| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 1und1 warnt mich vor Open Dns ResolverWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.01.2014, 18:57
| #1 |
 |  1und1 warnt mich vor Open Dns Resolver Hallo, 1und1 hat mir geschrieben, das ein Virus auf meinem Rechner ist: Code:
ATTFilter Unsere Referenz: [Ticket AB83323662]
Hinweis: Ihre Kundennummer und Ihr Name zeigen Ihnen, dass diese Nachricht von der 1&1 Telecom GmbH verschickt wurde.
Sehr geehrte/r Herr XXXX,
heute erhalten Sie eine dringende Nachricht zu Ihrem 1&1 DSL-Anschluss. 1&1 hat
es sich zur Aufgabe gemacht, seine Kunden vor den Gefahren des Internets zu
schützen.
Unser Expertenteam hat Hinweise erhalten, dass sich ein Virus auf einem Computer
an Ihrem DSL-Anschluss befindet.
Virusname: Open DNS Resolver
Datum und Uhrzeit des Hinweises: 2014-01-21 13:59:34
Tipp: Sollten mehrere Computer hinter Ihrem 1&1 DSL-Anschluss angeschlossen
sein, gibt Ihnen dieses Datum einen Hinweis auf den betroffenen Computer.
Und so stellen Sie die Sicherheit Ihres Anschlusses wieder her:
1. Löschen Sie den Virus:
Damit Sie den Virus gleich erkennen und ganz einfach von Ihrem Computer
entfernen können, nutzen Sie den praktischen und kostenlosen EU/DE-Cleaner.
Dieses Programm stellt Ihnen die deutsche Initiative botfrei.de zur Verfügung.
Und hier geht es zum EU/DE-Cleaner: https://www.botfrei.de/1und1/
Sollten Sie bei der Anwendung des EU/DE-Cleaners und beim Löschen des Virus
Unterstützung brauchen, hilft Ihnen das Anti-Botnet-Beratungszentrum gerne weiter.
Sie erreichen das Anti-Botnet-Beratungszentrum unter der folgenden Rufnummer:
0221 - 677 84 977
Wichtig: Geben Sie bei Ihrem Anruf bitte die folgende Voucher-Nummer an:
01 - 83323662
2. Schützen Sie Ihren Computer in Zukunft:
Haben Sie eine professionelle Anti-Viren-Software auf Ihrem Computer
installiert? Das 1&1 Sicherheitspaket Norton 360 schützt Sie umfassend vor allen
Gefahren des Internets. Weitere Informationen finden Sie hier:
hxxp://hilfe-center.1und1.de/bin/DE100-01-05-00006_KurzanleitungN360.pdf
Möchten Sie den Norton Ihrem Vertrag hinzufügen? Dann bestellen Sie einfach unter:
hxxp://kundenshop.1und1.de/xml/order/LandingPage?SID=3398758&action=fo&ac=OM.BK.BK263K18238T7073a
3. Ändern Sie Ihre Passwörter:
Da Viren allgemein Passwörter ausspionieren, ändern Sie zur Sicherheit alle Ihre
Passwörter und Zugangsdaten. Denken Sie an die Passwörter zu:
- Ihrem Online-Bankingzugang
- Ihrem 1&1 Control-Center
- Ihren 1&1 Mailboxen
- Ihrem WEB.DE, GMX-Postfach oder anderen E-Mail-Konten
- Ihrem eBay-Mitglieds-Konto
Haben Sie noch Fragen? Dann antworten Sie einfach auf diese E-Mail und belassen
Sie bitte unsere Referenz [Ticket AB83323662] in Ihrer Nachricht.
Oder rufen Sie uns einfach an. Wir sind gerne für Sie da.
Sie erreichen uns montags bis freitags von 08:30 bis 17:00 Uhr - kostenfrei aus dem Fest- und Mobilfunknetz der 1&1 Telecom GmbH - unter: 0721 96 00
Wir freuen uns, mit Ihnen gemeinsam für einen sicheren 1&1 DSL-Anschluss zu
sorgen - vielen Dank für Ihre Mitarbeit.
