| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.JS.Iframe.BY auf PC gefundenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.10.2012, 21:03
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojan.JS.Iframe.BY auf PC gefundenCode:
ATTFilter PRC - [2012.10.10 19:26:55 | 003,084,176 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.10.05 14:30:36 | 000,876,240 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
A-Squared wäre nicht meine 1. Wahl als Virenscanner und von Comodo IS muss man schon aus Prinzip abraten weil SecuritySuites idR blanker kontraproduktiver Unsinn sind Ich würde empfehlen du deinstallierst beide und wenn wir durch sind kann wieder ein Virenscanner rauf, sowas wie Avast oder MSE - meinetwegen kannst du es aber auch bei A-Squared belassen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.10.2012, 11:48
| #17 |
 | Trojan.JS.Iframe.BY auf PC gefunden Hallo!
__________________Sorry, dass ich mich jetzt erst jetzt melde, war gestern Abend doch ziemlich fertig. Ich dachte es ist okay, wenn ich nur ein Programm mit Aktivschutz laufen lasse und Emisoft nur hin und wieder mal aktivere um zu scannen. Beide Programme sind jetzt unten. Windows ist jetzt halt unglücklich, weil ich im Moment gar keinen Aktivvirenscanner habe. Als ich auf meinem Administratoraccount einloggte, um die beiden Programme zu deinstallieren, ist mir dort ein Programm auf dem Desktop namens "Recent Places" aufgefallen! Ich bin mir sehr sicher, dass das beim letzten Mal noch nicht dort war, obwohl es angeblich schon im März installiert wurde. Was könnte das sein? Ist das gefährlich? |
|
21.10.2012, 12:14
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.JS.Iframe.BY auf PC gefunden Recent Places sagt mir nichts
__________________Mach bitte wie o.g. ein neues OTL-Log
__________________ |
|
21.10.2012, 12:28
| #19 |
| | Trojan.JS.Iframe.BY auf PC gefunden Okay Hier ist das neue Log! OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.10.2012 13:18:38 - Run 5 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kerstin normal\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,99 Gb Total Physical Memory | 6,98 Gb Available Physical Memory | 87,35% Memory free 15,97 Gb Paging File | 14,90 Gb Available in Paging File | 93,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 55,80 Gb Total Space | 12,45 Gb Free Space | 22,31% Space Free | Partition Type: NTFS Drive D: | 931,51 Gb Total Space | 765,46 Gb Free Space | 82,17% Space Free | Partition Type: NTFS Drive E: | 4,93 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: ANGELSCAGE | User Name: Kerstin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.21 13:16:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kerstin normal\Desktop\OTL.exe PRC - [2012.10.11 18:15:26 | 001,853,584 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe PRC - [2012.10.03 00:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.08.19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011.08.12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe PRC - [2011.08.12 12:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011.08.12 12:18:30 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ========== Modules (No Company Name) ========== MOD - [2011.08.22 15:47:44 | 000,336,408 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll MOD - [2011.08.12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll MOD - [2011.08.12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll MOD - [2011.08.12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll MOD - [2011.08.12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll MOD - [2011.08.12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll MOD - [2011.08.12 12:18:30 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ========== Services (SafeList) ========== SRV - [2012.10.11 18:15:26 | 001,853,584 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2012.10.09 20:37:25 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.03 00:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Programme\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.08.19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.03.01 03:00:15 | 000,398,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB) DRV:64bit: - [2011.12.13 19:44:16 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2011.12.12 22:52:44 | 000,082,048 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2011.12.12 22:52:44 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2011.11.24 09:30:43 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.11.24 09:30:43 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.08.19 11:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2011.08.19 11:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2011.06.10 17:00:38 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011.06.10 17:00:36 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.04.14 10:38:20 | 000,364,520 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011.04.14 10:38:20 | 000,121,832 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2011.03.07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:64bit: - [2011.03.07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.04.13 16:08:04 | 000,022,568 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter) DRV:64bit: - [2010.04.13 16:08:04 | 000,016,936 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil) DRV:64bit: - [2010.04.13 16:08:00 | 000,340,008 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Si3124r5.sys -- (Si3124r5) DRV:64bit: - [2009.10.07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2006.11.01 07:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2012.04.19 11:13:50 | 000,010,568 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Programme\Afterburner\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BA 21 62 D8 76 04 CD 01 [binary data] IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002\..\SearchScopes\{3F5C58FB-8CC0-4D7A-B274-CFD5BC4D8FBE}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=ee03736b-e452-4293-8a0b-9c303deca396&apn_sauid=AA2118E6-414A-4A89-BC1F-B2951F411BC9 IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1005\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3808264291-3804557767-2819016222-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "https://www.google.de/#hl=de&output=search&sclient=psy-ab&q=trojaner+board&oq=troj&gs_l=hp.1.0.35i39l2j0l2.1674.2217.0.4083.4.4.0.0.0.0.217.491.3j0j1.4.0...0.0...1c.1.NjLosBuOkus&pbx=1&bav=on.2,or.r_gc.r_pw.r_qf.&fp=1f8edf929568f4b3&bpcl=35277026&biw=1920&bih=956|https://www.google.de/" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.13 13:26:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.17 22:05:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kerstin\AppData\Roaming\mozilla\Extensions [2012.10.14 01:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kerstin\AppData\Roaming\mozilla\Firefox\Profiles\w3cwazlb.default\extensions [2012.07.24 22:27:25 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Kerstin\AppData\Roaming\mozilla\firefox\profiles\w3cwazlb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.03.18 16:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.10.13 13:26:55 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.11.11 16:45:42 | 000,002,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml [2012.06.18 13:55:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.29 10:43:00 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.18 13:55:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.18 13:55:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.18 13:55:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.18 13:55:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3808264291-3804557767-2819016222-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002..\Run: [ICQ] D:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O4 - HKU\S-1-5-21-3808264291-3804557767-2819016222-1002..\Run: [Skype] D:\Programme\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\.DEFAULT..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-3808264291-3804557767-2819016222-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC636A3E-06B9-46C7-9DEF-F294984D0CB7}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.07.31 03:20:10 | 000,055,176 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2012.05.22 23:23:10 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{69bf699e-7067-11e1-985c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{69bf699e-7067-11e1-985c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2012.07.31 03:20:10 | 000,055,176 | R--- | M] (Electronic Arts) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.) Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll () Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.16 08:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.10.16 08:04:07 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Kerstin\Desktop\esetsmartinstaller_enu.exe [2012.10.16 07:59:25 | 000,000,000 | ---D | C] -- C:\Users\Kerstin\AppData\Local\Logitech® Webcam-Software [2012.10.16 07:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech [2012.10.16 07:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LWS [2012.10.16 07:53:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech [2012.10.14 19:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.10.14 19:16:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2012.10.13 21:04:40 | 000,000,000 | ---D | C] -- C:\Users\Kerstin\AppData\Local\Mozilla [2012.09.30 00:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2012.09.22 16:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft ========== Files - Modified Within 30 Days ========== [2012.10.21 12:54:28 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.21 12:54:28 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.21 12:51:37 | 001,529,252 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.21 12:51:37 | 000,665,062 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.21 12:51:37 | 000,625,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.21 12:51:37 | 000,134,972 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.21 12:51:37 | 000,110,624 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.21 12:47:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.21 12:47:21 | 2136,592,383 | -HS- | M] () -- C:\hiberfil.sys [2012.10.21 01:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.20 12:56:09 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.20 12:40:01 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2012.10.19 21:06:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012.10.18 18:15:41 | 000,001,112 | ---- | M] () -- C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2012.10.16 08:04:08 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Kerstin\Desktop\esetsmartinstaller_enu.exe [2012.10.16 07:53:25 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk [2012.10.14 20:19:13 | 000,002,485 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.10.14 19:33:44 | 000,005,898 | ---- | M] () -- C:\Users\Kerstin\Desktop\Logfile.7z [2012.10.14 18:00:09 | 000,000,000 | ---- | M] () -- C:\Users\Kerstin\defogger_reenable [2012.10.14 02:07:05 | 000,050,477 | ---- | M] () -- C:\Users\Kerstin\Desktop\Defogger.exe [2012.10.10 08:32:20 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\AntiError.lnk [2012.10.03 00:21:00 | 000,016,127 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012.10.02 21:51:15 | 003,536,817 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.22 16:34:37 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk ========== Files Created - No Company Name ========== [2012.10.16 07:53:53 | 000,001,112 | ---- | C] () -- C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2012.10.16 07:53:25 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk [2012.10.14 19:33:44 | 000,005,898 | ---- | C] () -- C:\Users\Kerstin\Desktop\Logfile.7z [2012.10.14 18:00:09 | 000,000,000 | ---- | C] () -- C:\Users\Kerstin\defogger_reenable [2012.10.14 02:07:05 | 000,050,477 | ---- | C] () -- C:\Users\Kerstin\Desktop\Defogger.exe [2012.07.23 22:25:28 | 000,007,605 | ---- | C] () -- C:\Users\Kerstin\AppData\Local\Resmon.ResmonCfg [2012.04.21 20:48:19 | 000,000,095 | ---- | C] () -- C:\Users\Kerstin\AppData\Local\fusioncache.dat [2012.03.18 17:17:21 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2012.03.18 17:17:21 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2012.03.18 16:33:22 | 001,554,746 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.09.19 15:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2011.08.19 11:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2011.08.19 11:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2011.08.19 11:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.06.15 12:11:06 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Ad-Aware Antivirus [2012.10.20 12:53:37 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\ICQ [2012.07.27 14:07:07 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Leadertech [2012.09.14 20:39:51 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Origin [2012.03.18 19:52:48 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\RIFT [2012.10.18 19:14:16 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\SoftGrid Client [2012.03.18 16:34:24 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\TP [2012.10.20 03:18:41 | 000,000,000 | ---D | M] -- C:\Users\Kerstin normal\AppData\Roaming\ICQ [2012.10.19 00:50:35 | 000,000,000 | ---D | M] -- C:\Users\Kerstin normal\AppData\Roaming\SoftGrid Client ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.06.15 12:11:06 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Ad-Aware Antivirus [2012.03.27 22:17:29 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Adobe [2012.10.20 12:53:37 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\ICQ [2012.03.17 21:36:27 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Identities [2012.07.27 14:07:07 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Leadertech [2012.03.18 20:34:49 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Macromedia [2012.07.05 23:01:05 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Malwarebytes [2010.11.21 09:00:23 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Media Center Programs [2012.09.14 19:52:36 | 000,000,000 | --SD | M] -- C:\Users\Kerstin\AppData\Roaming\Microsoft [2012.04.22 23:58:56 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Mozilla [2012.06.29 20:38:24 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\NVIDIA [2012.09.14 20:39:51 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Origin [2012.03.18 19:52:48 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\RIFT [2012.10.20 12:39:34 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\Skype [2012.10.18 19:14:16 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\SoftGrid Client [2012.03.18 16:34:24 | 000,000,000 | ---D | M] -- C:\Users\Kerstin\AppData\Roaming\TP < %APPDATA%\*.exe /s > [2012.10.16 07:53:53 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Kerstin\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe [2012.09.14 19:52:36 | 000,010,134 | R--- | M] () -- C:\Users\Kerstin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2009.06.04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\drivers\iaStor.sys [2009.06.04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys [2009.06.04 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_c065a1006c648409\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.11.24 09:30:43 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.11.24 09:30:43 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.11.24 09:30:43 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.11.24 09:30:43 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.11.24 09:30:43 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.11.24 09:30:43 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.11.24 09:30:43 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.11.24 09:30:43 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > |
|
21.10.2012, 12:48
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.JS.Iframe.BY auf PC gefunden Ist recht unauffällig Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 13:11
| #21 |
| | Trojan.JS.Iframe.BY auf PC gefunden Huhu! Okay, hier ist das TDSS-Log Code:
ATTFilter 14:06:45.0165 3196 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
14:06:45.0337 3196 ============================================================
14:06:45.0337 3196 Current date / time: 2012/10/21 14:06:45.0337
14:06:45.0337 3196 SystemInfo:
14:06:45.0337 3196
14:06:45.0337 3196 OS Version: 6.1.7601 ServicePack: 1.0
14:06:45.0337 3196 Product type: Workstation
14:06:45.0337 3196 ComputerName: ANGELSCAGE
14:06:45.0337 3196 UserName: Kerstin
14:06:45.0337 3196 Windows directory: C:\Windows
14:06:45.0337 3196 System windows directory: C:\Windows
14:06:45.0337 3196 Running under WOW64
14:06:45.0337 3196 Processor architecture: Intel x64
14:06:45.0337 3196 Number of processors: 6
14:06:45.0337 3196 Page size: 0x1000
14:06:45.0337 3196 Boot type: Normal boot
14:06:45.0337 3196 ============================================================
14:06:45.0555 3196 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:06:45.0571 3196 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:06:45.0587 3196 ============================================================
14:06:45.0587 3196 \Device\Harddisk0\DR0:
14:06:45.0587 3196 MBR partitions:
14:06:45.0587 3196 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:06:45.0587 3196 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F99800
14:06:45.0587 3196 \Device\Harddisk1\DR1:
14:06:45.0587 3196 MBR partitions:
14:06:45.0587 3196 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
14:06:45.0587 3196 ============================================================
14:06:45.0587 3196 C: <-> \Device\Harddisk0\DR0\Partition2
14:06:45.0602 3196 D: <-> \Device\Harddisk1\DR1\Partition1
14:06:45.0602 3196 ============================================================
14:06:45.0602 3196 Initialize success
14:06:45.0602 3196 ============================================================
14:07:23.0635 4556 ============================================================
14:07:23.0635 4556 Scan started
14:07:23.0635 4556 Mode: Manual; SigCheck; TDLFS;
14:07:23.0635 4556 ============================================================
14:07:23.0744 4556 ================ Scan system memory ========================
14:07:23.0744 4556 System memory - ok
