedem Textfeld erscheinen ständig unendlich viele *x*Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-19 11:52:45
-----------------------------
11:52:45.591 OS Version: Windows 6.1.7601 Service Pack 1
11:52:45.592 Number of processors: 2 586 0x170A
11:52:45.603 ComputerName: ZR7DRIVER-PC UserName: zr7driver
11:52:49.105 Initialize success
11:52:49.205 AVAST engine defs: 12101802
11:53:03.314 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000079
11:53:03.318 Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
11:53:03.344 Disk 0 MBR read successfully
11:53:03.348 Disk 0 MBR scan
11:53:03.353 Disk 0 Windows 7 default MBR code
11:53:03.358 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:53:03.366 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 932262 MB offset 206848
11:53:03.388 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20480 MB offset 1909479424
11:53:03.399 Disk 0 Partition 4 00 12 Compaq diag NTFS 1025 MB offset 1951422464
11:53:03.406 Disk 0 scanning sectors +1953521664
11:53:03.518 Disk 0 scanning C:\Windows\system32\drivers
11:53:17.491 Service scanning
11:53:35.618 Modules scanning
11:53:39.974 Disk 0 trace - called modules:
11:53:39.998 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll afd.sys storport.sys nvstor32.sys
11:53:40.004 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8687a358]
11:53:40.012 3 CLASSPNP.SYS[8c47e59e] -> nt!IofCallDriver -> [0x862d0930]
11:53:40.020 5 ACPI.sys[8bc943d4] -> nt!IofCallDriver -> \Device\00000079[0x86797030]
11:53:43.072 AVAST engine scan C:\Windows
11:53:46.715 AVAST engine scan C:\Windows\system32
11:56:55.090 AVAST engine scan C:\Windows\system32\drivers
11:57:19.788 AVAST engine scan C:\Users\zr7driver
12:38:25.805 AVAST engine scan C:\ProgramData
12:57:38.901 Scan finished successfully
18:29:01.124 Disk 0 MBR has been saved successfully to "C:\Users\zr7driver\Desktop\MBR.dat"
18:29:01.134 The log file has been saved successfully to "C:\Users\zr7driver\Desktop\aswMBR.txt"
|
|
21.10.2012, 10:48
| #54 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | In jedem Textfeld erscheinen ständig unendlich viele *x* Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 18:58
| #55 |
| | In jedem Textfeld erscheinen ständig unendlich viele *x*Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/21/2012 at 07:53 PM
Application Version : 5.6.1012
Core Rules Database Version : 9446
Trace Rules Database Version: 7258
Scan type : Complete Scan
Total Scan Time : 03:44:09
Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 916
Memory threats detected : 0
Registry items scanned : 41953
Registry threats detected : 0
File items scanned : 187729
File threats detected : 249
Adware.Tracking Cookie
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\2JV3GWBL.txt [ /zanox.com ]
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\VSCP2AP6.txt [ /track.adform.net ]
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\PW3OVB23.txt [ /ad.zanox.com ]
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\4IXXMIES.txt [ /adform.net ]
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\D0B2WPM3.txt [ /xiti.com ]
C:\USERS\ZR7DRIVER\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRH2LLM1.txt [ Cookie:zr7driver@im.banner.t-online.de/ ]
C:\USERS\ZR7DRIVER\Cookies\2JV3GWBL.txt [ Cookie:zr7driver@zanox.com/ ]
C:\USERS\ZR7DRIVER\Cookies\VSCP2AP6.txt [ Cookie:zr7driver@track.adform.net/ ]
C:\USERS\ZR7DRIVER\Cookies\PW3OVB23.txt [ Cookie:zr7driver@ad.zanox.com/ ]
C:\USERS\ZR7DRIVER\Cookies\4IXXMIES.txt [ Cookie:zr7driver@adform.net/ ]
accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.paypal.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fr.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fr.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
traffic.brand-wall.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracker.vinsight.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tuiinteractive.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
c0.histats.12mlbe.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.homestore.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.gmcnglobal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tuiinteractive.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mmstat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.geoclickr.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.geoclickr.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
media4.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
media1.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
media2.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mmstat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.sonyeurope.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.reifendiscount.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.ssl-account.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.dailymotionpoc.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.petfinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.petfinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mediamarkt.es [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
webstat.delti.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.e-2dj6wdlyeodzaeo.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.e-2dj6aekokhdzmdp.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.e-2dj6wfk4undpico.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.banner-farm.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stats.bmw.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stat.coches.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.mediamarkt.es [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.dominionenterprises.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.telefonicaes.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.e-2dj6wjkowmdpigp.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.sfxxxplace.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
Trojan.Agent/CDesc[Generic]
C:\EXTERNE FESTPLATTE 1\EIGENE DATEIEN\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
ZIP ARCHIVE( C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP )/ANTWAIN.DLL