Mit freundlichen Grüßen
Ihr Abuse-Team
--
Abuse-Abteilung
1&1 Telecom GmbH
Elgendorfer Str. 57, 56410 Montabaur
Amtsgericht Montabaur HRB 22331 · Geschäftsführer: Ralph Dommermuth, Markus Huhn, Dirk Moritz, Martin Witt, Christian Würst · Member of United Internet
|
|
23.01.2014, 19:45
| #2 |
| /// the machine /// TB-Ausbilder    | 1und1 warnt mich vor Open Dns Resolver hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
23.01.2014, 19:54
| #3 |
| | 1und1 warnt mich vor Open Dns Resolver Hallo Schrauber,
__________________danke, dass du mir helfen willst. Hier sind die Logs: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-01-2014
Ran by klaus schmidtbauer (administrator) on HOME2215 on 23-01-2014 19:48:48
Running from C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVM Berlin) C:\Programme\avmwlanstick\WLanNetService.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Crawler.com) C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(FileHippo.com) C:\Programme\FileHippo.com\UpdateChecker.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SoundMan] - C:\WINDOWS\SOUNDMAN.EXE [77824 2005-03-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [FileHippo.com] - C:\Programme\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xFF000000
MountPoints2: {9a792a28-886b-11e0-b280-0040d07fbc5f} - F:\menu.exe
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\RaConfig2500.lnk
ShortcutTarget: RaConfig2500.lnk -> C:\WINDOWS\system32\RaConfig2500.exe (No File)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Wireless N-lite USB Adapter Utility.lnk
ShortcutTarget: Wireless N-lite USB Adapter Utility.lnk -> C:\Programme\ZyXEL\NWD-270N\Common\NWD-270N.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1366006702562
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{31CFEDB3-E669-4238-ADB3-4786430BFED0}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{C4D34AC3-17AE-4762-96B0-52A7020061B1}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\sweet-page.xml
FF Extension: Qualys BrowserCheck - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2013-06-16]
FF Extension: LastPass - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\support@lastpass.com [2013-10-28]
FF Extension: WOT - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Procon Latte Content Filter - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C}.xpi [2013-10-10]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-15]
FF Extension: BetterPrivacy - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-01-16]
FF Extension: Greasemonkey - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-04-30]
FF Extension: NoScript - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-04-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
========================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-01-10] (Mozilla Foundation)
S4 SandraAgentSrv; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe [68760 2009-06-13] (SiSoftware)
S4 ST2012_Svc; C:\Programme\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
S4 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [4153184 2013-07-08] (TeamViewer GmbH)
S4 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2314560 2005-03-25] (Realtek Semiconductor Corp.)
S1 AmdPPM; C:\Windows\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
R3 FET5X86V; C:\Windows\System32\DRIVERS\fetnd5bv.sys [43520 2008-09-22] (VIA Technologies, Inc. )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 FETNDISB; C:\Windows\System32\DRIVERS\fetnd5b.sys [42496 2004-04-15] (VIA Technologies, Inc. )
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2010-10-22] (AVM GmbH)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-22] (AVM GmbH)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-23] (Malwarebytes Corporation)
S3 NTSIM; C:\WINDOWS\system32\ntsim.sys [7040 2003-07-17] (VIA Networking Technologies, Inc. )
S3 SANDRA; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
S4 IntelIde; No ImagePath
S3 rt2870; system32\DRIVERS\rt2870.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-23 19:04 - 2014-01-23 19:48 - 00011527 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST.txt
2014-01-23 19:04 - 2014-01-23 19:04 - 00000000 ____D C:\FRST
2014-01-23 19:01 - 2014-01-23 19:01 - 01222144 _____ (Farbar) C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST.exe
2014-01-19 13:22 - 2014-01-19 13:22 - 00159544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-19 13:22 - 2014-01-19 13:22 - 00025440 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2014-01-16 21:38 - 2014-01-16 21:38 - 00000000 __SHD C:\FOUND.000