14:07:23.0744 4556 ================ Scan services =============================
14:07:23.0791 4556 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:07:23.0822 4556 1394ohci - ok
14:07:23.0822 4556 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:07:23.0838 4556 ACPI - ok
14:07:23.0838 4556 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:07:23.0853 4556 AcpiPmi - ok
14:07:23.0869 4556 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:07:23.0869 4556 AdobeARMservice - ok
14:07:23.0885 4556 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:07:23.0900 4556 AdobeFlashPlayerUpdateSvc - ok
14:07:23.0900 4556 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:07:23.0916 4556 adp94xx - ok
14:07:23.0931 4556 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:07:23.0931 4556 adpahci - ok
14:07:23.0947 4556 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:07:23.0947 4556 adpu320 - ok
14:07:23.0963 4556 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:07:23.0978 4556 AeLookupSvc - ok
14:07:23.0978 4556 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:07:23.0994 4556 AFD - ok
14:07:24.0009 4556 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:07:24.0009 4556 agp440 - ok
14:07:24.0009 4556 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:07:24.0025 4556 ALG - ok
14:07:24.0025 4556 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:07:24.0025 4556 aliide - ok
14:07:24.0041 4556 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:07:24.0041 4556 amdide - ok
14:07:24.0041 4556 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:07:24.0056 4556 AmdK8 - ok
14:07:24.0056 4556 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:07:24.0056 4556 AmdPPM - ok
14:07:24.0072 4556 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:07:24.0072 4556 amdsata - ok
14:07:24.0072 4556 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:07:24.0087 4556 amdsbs - ok
14:07:24.0087 4556 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:07:24.0103 4556 amdxata - ok
14:07:24.0103 4556 [ A1434F35B7B171CB697D74D33F7D029F ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
14:07:24.0103 4556 amd_sata - ok
14:07:24.0119 4556 [ E9B5A82FA268BB2D1B012030D5F4E096 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
14:07:24.0119 4556 amd_xata - ok
14:07:24.0119 4556 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:07:24.0197 4556 AppID - ok
14:07:24.0197 4556 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:07:24.0228 4556 AppIDSvc - ok
14:07:24.0228 4556 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:07:24.0259 4556 Appinfo - ok
14:07:24.0259 4556 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:07:24.0259 4556 arc - ok
14:07:24.0275 4556 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:07:24.0275 4556 arcsas - ok
14:07:24.0275 4556 [ E3B9C89D2ED4A538AB2FC6EC76FA2B17 ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys
14:07:24.0290 4556 asmthub3 - ok
14:07:24.0290 4556 [ 88CE83BE5176020BE39194A6369AF2C2 ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys
14:07:24.0306 4556 asmtxhci - ok
14:07:24.0321 4556 aspnet_state - ok
14:07:24.0321 4556 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:07:24.0337 4556 AsyncMac - ok
14:07:24.0337 4556 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:07:24.0353 4556 atapi - ok
14:07:24.0353 4556 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:07:24.0384 4556 AudioEndpointBuilder - ok
14:07:24.0399 4556 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:07:24.0415 4556 AudioSrv - ok
14:07:24.0431 4556 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:07:24.0431 4556 AxInstSV - ok
14:07:24.0446 4556 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:07:24.0462 4556 b06bdrv - ok
14:07:24.0462 4556 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:07:24.0477 4556 b57nd60a - ok
14:07:24.0477 4556 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:07:24.0493 4556 BDESVC - ok
14:07:24.0493 4556 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:07:24.0509 4556 Beep - ok
14:07:24.0524 4556 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:07:24.0555 4556 BFE - ok
14:07:24.0555 4556 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:07:24.0587 4556 BITS - ok
14:07:24.0602 4556 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:07:24.0602 4556 blbdrive - ok
14:07:24.0602 4556 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:07:24.0618 4556 bowser - ok
14:07:24.0618 4556 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:07:24.0633 4556 BrFiltLo - ok
14:07:24.0633 4556 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:07:24.0633 4556 BrFiltUp - ok
14:07:24.0649 4556 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:07:24.0649 4556 Browser - ok
14:07:24.0649 4556 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:07:24.0665 4556 Brserid - ok
14:07:24.0665 4556 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:07:24.0680 4556 BrSerWdm - ok
14:07:24.0680 4556 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:07:24.0696 4556 BrUsbMdm - ok
14:07:24.0696 4556 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:07:24.0696 4556 BrUsbSer - ok
14:07:24.0711 4556 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:07:24.0711 4556 BTHMODEM - ok
14:07:24.0727 4556 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:07:24.0743 4556 bthserv - ok
14:07:24.0743 4556 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:07:24.0774 4556 cdfs - ok
14:07:24.0774 4556 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:07:24.0789 4556 cdrom - ok
14:07:24.0789 4556 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:07:24.0805 4556 CertPropSvc - ok
14:07:24.0821 4556 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:07:24.0821 4556 circlass - ok
14:07:24.0836 4556 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:07:24.0836 4556 CLFS - ok
14:07:24.0852 4556 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:07:24.0852 4556 clr_optimization_v2.0.50727_32 - ok
14:07:24.0852 4556 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:07:24.0867 4556 clr_optimization_v2.0.50727_64 - ok
14:07:24.0867 4556 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:07:24.0883 4556 clr_optimization_v4.0.30319_32 - ok
14:07:24.0883 4556 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:07:24.0883 4556 clr_optimization_v4.0.30319_64 - ok
14:07:24.0899 4556 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:07:24.0899 4556 CmBatt - ok
14:07:24.0899 4556 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:07:24.0914 4556 cmdide - ok
14:07:24.0914 4556 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:07:24.0930 4556 CNG - ok
14:07:24.0945 4556 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:07:24.0945 4556 Compbatt - ok
14:07:24.0945 4556 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:07:24.0961 4556 CompositeBus - ok
14:07:24.0961 4556 COMSysApp - ok
14:07:24.0961 4556 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:07:24.0977 4556 crcdisk - ok
14:07:24.0977 4556 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:07:24.0992 4556 CryptSvc - ok
14:07:24.0992 4556 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:07:25.0008 4556 cvhsvc - ok
14:07:25.0023 4556 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:07:25.0055 4556 DcomLaunch - ok
14:07:25.0055 4556 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:07:25.0086 4556 defragsvc - ok
14:07:25.0086 4556 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:07:25.0101 4556 DfsC - ok
14:07:25.0117 4556 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:07:25.0133 4556 Dhcp - ok
14:07:25.0133 4556 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:07:25.0164 4556 discache - ok
14:07:25.0164 4556 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:07:25.0179 4556 Disk - ok
14:07:25.0179 4556 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:07:25.0195 4556 Dnscache - ok
14:07:25.0195 4556 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:07:25.0211 4556 dot3svc - ok
14:07:25.0226 4556 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:07:25.0242 4556 DPS - ok
14:07:25.0257 4556 [ 28A88BB61B6B4A352729BA22BD2D2604 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
14:07:25.0289 4556 DragonUpdater - ok
14:07:25.0289 4556 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:07:25.0304 4556 drmkaud - ok
14:07:25.0320 4556 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:07:25.0320 4556 DXGKrnl - ok
14:07:25.0335 4556 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:07:25.0351 4556 EapHost - ok
14:07:25.0398 4556 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:07:25.0445 4556 ebdrv - ok
14:07:25.0445 4556 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:07:25.0460 4556 EFS - ok
14:07:25.0476 4556 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:07:25.0491 4556 ehRecvr - ok
14:07:25.0507 4556 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:07:25.0507 4556 ehSched - ok
14:07:25.0523 4556 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:07:25.0538 4556 elxstor - ok
14:07:25.0538 4556 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:07:25.0538 4556 ErrDev - ok
14:07:25.0554 4556 [ 3663291D0D26001A2BB67678AB61D14C ] EtronHub3 C:\Windows\System32\Drivers\EtronHub3.sys
14:07:25.0554 4556 EtronHub3 - ok