C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP
Trojan.Agent/Gen-Sisproc
C:\USERS\ZR7DRIVER\DOWNLOADS\LOCRGPSPHOTO124.EXE
Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.21.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 zr7driver :: ZR7DRIVER-PC [Administrator] 21.10.2012 20:01:51 mbam-log-2012-10-21 (20-01-51).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 581782 Laufzeit: 3 Stunde(n), 32 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
22.10.2012, 09:31
| #56 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | In jedem Textfeld erscheinen ständig unendlich viele *x*Code:
ATTFilter UAC On - Limited User
Bitte so wie es in der Anleitung steht auch ausführen! Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.10.2012, 02:54
| #57 |
| | In jedem Textfeld erscheinen ständig unendlich viele *x*Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/23/2012 at 03:32 AM
Application Version : 5.6.1012
Core Rules Database Version : 9451
Trace Rules Database Version: 7263
Scan type : Complete Scan
Total Scan Time : 05:10:09
Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 979
Memory threats detected : 0
Registry items scanned : 42065
Registry threats detected : 0
File items scanned : 534550
File threats detected : 253
Adware.Tracking Cookie
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\2JV3GWBL.txt [ /zanox.com ]
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\VSCP2AP6.txt [ /track.adform.net ]
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\PW3OVB23.txt [ /ad.zanox.com ]
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\4IXXMIES.txt [ /adform.net ]
C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\B4DL0M4N.txt [ /xiti.com ]
C:\USERS\ZR7DRIVER\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRH2LLM1.txt [ Cookie:zr7driver@im.banner.t-online.de/ ]
C:\USERS\ZR7DRIVER\Cookies\2JV3GWBL.txt [ Cookie:zr7driver@zanox.com/ ]
C:\USERS\ZR7DRIVER\Cookies\VSCP2AP6.txt [ Cookie:zr7driver@track.adform.net/ ]
C:\USERS\ZR7DRIVER\Cookies\PW3OVB23.txt [ Cookie:zr7driver@ad.zanox.com/ ]
C:\USERS\ZR7DRIVER\Cookies\4IXXMIES.txt [ Cookie:zr7driver@adform.net/ ]
accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.paypal.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fr.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fr.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
traffic.brand-wall.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tuiinteractive.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracker.vinsight.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.homestore.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.gmcnglobal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tuiinteractive.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mmstat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.geoclickr.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.geoclickr.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
media4.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
media1.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
media2.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mmstat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.sonyeurope.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.reifendiscount.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.ssl-account.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.dailymotionpoc.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.petfinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.petfinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.mediamarkt.es [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
webstat.delti.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.e-2dj6wdlyeodzaeo.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.e-2dj6aekokhdzmdp.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.e-2dj6wfk4undpico.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.banner-farm.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stats.bmw.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
stat.coches.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.mediamarkt.es [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.dominionenterprises.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.telefonicaes.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.e-2dj6wjkowmdpigp.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.sfxxxplace.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
Trojan.Agent/CDesc[Generic]
C:\EXTERNE FESTPLATTE 1\EIGENE DATEIEN\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
ZIP ARCHIVE( C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP )/ANTWAIN.DLL
C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP
Trojan.Downloader-Gen/Loader
ZIP ARCHIVE( C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\527537_PN2050_070417.ZIP )/NAVI/BOOT/LOADER.EXE
C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\527537_PN2050_070417.ZIP
Trojan.Agent/Gen-Sisproc
C:\USERS\ZR7DRIVER\DOWNLOADS\LOCRGPSPHOTO124.EXE
|
|
23.10.2012, 19:34
| #58 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | In jedem Textfeld erscheinen ständig unendlich viele *x* Mal wieder eine Menge Cookies Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.10.2012, 19:45
| #59 |
| | In jedem Textfeld erscheinen ständig unendlich viele *x* Nein nicht wirklich! Festplatte 1 sind Dateien von einem alten Rechner, können gelöscht werden! LOCRGPSPHOTO124.EXE ist eigentlich ein Programm um GPS Daten aus Bildern auszulesen usw... |
|
23.10.2012, 19:46
| #60 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | In jedem Textfeld erscheinen ständig unendlich viele *x* Na dann alles weg damit. Wie siehts denn mit dem ursprünglichen Problem aus? => In jedem Textfeld erscheinen ständig unendlich viele *x*
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu In jedem Textfeld erscheinen ständig unendlich viele *x* |
| adresse, adressen, avast, avira, backdoor.msil.pgen, erscheine, erscheinen, ersetzt, install.exe, inter, interne, internetadresse, kaspersky, laptop, loadtbs-3.0, malware.packer.as, online, tagen, unendlich |
Linear-Darstellung