2014-01-16 21:17 - 2014-01-23 18:36 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-14 21:39 - 2014-01-14 21:39 - 00000190 _____ C:\drwtsn32.log
2014-01-14 21:21 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-14 21:21 - 2013-12-18 20:46 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-14 21:19 - 2014-01-14 21:19 - 00000000 ____D C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Java
2014-01-14 21:19 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-14 21:19 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-14 21:19 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-10 21:49 - 2014-01-10 21:49 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java
2014-01-10 21:48 - 2014-01-10 21:48 - 00000000 ____D C:\Programme\Java
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\genienext
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\cache
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\newnext.me
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\.android
2014-01-10 21:45 - 2014-01-10 21:46 - 00000000 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\daemonprocess.txt
2014-01-10 20:43 - 2014-01-10 20:43 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2014-01-10 19:24 - 2014-01-10 19:24 - 00000000 ____D C:\Programme\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-23 19:48 - 2014-01-23 19:04 - 00011527 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST.txt
2014-01-23 19:04 - 2014-01-23 19:04 - 00000000 ____D C:\FRST
2014-01-23 19:01 - 2014-01-23 19:01 - 01222144 _____ (Farbar) C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST.exe
2014-01-23 18:36 - 2014-01-16 21:17 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-23 17:10 - 2011-03-08 19:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-22 19:59 - 2011-03-08 19:16 - 00000190 ___SH C:\Dokumente und Einstellungen\klaus schmidtbauer\ntuser.ini
2014-01-22 19:59 - 2011-03-08 19:11 - 00032550 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-22 19:58 - 2011-03-08 19:06 - 01209724 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-22 19:43 - 2013-08-15 19:30 - 00000190 ___SH C:\Dokumente und Einstellungen\annica\ntuser.ini
2014-01-21 20:31 - 2004-08-04 12:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-19 13:22 - 2014-01-19 13:22 - 00159544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-19 13:22 - 2014-01-19 13:22 - 00025440 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2014-01-17 22:05 - 2013-04-15 11:41 - 00065536 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-01-17 22:05 - 2013-04-15 11:41 - 00065536 _____ C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-01-17 22:05 - 2011-06-15 16:54 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-16 21:38 - 2014-01-16 21:38 - 00000000 __SHD C:\FOUND.000
2014-01-16 20:33 - 2011-03-10 10:46 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-16 18:34 - 2011-04-11 20:06 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-14 21:39 - 2014-01-14 21:39 - 00000190 _____ C:\drwtsn32.log
2014-01-14 21:33 - 2013-04-18 21:03 - 00001448 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Defraggler.lnk
2014-01-14 21:29 - 2013-04-15 12:53 - 00001506 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Startmenü\Programme\Update Checker.lnk
2014-01-14 21:29 - 2013-04-15 12:53 - 00001500 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\Update Checker.lnk
2014-01-14 21:19 - 2014-01-14 21:19 - 00000000 ____D C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Java
2014-01-14 20:47 - 2013-05-01 17:47 - 00000558 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\CCleaner.lnk
2014-01-14 19:44 - 2013-04-15 12:59 - 00002347 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
2014-01-10 22:01 - 2011-03-31 18:48 - 00000606 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Mozilla Firefox.lnk
2014-01-10 22:01 - 2011-03-08 20:21 - 00000600 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
2014-01-10 22:01 - 2011-03-08 19:16 - 00000665 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Startmenü\Programme\Internet Explorer.lnk
2014-01-10 21:49 - 2014-01-10 21:49 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java
2014-01-10 21:48 - 2014-01-10 21:48 - 00000000 ____D C:\Programme\Java
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\genienext
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\cache
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\newnext.me
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\.android