14:07:25.0554 4556 [ 744420D6C062C38F7361870F010D6D4B ] EtronXHCI C:\Windows\System32\Drivers\EtronXHCI.sys
14:07:25.0569 4556 EtronXHCI - ok
14:07:25.0569 4556 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:07:25.0601 4556 EventSystem - ok
14:07:25.0601 4556 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:07:25.0632 4556 exfat - ok
14:07:25.0632 4556 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:07:25.0663 4556 fastfat - ok
14:07:25.0663 4556 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:07:25.0679 4556 Fax - ok
14:07:25.0679 4556 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:07:25.0694 4556 fdc - ok
14:07:25.0694 4556 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:07:25.0710 4556 fdPHost - ok
14:07:25.0725 4556 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:07:25.0741 4556 FDResPub - ok
14:07:25.0741 4556 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:07:25.0757 4556 FileInfo - ok
14:07:25.0757 4556 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:07:25.0772 4556 Filetrace - ok
14:07:25.0772 4556 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:07:25.0788 4556 flpydisk - ok
14:07:25.0788 4556 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:07:25.0803 4556 FltMgr - ok
14:07:25.0819 4556 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:07:25.0835 4556 FontCache - ok
14:07:25.0850 4556 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:07:25.0850 4556 FontCache3.0.0.0 - ok
14:07:25.0850 4556 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:07:25.0866 4556 FsDepends - ok
14:07:25.0866 4556 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:07:25.0866 4556 Fs_Rec - ok
14:07:25.0866 4556 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:07:25.0881 4556 fvevol - ok
14:07:25.0881 4556 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:07:25.0897 4556 gagp30kx - ok
14:07:25.0913 4556 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:07:25.0928 4556 gpsvc - ok
14:07:25.0944 4556 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:07:25.0944 4556 hcw85cir - ok
14:07:25.0944 4556 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:07:25.0959 4556 HDAudBus - ok
14:07:25.0959 4556 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:07:25.0975 4556 HidBatt - ok
14:07:25.0975 4556 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:07:25.0991 4556 HidBth - ok
14:07:25.0991 4556 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:07:25.0991 4556 HidIr - ok
14:07:26.0006 4556 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:07:26.0022 4556 hidserv - ok
14:07:26.0022 4556 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:07:26.0037 4556 HidUsb - ok
14:07:26.0037 4556 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:07:26.0053 4556 hkmsvc - ok
14:07:26.0069 4556 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:07:26.0069 4556 HomeGroupListener - ok
14:07:26.0084 4556 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:07:26.0084 4556 HomeGroupProvider - ok
14:07:26.0084 4556 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:07:26.0100 4556 HpSAMD - ok
14:07:26.0115 4556 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:07:26.0131 4556 HTTP - ok
14:07:26.0147 4556 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:07:26.0147 4556 hwpolicy - ok
14:07:26.0147 4556 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:07:26.0162 4556 i8042prt - ok
14:07:26.0162 4556 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:07:26.0178 4556 iaStor - ok
14:07:26.0178 4556 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:07:26.0193 4556 iaStorV - ok
14:07:26.0209 4556 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:07:26.0225 4556 idsvc - ok
14:07:26.0225 4556 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:07:26.0225 4556 iirsp - ok
14:07:26.0240 4556 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:07:26.0271 4556 IKEEXT - ok
14:07:26.0318 4556 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:07:26.0349 4556 IntcAzAudAddService - ok
14:07:26.0349 4556 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:07:26.0349 4556 intelide - ok
14:07:26.0365 4556 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
14:07:26.0365 4556 intelppm - ok
14:07:26.0365 4556 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:07:26.0396 4556 IPBusEnum - ok
14:07:26.0396 4556 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:07:26.0427 4556 IpFilterDriver - ok
14:07:26.0427 4556 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:07:26.0459 4556 iphlpsvc - ok
14:07:26.0459 4556 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:07:26.0474 4556 IPMIDRV - ok
14:07:26.0474 4556 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:07:26.0490 4556 IPNAT - ok
14:07:26.0505 4556 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:07:26.0505 4556 IRENUM - ok
14:07:26.0505 4556 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:07:26.0521 4556 isapnp - ok
14:07:26.0521 4556 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:07:26.0537 4556 iScsiPrt - ok
14:07:26.0537 4556 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:07:26.0552 4556 kbdclass - ok
14:07:26.0552 4556 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:07:26.0552 4556 kbdhid - ok
14:07:26.0552 4556 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:07:26.0568 4556 KeyIso - ok
14:07:26.0568 4556 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:07:26.0583 4556 KSecDD - ok
14:07:26.0583 4556 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:07:26.0583 4556 KSecPkg - ok
14:07:26.0599 4556 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:07:26.0615 4556 ksthunk - ok
14:07:26.0630 4556 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:07:26.0646 4556 KtmRm - ok
14:07:26.0661 4556 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:07:26.0677 4556 LanmanServer - ok
14:07:26.0693 4556 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:07:26.0708 4556 LanmanWorkstation - ok
14:07:26.0708 4556 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:07:26.0739 4556 lltdio - ok
14:07:26.0739 4556 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:07:26.0771 4556 lltdsvc - ok
14:07:26.0771 4556 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:07:26.0802 4556 lmhosts - ok
14:07:26.0802 4556 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:07:26.0817 4556 LSI_FC - ok
14:07:26.0817 4556 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:07:26.0817 4556 LSI_SAS - ok
14:07:26.0833 4556 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:07:26.0833 4556 LSI_SAS2 - ok
14:07:26.0833 4556 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:07:26.0849 4556 LSI_SCSI - ok
14:07:26.0849 4556 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:07:26.0880 4556 luafv - ok
14:07:26.0880 4556 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:07:26.0880 4556 LVPr2M64 - ok
14:07:26.0880 4556 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
14:07:26.0895 4556 LVRS64 - ok
14:07:26.0927 4556 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
14:07:26.0989 4556 LVUVC64 - ok
14:07:26.0989 4556 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:07:27.0005 4556 Mcx2Svc - ok
14:07:27.0005 4556 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:07:27.0020 4556 megasas - ok
14:07:27.0020 4556 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:07:27.0036 4556 MegaSR - ok
14:07:27.0036 4556 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:07:27.0051 4556 MMCSS - ok
14:07:27.0067 4556 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:07:27.0083 4556 Modem - ok
14:07:27.0083 4556 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:07:27.0098 4556 monitor - ok
14:07:27.0098 4556 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:07:27.0114 4556 mouclass - ok
14:07:27.0114 4556 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:07:27.0114 4556 mouhid - ok
14:07:27.0114 4556 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:07:27.0129 4556 mountmgr - ok
14:07:27.0129 4556 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:07:27.0145 4556 mpio - ok
14:07:27.0145 4556 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:07:27.0161 4556 mpsdrv - ok
14:07:27.0176 4556 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:07:27.0207 4556 MpsSvc - ok
14:07:27.0223 4556 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:07:27.0223 4556 MRxDAV - ok
14:07:27.0239 4556 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:07:27.0239 4556 mrxsmb - ok
14:07:27.0254 4556 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:07:27.0254 4556 mrxsmb10 - ok
14:07:27.0270 4556 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:07:27.0270 4556 mrxsmb20 - ok
14:07:27.0270 4556 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:07:27.0285 4556 msahci - ok
14:07:27.0285 4556 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:07:27.0285 4556 msdsm - ok
14:07:27.0301 4556 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:07:27.0301 4556 MSDTC - ok
14:07:27.0317 4556 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:07:27.0332 4556 Msfs - ok
14:07:27.0332 4556 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:07:27.0363 4556 mshidkmdf - ok
14:07:27.0363 4556 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:07:27.0363 4556 msisadrv - ok