2014-01-10 21:46 - 2014-01-10 21:45 - 00000000 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\daemonprocess.txt
2014-01-10 20:43 - 2014-01-10 20:43 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2014-01-10 20:10 - 2013-06-07 17:40 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-10 20:10 - 2013-04-15 08:16 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-01-10 20:10 - 2013-04-15 08:16 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-01-10 19:24 - 2014-01-10 19:24 - 00000000 ____D C:\Programme\Mozilla Firefox
2014-01-09 20:20 - 2013-09-27 19:25 - 00006442 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2004-08-04 12:00] - [2008-04-14 04:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2004-08-04 12:00] - [2008-04-14 04:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2004-08-04 12:00] - [2008-04-14 04:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2004-08-04 12:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2004-08-04 12:00] - [2008-04-14 04:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2004-08-04 12:00] - [2008-04-14 04:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\rpcss.dll
[2004-08-04 12:00] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b
ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2004-08-04 12:00] - [2008-04-14 03:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
--- --- --- und Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-01-2014 Ran by klaus schmidtbauer at 2014-01-23 19:50:34 Running from C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== ==================== Installed Programs ====================== Adobe Flash Player 11 ActiveX (Version: 11.7.700.224 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) (Version: 11.0.06 - Adobe Systems Incorporated) Athlon 64 Processor Driver (Version: 1.1.0.14 - ) AVM FRITZ!WLAN (Version: - AVM Berlin) CCleaner (Version: 4.09 - Piriform) Defraggler (Version: 2.16 - Piriform) FileHippo.com Update Checker (Version: - ) Free YouTube Download version 3.2.11.812 (Version: 3.2.11.812 - DVDVideoSoft Ltd.) Java 7 Update 51 (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden LibreOffice 4.1 Help Pack (German) (Version: 4.1.0.4 - The Document Foundation) LibreOffice 4.1.0.4 (Version: 4.1.0.4 - The Document Foundation) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla) Mozilla Maintenance Service (Version: 26.0 - Mozilla) NVIDIA WDM Drivers (Version: - ) Platform (Version: 1.1 - VIA Technologies, Inc.) Hidden Realtek AC'97 Audio (Version: - ) Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group) Sicherheitsupdate für Windows Internet Explorer 7 (KB2817183) (Version: 1 - Microsoft Corporation) Hidden Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2) (Version: 2 - Microsoft Corporation) Hidden Sicherheitsupdate für Windows Internet Explorer 7 (KB982381) (Version: 1 - Microsoft Corporation) Hidden Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB923789) (Version: - Microsoft Corporation) SiSoftware Sandra Lite 2012.SP4c (Version: 18.52.2012.6 - SiSoftware) Spyware Terminator 2012 (Version: 3.0.0.82 - Crawler.com) Synaptics Pointing Device Driver (Version: 7.11.9.0 - ) TeamViewer 8 (Version: 8.0.19617 - TeamViewer) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation) Update für Windows Internet Explorer 8 (KB2598845) (Version: 1 - Microsoft Corporation) Update für Windows Internet Explorer 8 (KB2632503) (Version: 1 - Microsoft Corporation) VIA Plattform-Geräte-Manager (Version: 1.1 - VIA Technologies, Inc.) VIA Rhine-Family Fast-Ethernet Adapter (Version: - ) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Genuine Advantage Validation Tool (KB892130) (Version: - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation) Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format 11 runtime (Version: - ) Windows Media Player 11 (Version: - ) ==================== Restore Points ========================= 16-01-2014 19:33:13 Revo Uninstaller's restore point - Google Chrome 17-01-2014 19:40:52 Systemprüfpunkt ==================== Hosts content: ========================== 2004-08-04 12:00 - 2013-08-15 20:59 - 00567908 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 fr.a2dfp.net 127.0.0.1 m.fr.a2dfp.net 127.0.0.1 ad.a8.net 127.0.0.1 asy.a8ww.net 127.0.0.1 abcstats.com 127.0.0.1 a.abv.bg 127.0.0.1 adserver.abv.bg 127.0.0.1 adv.abv.bg 127.0.0.1 bimg.abv.bg 127.0.0.1 ca.abv.bg 127.0.0.1 www2.a-counter.kiev.ua 127.0.0.1 track.acclaimnetwork.com 127.0.0.1 accuserveadsystem.com 127.0.0.1 www.accuserveadsystem.com 127.0.0.1 achmedia.com 127.0.0.1 csh.actiondesk.com 127.0.0.1 www.activemeter.com #[Tracking.Cookie] 127.0.0.1 ads.activepower.net 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie] 127.0.0.1 cms.ad2click.nl 127.0.0.1 ad2games.com 127.0.0.1 ads.ad2games.com 127.0.0.1 content.ad20.net 127.0.0.1 core.ad20.net 127.0.0.1 banner.ad.nu 127.0.0.1 cl21.v4.adaction.se 127.0.0.1 adadvisor.net 127.0.0.1 tag1.adaptiveads.