14:07:27.0363 4556 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:07:27.0395 4556 MSiSCSI - ok
14:07:27.0395 4556 msiserver - ok
14:07:27.0395 4556 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:07:27.0426 4556 MSKSSRV - ok
14:07:27.0426 4556 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:07:27.0441 4556 MSPCLOCK - ok
14:07:27.0457 4556 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:07:27.0473 4556 MSPQM - ok
14:07:27.0473 4556 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:07:27.0488 4556 MsRPC - ok
14:07:27.0488 4556 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:07:27.0504 4556 mssmbios - ok
14:07:27.0504 4556 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:07:27.0519 4556 MSTEE - ok
14:07:27.0519 4556 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:07:27.0535 4556 MTConfig - ok
14:07:27.0535 4556 [ 6936198F2CC25B39CF5262436C80DF46 ] MTsensor C:\Windows\system32\drivers\ASACPI.sys
14:07:27.0535 4556 MTsensor - ok
14:07:27.0551 4556 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:07:27.0551 4556 Mup - ok
14:07:27.0566 4556 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:07:27.0597 4556 napagent - ok
14:07:27.0597 4556 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:07:27.0613 4556 NativeWifiP - ok
14:07:27.0613 4556 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:07:27.0629 4556 NDIS - ok
14:07:27.0644 4556 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:07:27.0660 4556 NdisCap - ok
14:07:27.0660 4556 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:07:27.0691 4556 NdisTapi - ok
14:07:27.0691 4556 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:07:27.0707 4556 Ndisuio - ok
14:07:27.0707 4556 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:07:27.0738 4556 NdisWan - ok
14:07:27.0738 4556 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:07:27.0769 4556 NDProxy - ok
14:07:27.0769 4556 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:07:27.0785 4556 NetBIOS - ok
14:07:27.0800 4556 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:07:27.0816 4556 NetBT - ok
14:07:27.0816 4556 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:07:27.0831 4556 Netlogon - ok
14:07:27.0831 4556 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:07:27.0863 4556 Netman - ok
14:07:27.0863 4556 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:07:27.0894 4556 netprofm - ok
14:07:27.0894 4556 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:07:27.0909 4556 NetTcpPortSharing - ok
14:07:27.0909 4556 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:07:27.0909 4556 nfrd960 - ok
14:07:27.0925 4556 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:07:27.0941 4556 NlaSvc - ok
14:07:27.0941 4556 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:07:27.0972 4556 Npfs - ok
14:07:27.0972 4556 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:07:27.0987 4556 nsi - ok
14:07:28.0003 4556 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:07:28.0019 4556 nsiproxy - ok
14:07:28.0034 4556 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:07:28.0065 4556 Ntfs - ok
14:07:28.0065 4556 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:07:28.0081 4556 Null - ok
14:07:28.0081 4556 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
14:07:28.0097 4556 nusb3hub - ok
14:07:28.0097 4556 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
14:07:28.0112 4556 nusb3xhc - ok
14:07:28.0112 4556 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:07:28.0112 4556 NVHDA - ok
14:07:28.0206 4556 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:07:28.0331 4556 nvlddmkm - ok
14:07:28.0346 4556 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:07:28.0346 4556 nvraid - ok
14:07:28.0362 4556 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:07:28.0362 4556 nvstor - ok
14:07:28.0362 4556 [ 8AC306A237D714C4D0451E422D91B4AF ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys
14:07:28.0377 4556 NvStUSB - ok
14:07:28.0393 4556 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
14:07:28.0409 4556 nvsvc - ok
14:07:28.0409 4556 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:07:28.0440 4556 nvUpdatusService - ok
14:07:28.0440 4556 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:07:28.0440 4556 nv_agp - ok
14:07:28.0455 4556 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:07:28.0455 4556 ohci1394 - ok
14:07:28.0471 4556 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:07:28.0471 4556 ose - ok
14:07:28.0533 4556 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:07:28.0627 4556 osppsvc - ok
14:07:28.0643 4556 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:07:28.0658 4556 p2pimsvc - ok
14:07:28.0658 4556 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:07:28.0674 4556 p2psvc - ok
14:07:28.0674 4556 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:07:28.0689 4556 Parport - ok
14:07:28.0689 4556 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:07:28.0689 4556 partmgr - ok
14:07:28.0705 4556 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:07:28.0705 4556 PcaSvc - ok
14:07:28.0721 4556 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:07:28.0721 4556 pci - ok
14:07:28.0721 4556 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:07:28.0736 4556 pciide - ok
14:07:28.0736 4556 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:07:28.0752 4556 pcmcia - ok
14:07:28.0752 4556 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:07:28.0752 4556 pcw - ok
14:07:28.0767 4556 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:07:28.0799 4556 PEAUTH - ok
14:07:28.0814 4556 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:07:28.0830 4556 PerfHost - ok
14:07:28.0845 4556 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:07:28.0877 4556 pla - ok
14:07:28.0892 4556 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:07:28.0892 4556 PlugPlay - ok
14:07:28.0908 4556 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:07:28.0908 4556 PNRPAutoReg - ok
14:07:28.0908 4556 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:07:28.0923 4556 PNRPsvc - ok
14:07:28.0923 4556 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:07:28.0955 4556 PolicyAgent - ok
14:07:28.0970 4556 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:07:28.0986 4556 Power - ok
14:07:28.0986 4556 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:07:29.0017 4556 PptpMiniport - ok
14:07:29.0017 4556 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:07:29.0033 4556 Processor - ok
14:07:29.0033 4556 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:07:29.0048 4556 ProfSvc - ok
14:07:29.0048 4556 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:07:29.0048 4556 ProtectedStorage - ok
14:07:29.0064 4556 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:07:29.0079 4556 Psched - ok
14:07:29.0095 4556 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:07:29.0126 4556 ql2300 - ok
14:07:29.0142 4556 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:07:29.0142 4556 ql40xx - ok
14:07:29.0157 4556 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:07:29.0157 4556 QWAVE - ok
14:07:29.0173 4556 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:07:29.0173 4556 QWAVEdrv - ok
14:07:29.0173 4556 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:07:29.0204 4556 RasAcd - ok
14:07:29.0204 4556 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:07:29.0235 4556 RasAgileVpn - ok
14:07:29.0235 4556 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:07:29.0251 4556 RasAuto - ok
14:07:29.0267 4556 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:07:29.0282 4556 Rasl2tp - ok
14:07:29.0282 4556 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:07:29.0313 4556 RasMan - ok
14:07:29.0313 4556 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:07:29.0345 4556 RasPppoe - ok
14:07:29.0345 4556 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:07:29.0360 4556 RasSstp - ok
14:07:29.0376 4556 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:07:29.0391 4556 rdbss - ok
14:07:29.0391 4556 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:07:29.0407 4556 rdpbus - ok
14:07:29.0407 4556 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:07:29.0438 4556 RDPCDD - ok
14:07:29.0438 4556 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:07:29.0454 4556 RDPENCDD - ok
14:07:29.0454 4556 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:07:29.0485 4556 RDPREFMP - ok
14:07:29.0485 4556 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:07:29.0501 4556 RDPWD - ok
14:07:29.0501 4556 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:07:29.0516 4556 rdyboost - ok
14:07:29.0516 4556 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:07:29.0532 4556 RemoteAccess - ok
14:07:29.0547 4556 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:07:29.0563 4556 RemoteRegistry - ok
14:07:29.0563 4556 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:07:29.0594 4556 RpcEptMapper - ok
14:07:29.0594 4556 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:07:29.0594 4556 RpcLocator - ok
14:07:29.0610 4556 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:07:29.0641 4556 RpcSs - ok
14:07:29.0641 4556 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:07:29.0657 4556 rspndr - ok
14:07:29.0719 4556 [ 4B60EF388071E0BAF299496E3D6590AE ] RTCore64 D:\Programme\Afterburner\MSI Afterburner\RTCore64.sys
14:07:29.0750 4556 RTCore64 - ok
14:07:29.0766 4556 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:07:29.0781 4556 RTL8167 - ok
14:07:29.0781 4556 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:07:29.0797 4556 SamSs - ok
14:07:29.0797 4556 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:07:29.0797 4556 sbp2port - ok
14:07:29.0813 4556 SBRE - ok
14:07:29.0813 4556 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:07:29.0844 4556 SCardSvr - ok
14:07:29.0844 4556 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:07:29.0859 4556 scfilter - ok
14:07:29.0875 4556 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:07:29.0906 4556 Schedule - ok
14:07:29.0906 4556 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:07:29.0937 4556 SCPolicySvc - ok
14:07:29.0937 4556 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:07:29.0953 4556 SDRSVC - ok
14:07:29.0953 4556 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:07:29.0969 4556 secdrv - ok
14:07:29.0969 4556 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:07:30.0000 4556 seclogon - ok
14:07:30.0000 4556 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:07:30.0031 4556 SENS - ok
14:07:30.0031 4556 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:07:30.0031 4556 SensrSvc - ok
14:07:30.0031 4556 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:07:30.0047 4556 Serenum - ok
14:07:30.0047 4556 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:07:30.0062 4556 Serial - ok
14:07:30.0062 4556 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:07:30.0062 4556 sermouse - ok
14:07:30.0078 4556 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:07:30.0093 4556 SessionEnv - ok
14:07:30.0093 4556 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:07:30.0109 4556 sffdisk - ok
14:07:30.0109 4556 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:07:30.0125 4556 sffp_mmc - ok
14:07:30.0125 4556 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:07:30.0125 4556 sffp_sd - ok
14:07:30.0140 4556 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:07:30.0140 4556 sfloppy - ok
14:07:30.0156 4556 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
14:07:30.0156 4556 Sftfs - ok
14:07:30.0171 4556 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:07:30.0187 4556 sftlist - ok
14:07:30.0187 4556 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:07:30.0203 4556 Sftplay - ok
14:07:30.0203 4556 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:07:30.0203 4556 Sftredir - ok
14:07:30.0203 4556 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
14:07:30.0218 4556 Sftvol - ok
14:07:30.0218 4556 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:07:30.0234 4556 sftvsa - ok
14:07:30.0234 4556 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:07:30.0265 4556 SharedAccess - ok
14:07:30.0265 4556 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:07:30.0296 4556 ShellHWDetection - ok
14:07:30.0296 4556 [ DA492C8305434EC6F9BDD60C8B83B10E ] Si3124r5 C:\Windows\system32\drivers\Si3124r5.sys
14:07:30.0312 4556 Si3124r5 - ok
14:07:30.0312 4556 [ 8D10887A1699CF61E74467694B929B09 ] SiFilter C:\Windows\system32\drivers\SiWinAcc.sys
14:07:30.0312 4556 SiFilter - ok
14:07:30.0327 4556 [ 94E1EDA9A0B305A67EE1BBD0A68CE21A ] SiRemFil C:\Windows\system32\drivers\SiRemFil.sys
14:07:30.0327 4556 SiRemFil - ok
14:07:30.0327 4556 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:07:30.0343 4556 SiSRaid2 - ok
14:07:30.0343 4556 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:07:30.0343 4556 SiSRaid4 - ok
14:07:30.0374 4556 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate D:\Programme\Updater\Updater.exe
14:07:30.0374 4556 SkypeUpdate - ok
14:07:30.0390 4556 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:07:30.0405 4556 Smb - ok
14:07:30.0405 4556 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:07:30.0421 4556 SNMPTRAP - ok
14:07:30.0421 4556 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:07:30.0437 4556 spldr - ok
14:07:30.0437 4556 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:07:30.0452 4556 Spooler - ok
14:07:30.0499 4556 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:07:30.0561 4556 sppsvc - ok
14:07:30.0561 4556 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:07:30.0593 4556 sppuinotify - ok
14:07:30.0593 4556 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:07:30.0608 4556 srv - ok
14:07:30.0624 4556 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:07:30.0639 4556 srv2 - ok
14:07:30.0639 4556 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:07:30.0639 4556 srvnet - ok
14:07:30.0655 4556 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:07:30.0671 4556 SSDPSRV - ok
14:07:30.0686 4556 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:07:30.0702 4556 SstpSvc - ok
14:07:30.0702 4556 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:07:30.0717 4556 Stereo Service - ok
14:07:30.0717 4556 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:07:30.0733 4556 stexstor - ok
14:07:30.0733 4556 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:07:30.0749 4556 stisvc - ok
14:07:30.0764 4556 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:07:30.0764 4556 swenum - ok
14:07:30.0764 4556 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:07:30.0795 4556 swprv - ok
14:07:30.0827 4556 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:07:30.0858 4556 SysMain - ok
14:07:30.0858 4556 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:07:30.0873 4556 TabletInputService - ok
14:07:30.0873 4556 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:07:30.0905 4556 TapiSrv - ok
14:07:30.0905 4556 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:07:30.0936 4556 TBS - ok
14:07:30.0951 4556 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:07:30.0967 4556 Tcpip - ok
14:07:30.0983 4556 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:07:31.0014 4556 TCPIP6 - ok
14:07:31.0014 4556 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:07:31.0029 4556 tcpipreg - ok
14:07:31.0045 4556 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:07:31.0045 4556 TDPIPE - ok
14:07:31.0045 4556 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:07:31.0061 4556 TDTCP - ok
14:07:31.0061 4556 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:07:31.0076 4556 tdx - ok
14:07:31.0092 4556 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:07:31.0092 4556 TermDD - ok
14:07:31.0107 4556 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:07:31.0123 4556 TermService - ok
14:07:31.0139 4556 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:07:31.0139 4556 Themes - ok
14:07:31.0154 4556 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:07:31.0170 4556 THREADORDER - ok
14:07:31.0170 4556 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:07:31.0201 4556 TrkWks - ok
14:07:31.0201 4556 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:07:31.0232 4556 TrustedInstaller - ok
14:07:31.0232 4556 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:07:31.0248 4556 tssecsrv - ok
14:07:31.0248 4556 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:07:31.0263 4556 TsUsbFlt - ok
14:07:31.0263 4556 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:07:31.0263 4556 TsUsbGD - ok
14:07:31.0279 4556 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:07:31.0295 4556 tunnel - ok
14:07:31.0295 4556 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:07:31.0310 4556 uagp35 - ok
14:07:31.0310 4556 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:07:31.0341 4556 udfs - ok
14:07:31.0341 4556 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:07:31.0357 4556 UI0Detect - ok
14:07:31.0357 4556 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:07:31.0357 4556 uliagpkx - ok
14:07:31.0373 4556 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:07:31.0373 4556 umbus - ok
14:07:31.0373 4556 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:07:31.0388 4556 UmPass - ok
14:07:31.0388 4556 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:07:31.0404 4556 UMVPFSrv - ok
14:07:31.0404 4556 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:07:31.0435 4556 upnphost - ok
14:07:31.0435 4556 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:07:31.0451 4556 usbaudio - ok
14:07:31.0451 4556 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:07:31.0451 4556 usbccgp - ok
14:07:31.0466 4556 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:07:31.0466 4556 usbcir - ok
14:07:31.0482 4556 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:07:31.0482 4556 usbehci - ok
14:07:31.0482 4556 [ 33A58C5630200E17B51C8D73DD64181B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
14:07:31.0497 4556 usbfilter - ok
14:07:31.0497 4556 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
14:07:31.0513 4556 usbhub - ok
14:07:31.0513 4556 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:07:31.0513 4556 usbohci - ok
14:07:31.0529 4556 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:07:31.0529 4556 usbprint - ok
14:07:31.0529 4556 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:07:31.0544 4556 USBSTOR - ok
14:07:31.0544 4556 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:07:31.0544 4556 usbuhci - ok