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-10 19:25 - 2014-01-10 19:26 - 03559024 _____ () C:\Programme\Mozilla Firefox\mozjs.dll 2014-01-10 20:10 - 2014-01-10 20:10 - 16242056 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Videocontroller (VGA-kompatibel) Description: Videocontroller (VGA-kompatibel) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Netzwerkcontroller Description: Netzwerkcontroller Class Guid: {00000000-0000-0000-0000-000000000000} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI-Kommunikationscontroller (einfach) Description: PCI-Kommunikationscontroller (einfach) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/19/2014 01:22:33 PM) (Source: Windows Search Service) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Der Inhaltsindex kann nicht gelesen werden. (0xc0041800) Error: (01/19/2014 01:22:33 PM) (Source: Windows Search Service) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindex kann nicht gelesen werden. (0xc0041800) Error: (01/19/2014 01:22:33 PM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (0x80070490) Error: (01/19/2014 01:22:30 PM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindex kann nicht gelesen werden. (0xc0041800) System errors: ============= Error: (01/23/2014 06:25:24 PM) (Source: W32Time) (User: ) Description: Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit. Error: (01/23/2014 06:25:24 PM) (Source: W32Time) (User: ) Description: Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15 Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar. (0x80072751) Error: (01/21/2014 08:36:08 PM) (Source: Service Control Manager) (User: ) Description: Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/19/2014 01:22:34 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: 2147749155 (0x80040D23). Error: (01/17/2014 10:04:46 PM) (Source: Server) (User: ) Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetbiosSmb vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden. Microsoft Office Sessions: ========================= Error: (01/19/2014 01:22:33 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung Details: Der Inhaltsindex kann nicht gelesen werden. (0xc0041800) Error: (01/19/2014 01:22:33 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindex kann nicht gelesen werden. (0xc0041800) Error: (01/19/2014 01:22:33 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (0x80070490) Search.TripoliIndexer Error: (01/19/2014 01:22:30 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindex kann nicht gelesen werden. (0xc0041800) Search.JetPropStore ==================== Memory info =========================== Percentage of memory in use: 87% Total physical RAM: 447.48 MB Available physical RAM: 55.38 MB Total Pagefile: 1055.18 MB Available Pagefile: 413 MB Total Virtual: 2047.88 MB Available Virtual: 1951.91 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:46.87 GB) (Free:37.23 GB) FAT32 ==>[Drive with boot components (Windows XP)] Drive d: () (Fixed) (Total:27.63 GB) (Free:27.31 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 7FA27FA2) Partition 1: (Active) - (Size=47 GB) - (Type=0C) Partition 2: (Not Active) - (Size=28 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
|
24.01.2014, 10:47
| #4 |
| /// the machine /// TB-Ausbilder | 1und1 warnt mich vor Open Dns Resolver Ist das der einzige Rechner im Netzwerk? Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.01.2014, 18:36
| #5 |
| | 1und1 warnt mich vor Open Dns Resolver Hallo Schrauber, tut mir leid, dass ich mich erst jetzt melde. 1. Nein es gibt noch andere Rechner. 2. Das Combofix kann ich erst heute abend machen, ich bin jetzt bei der Arbeit und habe keinen Zugriff auf meine Rechner zu hause. Gruß Stephan Ergänzung: Folgende Geräte mit Internetzugang über den Router gibt es noch. 1. Android Handy 2. Apple Handy 3. PC 4. Noch ein Laptop (Der war aber schon 3 Monate nicht mehr online) Gruß Stephan Hallo Schrauber, ich habe Combofix nach einer Stunde Scan abgebrochen. Gruß Stephan |
|
28.01.2014, 15:06
| #6 |
| /// the machine /// TB-Ausbilder | 1und1 warnt mich vor Open Dns Resolver Antivirenprogramm war ausgeschaltet? Combofix bitte löschen und neu laden, nochmal versuchen und bitte laufen lassen.
__________________ --> 1und1 warnt mich vor Open Dns Resolver |
|
28.01.2014, 19:21
| #7 |
| | 1und1 warnt mich vor Open Dns Resolver Ja, Virenprogramme sind abgeschaltet.Combofix hängt noch immer. Gruß Stephan |
|
29.01.2014, 12:02
| #8 |
| /// the machine /// TB-Ausbilder | 1und1 warnt mich vor Open Dns Resolver hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.01.2014, 17:42
| #9 |
| | 1und1 warnt mich vor Open Dns Resolver Hallo, hier gas LOG: Code:
ATTFilter 17:36:14.0453 0x021c TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
17:36:24.0312 0x021c ============================================================
17:36:24.0312 0x021c Current date / time: 2014/01/29 17:36:24.0312
17:36:24.0312 0x021c SystemInfo:
17:36:24.0312 0x021c
17:36:24.0312 0x021c OS Version: 5.1.2600 ServicePack: 3.0
17:36:24.0312 0x021c Product type: Workstation
17:36:24.0312 0x021c ComputerName: HOME2215
17:36:24.0343 0x021c UserName: klaus schmidtbauer
17:36:24.0343 0x021c Windows directory: C:\WINDOWS
17:36:24.0343 0x021c System windows directory: C:\WINDOWS
17:36:24.0343 0x021c Processor architecture: Intel x86
17:36:24.0343 0x021c Number of processors: 1
17:36:24.0343 0x021c Page size: 0x1000
17:36:24.0343 0x021c Boot type: Normal boot
17:36:24.0343 0x021c ============================================================
17:36:28.0046 0x021c KLMD registered as C:\WINDOWS\system32\drivers\22452422.sys
17:36:28.0156 0x021c System UUID: {61A9B648-D1DE-EFE8-C74D-7FE7E35649B0}
17:36:29.0093 0x021c Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:36:29.0093 0x021c ============================================================
17:36:29.0093 0x021c \Device\Harddisk0\DR0:
17:36:29.0093 0x021c MBR partitions:
17:36:29.0093 0x021c \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x5DC35A9
17:36:29.0125 0x021c \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x5DC3627, BlocksNum 0x374AE9A
17:36:29.0125 0x021c ============================================================
17:36:29.0125 0x021c C: <-> \Device\Harddisk0\DR0\Partition1
17:36:29.0125 0x021c D: <-> \Device\Harddisk0\DR0\Partition2
17:36:29.0156 0x021c ============================================================
17:36:29.0156 0x021c Initialize success
17:36:29.0156 0x021c ============================================================
17:36:45.0109 0x08f0 ============================================================
17:36:45.0109 0x08f0 Scan started
17:36:45.0109 0x08f0 Mode: Manual; SigCheck; TDLFS;
17:36:45.0109 0x08f0 ============================================================
17:36:45.0109 0x08f0 KSN ping started
17:36:49.0359 0x08f0 KSN ping finished: true
17:36:51.0468 0x08f0 ================ Scan system memory ========================
17:36:51.0484 0x08f0 System memory - ok
17:36:51.0515 0x08f0 ================ Scan services =============================
17:36:51.0812 0x08f0 Abiosdsk - ok
17:36:51.0875 0x08f0 abp480n5 - ok
17:36:52.0000 0x08f0 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:36:54.0718 0x08f0 ACPI - ok
17:36:54.0781 0x08f0 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:36:54.0984 0x08f0 ACPIEC - ok
17:36:55.0218 0x08f0 [ 8D268693A6DCE3D7319DF14834841BAF, 229C95FE2E6A692EBC2842823A1C7D438F8DF18F44691BD7AFE79DB76F092F9D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:36:55.0296 0x08f0 AdobeFlashPlayerUpdateSvc - ok
17:36:55.0328 0x08f0 adpu160m - ok
17:36:55.0437 0x08f0 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:36:55.0640 0x08f0 aec - ok
17:36:55.0703 0x08f0 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:36:55.0843 0x08f0 AFD - ok
17:36:55.0906 0x08f0 Aha154x - ok
17:36:55.0968 0x08f0 aic78u2 - ok
17:36:56.0062 0x08f0 aic78xx - ok