14:07:31.0560 4556 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:07:31.0575 4556 UxSms - ok
14:07:31.0575 4556 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:07:31.0591 4556 VaultSvc - ok
14:07:31.0591 4556 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:07:31.0591 4556 vdrvroot - ok
14:07:31.0607 4556 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:07:31.0622 4556 vds - ok
14:07:31.0638 4556 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:07:31.0638 4556 vga - ok
14:07:31.0638 4556 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:07:31.0669 4556 VgaSave - ok
14:07:31.0669 4556 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:07:31.0685 4556 vhdmp - ok
14:07:31.0685 4556 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:07:31.0685 4556 viaide - ok
14:07:31.0685 4556 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:07:31.0700 4556 volmgr - ok
14:07:31.0700 4556 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:07:31.0716 4556 volmgrx - ok
14:07:31.0716 4556 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:07:31.0731 4556 volsnap - ok
14:07:31.0731 4556 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:07:31.0747 4556 vsmraid - ok
14:07:31.0763 4556 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:07:31.0809 4556 VSS - ok
14:07:31.0809 4556 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:07:31.0825 4556 vwifibus - ok
14:07:31.0825 4556 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:07:31.0856 4556 W32Time - ok
14:07:31.0856 4556 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:07:31.0872 4556 WacomPen - ok
14:07:31.0872 4556 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:07:31.0903 4556 WANARP - ok
14:07:31.0903 4556 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:07:31.0919 4556 Wanarpv6 - ok
14:07:31.0934 4556 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:07:31.0950 4556 wbengine - ok
14:07:31.0965 4556 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:07:31.0965 4556 WbioSrvc - ok
14:07:31.0981 4556 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:07:31.0997 4556 wcncsvc - ok
14:07:31.0997 4556 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:07:32.0012 4556 WcsPlugInService - ok
14:07:32.0012 4556 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:07:32.0012 4556 Wd - ok
14:07:32.0028 4556 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:07:32.0043 4556 Wdf01000 - ok
14:07:32.0043 4556 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:07:32.0059 4556 WdiServiceHost - ok
14:07:32.0059 4556 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:07:32.0075 4556 WdiSystemHost - ok
14:07:32.0075 4556 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:07:32.0090 4556 WebClient - ok
14:07:32.0090 4556 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:07:32.0121 4556 Wecsvc - ok
14:07:32.0121 4556 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:07:32.0153 4556 wercplsupport - ok
14:07:32.0153 4556 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:07:32.0168 4556 WerSvc - ok
14:07:32.0184 4556 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:07:32.0199 4556 WfpLwf - ok
14:07:32.0199 4556 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:07:32.0215 4556 WIMMount - ok
14:07:32.0215 4556 WinDefend - ok
14:07:32.0215 4556 WinHttpAutoProxySvc - ok
14:07:32.0231 4556 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:07:32.0246 4556 Winmgmt - ok
14:07:32.0262 4556 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:07:32.0309 4556 WinRM - ok
14:07:32.0309 4556 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:07:32.0324 4556 WinUsb - ok
14:07:32.0340 4556 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:07:32.0355 4556 Wlansvc - ok
14:07:32.0355 4556 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:07:32.0371 4556 WmiAcpi - ok
14:07:32.0371 4556 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:07:32.0387 4556 wmiApSrv - ok
14:07:32.0387 4556 WMPNetworkSvc - ok
14:07:32.0387 4556 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:07:32.0387 4556 WPCSvc - ok
14:07:32.0402 4556 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:07:32.0418 4556 WPDBusEnum - ok
14:07:32.0418 4556 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:07:32.0433 4556 ws2ifsl - ok
14:07:32.0449 4556 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:07:32.0449 4556 wscsvc - ok
14:07:32.0449 4556 WSearch - ok
14:07:32.0480 4556 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:07:32.0527 4556 wuauserv - ok
14:07:32.0527 4556 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:07:32.0558 4556 WudfPf - ok
14:07:32.0558 4556 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:07:32.0574 4556 WUDFRd - ok
14:07:32.0589 4556 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:07:32.0605 4556 wudfsvc - ok
14:07:32.0605 4556 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:07:32.0621 4556 WwanSvc - ok
14:07:32.0621 4556 ================ Scan global ===============================
14:07:32.0621 4556 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:07:32.0636 4556 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:07:32.0636 4556 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:07:32.0636 4556 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:07:32.0652 4556 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:07:32.0652 4556 [Global] - ok
14:07:32.0652 4556 ================ Scan MBR ==================================
14:07:32.0652 4556 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:07:32.0730 4556 \Device\Harddisk0\DR0 - ok
14:07:32.0730 4556 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:07:32.0792 4556 \Device\Harddisk1\DR1 - ok
14:07:32.0792 4556 ================ Scan VBR ==================================
14:07:32.0792 4556 [ 14F33D901EB03952C834E48C28FCF4EF ] \Device\Harddisk0\DR0\Partition1
14:07:32.0792 4556 \Device\Harddisk0\DR0\Partition1 - ok
14:07:32.0808 4556 [ 2AF00395356ABA69A0D971E164BC2536 ] \Device\Harddisk0\DR0\Partition2
14:07:32.0808 4556 \Device\Harddisk0\DR0\Partition2 - ok
14:07:32.0808 4556 [ 5BB7869DECB0F6ADCC89483823852CB7 ] \Device\Harddisk1\DR1\Partition1
14:07:32.0823 4556 \Device\Harddisk1\DR1\Partition1 - ok
14:07:32.0823 4556 ============================================================
14:07:32.0823 4556 Scan finished
14:07:32.0823 4556 ============================================================
14:07:32.0823 1448 Detected object count: 0
14:07:32.0823 1448 Actual detected object count: 0
|
|
21.10.2012, 13:17
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.JS.Iframe.BY auf PC gefunden Ist auch unauffällig, noch Probleme offen?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 13:20
| #23 |
| | Trojan.JS.Iframe.BY auf PC gefunden Nein... wie gesagt, der PC lief eigentlich durchgehend gut. Ich hatte nur Angst, weil ich eben auf diese eine HP gegangen war und dem Fund, den ich danach hatte, dass der Trojaner eben irgendetwas im System angestellt hat, dass ich so bei der normalen Benutzung nicht merke, bzw. was halt noch nicht aktiv ist. Edit: Ach ja, und das komische Recent Places ist noch da... |
|
21.10.2012, 13:26
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.JS.Iframe.BY auf PC gefunden Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 14:31
| #25 |
| | Trojan.JS.Iframe.BY auf PC gefunden Okay, hier sind die beiden Logs! Ich habe die Funde von SUPERAntiSpyware jetzt noch nicht gelöscht, sondern nur in Quarantäne verschoben. Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/21/2012 at 03:24 PM
Application Version : 5.6.1012
Core Rules Database Version : 9446
Trace Rules Database Version: 7258
Scan type : Complete Scan
Total Scan Time : 00:26:13
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 521
Memory threats detected : 0
Registry items scanned : 77497
Registry threats detected : 0
File items scanned : 138068
File threats detected : 199
Adware.Tracking Cookie
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\PF7S0KL1.txt [ /invitemedia.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\AV0GVNF3.txt [ /adfarm1.adition.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\5Z2OTKQN.txt [ /ads.creative-serving.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\E4J5QEHY.txt [ /ad.zanox.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\LZPY4DYD.txt [ /apmebf.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\LKQNBKQL.txt [ /atdmt.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\3LMZ7UM0.txt [ /serving-sys.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\1Z0G6WJ2.txt [ /tradedoubler.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\4AAHWC58.txt [ /c.atdmt.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\CUNYCFGH.txt [ /ad.yieldmanager.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\3NE4692M.txt [ /mediaplex.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\Z3X6QII6.txt [ /doubleclick.net ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\17QS0T27.txt [ /server.adformdsp.net ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\91B1LNV9.txt [ /ad3.adfarm1.adition.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\05CECUQX.txt [ /bs.serving-sys.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\UG931IZT.txt [ /track.adform.net ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\MNWDFRMC.txt [ /ad.360yield.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\V03TOC9T.txt [ /eaeacom.112.2o7.net ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\UMZMQODX.txt [ /zanox.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\QRZDGMOA.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\3IK0E0ES.txt [ /adformdsp.net ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\BQLPZS5X.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\1ZZSH7HM.txt [ /fastclick.net ]
C:\Users\Kerstin\AppData\Roaming\Microsoft\Windows\Cookies\JUY6HFP3.txt [ /adform.net ]
C:\USERS\KERSTIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\EBGB3P0V.txt [ Cookie:kerstin@adx.chip.de/ ]
C:\USERS\KERSTIN\AppData\Roaming\Microsoft\Windows\Cookies\Low\2WH8PVFV.txt [ Cookie:kerstin@atdmt.com/ ]
C:\USERS\KERSTIN\Cookies\AV0GVNF3.txt [ Cookie:kerstin@adfarm1.adition.com/ ]
C:\USERS\KERSTIN\Cookies\E4J5QEHY.txt [ Cookie:kerstin@ad.zanox.com/ ]
C:\USERS\KERSTIN\Cookies\LZPY4DYD.txt [ Cookie:kerstin@apmebf.com/ ]
C:\USERS\KERSTIN\Cookies\LKQNBKQL.txt [ Cookie:kerstin@atdmt.com/ ]
C:\USERS\KERSTIN\Cookies\3LMZ7UM0.txt [ Cookie:kerstin@serving-sys.com/ ]
C:\USERS\KERSTIN\Cookies\1Z0G6WJ2.txt [ Cookie:kerstin@tradedoubler.com/ ]
C:\USERS\KERSTIN\Cookies\CUNYCFGH.txt [ Cookie:kerstin@ad.yieldmanager.com/ ]
C:\USERS\KERSTIN\Cookies\3NE4692M.txt [ Cookie:kerstin@mediaplex.com/ ]
C:\USERS\KERSTIN\Cookies\17QS0T27.txt [ Cookie:kerstin@server.adformdsp.net/ ]
C:\USERS\KERSTIN\Cookies\05CECUQX.txt [ Cookie:kerstin@bs.serving-sys.com/ ]
C:\USERS\KERSTIN\Cookies\UG931IZT.txt [ Cookie:kerstin@track.adform.net/ ]
C:\USERS\KERSTIN\Cookies\V03TOC9T.txt [ Cookie:kerstin@eaeacom.112.2o7.net/ ]
C:\USERS\KERSTIN\Cookies\UMZMQODX.txt [ Cookie:kerstin@zanox.com/ ]
C:\USERS\KERSTIN\Cookies\QRZDGMOA.txt [ Cookie:kerstin@ad2.adfarm1.adition.com/ ]
C:\USERS\KERSTIN\Cookies\3IK0E0ES.txt [ Cookie:kerstin@adformdsp.net/ ]
C:\USERS\KERSTIN\Cookies\1ZZSH7HM.txt [ Cookie:kerstin@fastclick.net/ ]
C:\USERS\KERSTIN\Cookies\JUY6HFP3.txt [ Cookie:kerstin@adform.net/ ]
C:\USERS\KERSTIN NORMAL\AppData\Roaming\Microsoft\Windows\Cookies\BBURO10J.txt [ Cookie:kerstin normal@invitemedia.com/ ]
C:\USERS\KERSTIN NORMAL\AppData\Roaming\Microsoft\Windows\Cookies\YOQCJT4U.txt [ Cookie:kerstin normal@mediaplex.com/ ]
C:\USERS\KERSTIN NORMAL\AppData\Roaming\Microsoft\Windows\Cookies\9J6L2N50.txt [ Cookie:kerstin normal@ad2.adfarm1.adition.com/ ]
C:\USERS\KERSTIN NORMAL\AppData\Roaming\Microsoft\Windows\Cookies\UXNY4597.txt [ Cookie:kerstin normal@doubleclick.net/ ]
C:\USERS\KERSTIN NORMAL\AppData\Roaming\Microsoft\Windows\Cookies\XDO6EOWC.txt [ Cookie:kerstin normal@adfarm1.adition.com/ ]
C:\USERS\KERSTIN NORMAL\AppData\Roaming\Microsoft\Windows\Cookies\ONA2ASUR.txt [ Cookie:kerstin normal@apmebf.com/ ]
C:\USERS\KERSTIN NORMAL\AppData\Roaming\Microsoft\Windows\Cookies\CNIDM2ED.txt [ Cookie:kerstin normal@atdmt.com/ ]
C:\USERS\KERSTIN NORMAL\AppData\Roaming\Microsoft\Windows\Cookies\A84XCRZ3.txt [ Cookie:kerstin normal@c.atdmt.com/ ]
C:\USERS\KERSTIN NORMAL\Cookies\BBURO10J.txt [ Cookie:kerstin normal@invitemedia.com/ ]
C:\USERS\KERSTIN NORMAL\Cookies\YOQCJT4U.txt [ Cookie:kerstin normal@mediaplex.com/ ]
C:\USERS\KERSTIN NORMAL\Cookies\9J6L2N50.txt [ Cookie:kerstin normal@ad2.adfarm1.adition.com/ ]
C:\USERS\KERSTIN NORMAL\Cookies\UXNY4597.txt [ Cookie:kerstin normal@doubleclick.net/ ]
C:\USERS\KERSTIN NORMAL\Cookies\XDO6EOWC.txt [ Cookie:kerstin normal@adfarm1.adition.com/ ]
C:\USERS\KERSTIN NORMAL\Cookies\ONA2ASUR.txt [ Cookie:kerstin normal@apmebf.com/ ]
C:\USERS\KERSTIN NORMAL\Cookies\CNIDM2ED.txt [ Cookie:kerstin normal@atdmt.com/ ]
C:\USERS\KERSTIN NORMAL\Cookies\A84XCRZ3.txt [ Cookie:kerstin normal@c.atdmt.com/ ]
i.adultswim.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YD37N4Z4 ]
s0.2mdn.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YD37N4Z4 ]
www.mediadesign.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YD37N4Z4 ]
.invitemedia.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.myaccount.turbine.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
tracking.reedge.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.bayern.pfadfinden.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.bayern.pfadfinden.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.mediadesign.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.mediadesign.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.mediadesign.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.account.swtor.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.cmp.112.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.wir-finden-jobs.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.wir-finden-jobs.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.wir-finden-jobs.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.libri.112.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
s07.flagcounter.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
games.adultswim.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.adultswim.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.myaccount.turbine.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
kursnet-finden.arbeitsagentur.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.sonyeurope.112.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.sonycorporate.112.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
pulse-analytics-beacon.reutersmedia.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
games.adultswim.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.apartmentfinder.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.clickbank.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.clickbank.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
ebusiness.springer-business-media.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.eqtracking.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.eqtracking.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.eqtracking.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.stats.canalblog.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
livestat.derstandard.at [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.trackalyzer.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.seloger.122.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgk4khdpefo.stats.esomniture.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.stepstone.112.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.mediacet.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.tuiinteractive.122.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.eqtracking.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.eqtracking.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.ardmediathek.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
stats.computecmedia.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.eaeacom.112.2o7.net [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.counterbox.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\KERSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W3CWAZLB.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\KERSTIN NORMAL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H3R44Z8G.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.21.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Kerstin :: ANGELSCAGE [Administrator] 21.10.2012 14:36:49 mbam-log-2012-10-21 (14-36-49).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 364503 Laufzeit: 10 Minute(n), 43 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende)  Geändert von Kaby (21.10.2012 um 14:56 Uhr) |
|
21.10.2012, 16:31
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.JS.Iframe.BY auf PC gefunden Sieht ok aus, da wurden nur Cookies gefunden, die können alle weg. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 16:38
| #27 |
| | Trojan.JS.Iframe.BY auf PC gefunden Erstmal vielen, vielen Dank für die Hilfe! Nein, es gibt keine weiteren Probleme oder Funde mit dem PC, ich würde mir nur gerne rasch wieder einen neuen Virenscanner holen. Werde mal Avast ausprobieren. Kann ich das jetzt machen oder soll ich damit noch warten? Ansonsten werde ich mir mal Cookie Cullar holen und mich generell etwas wegen Cookies schlau machen  |
|
21.10.2012, 16:43
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.JS.Iframe.BY auf PC gefunden Avast Free ist ok Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.10.2012, 18:48
| #29 |
| | Trojan.JS.Iframe.BY auf PC gefunden Nochmal vielen lieben Dank für die Hilfe und die ganzen Tipps Cookies werde ich wohl generell löschen, bzw. mir wohl auch einen zweiten Browser zulegen. Aber an sich logge ich mich eh meistens neu ein, wenn ich online gehe. Mein Acrobat Reader war wirklich eine ältere Version, ohne dass ich es gemerkt habe *hüstel* Vielen Dank nochmal! Ich werde darauf achten, dass mein PC in Zukunft sicherer ist! Und mir vor allem für den Notfall Sicherungskopien ziehen! |
|
| Themen zu Trojan.JS.Iframe.BY auf PC gefunden |
| .dll, ad-aware, adobe, adobe flash player, antivirus, autorun, einstellungen, emsisoft, explorer, festplatte, firefox, flash player, format, home, log, logfile, lws.exe, malware, nicht sicher, nvidia, nvidia update, object, programm, programme, realtek, recycle.bin, registry, security, traces, trojaner-board, windows |
Linear-Darstellung