17:36:56.0343 0x08f0 [ BEA942FF21154FEE4F71DDD477621C70, 27BA7A74DBEFE082437302248A51C7A0F61CBCC7B540A373C3AAE0BD822A8230 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
17:36:56.0843 0x08f0 ALCXWDM - ok
17:36:57.0000 0x08f0 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:36:57.0156 0x08f0 Alerter - ok
17:36:57.0250 0x08f0 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
17:36:57.0437 0x08f0 ALG - ok
17:36:57.0500 0x08f0 AliIde - ok
17:36:57.0578 0x08f0 [ B9DBAAE3219661F4D0C5E8DC0C2F987D, 4003F98FE14DF6BBC05248E1EB0465A3F9966A0BB536A4D706B022996314D40A ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:36:57.0656 0x08f0 AmdK8 - ok
17:36:57.0750 0x08f0 [ 033448D435E65C4BD72E70521FD05C76, A5462C22D5461F1BA06E81CD7E1ECE5409092DE53A8E4D3E78D089B65CB474D4 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
17:36:57.0812 0x08f0 AmdPPM - ok
17:36:57.0843 0x08f0 amsint - ok
17:36:57.0968 0x08f0 AppMgmt - ok
17:36:58.0031 0x08f0 asc - ok
17:36:58.0093 0x08f0 asc3350p - ok
17:36:58.0187 0x08f0 asc3550 - ok
17:36:58.0390 0x08f0 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:36:58.0421 0x08f0 aspnet_state - ok
17:36:58.0484 0x08f0 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:36:58.0609 0x08f0 AsyncMac - ok
17:36:58.0671 0x08f0 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:36:58.0828 0x08f0 atapi - ok
17:36:58.0875 0x08f0 Atdisk - ok
17:36:58.0953 0x08f0 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:36:59.0125 0x08f0 Atmarpc - ok
17:36:59.0265 0x08f0 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:36:59.0421 0x08f0 AudioSrv - ok
17:36:59.0468 0x08f0 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:36:59.0671 0x08f0 audstub - ok
17:36:59.0859 0x08f0 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Programme\avmwlanstick\WlanNetService.exe
17:36:59.0953 0x08f0 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
17:37:00.0125 0x08f0 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
17:37:03.0171 0x08f0 [ 263CF9D248FD5E020A1333ED4F7EAA88, 04F944C2B284172A7917389A83C525FA9A3ACB026F370EB886B48759FE81A5E1 ] avmeject C:\WINDOWS\system32\drivers\avmeject.sys
17:37:03.0203 0x08f0 avmeject - detected UnsignedFile.Multi.Generic ( 1 )
17:37:03.0203 0x08f0 avmeject ( UnsignedFile.Multi.Generic ) - warning
17:37:06.0031 0x08f0 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:37:06.0234 0x08f0 Beep - ok
17:37:06.0343 0x08f0 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
17:37:06.0562 0x08f0 BITS - ok
17:37:06.0656 0x08f0 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
17:37:06.0750 0x08f0 Browser - ok
17:37:06.0812 0x08f0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:37:07.0031 0x08f0 cbidf2k - ok
17:37:07.0078 0x08f0 cd20xrnt - ok
17:37:07.0156 0x08f0 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:37:07.0375 0x08f0 Cdaudio - ok
17:37:07.0421 0x08f0 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:37:07.0609 0x08f0 Cdfs - ok
17:37:07.0656 0x08f0 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:37:07.0843 0x08f0 Cdrom - ok
17:37:07.0875 0x08f0 Changer - ok
17:37:07.0968 0x08f0 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:37:08.0156 0x08f0 CiSvc - ok
17:37:08.0250 0x08f0 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:37:08.0421 0x08f0 ClipSrv - ok
17:37:08.0515 0x08f0 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:37:08.0562 0x08f0 clr_optimization_v2.0.50727_32 - ok
17:37:08.0656 0x08f0 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:37:08.0671 0x08f0 clr_optimization_v4.0.30319_32 - ok
17:37:08.0718 0x08f0 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:37:08.0859 0x08f0 CmBatt - ok
17:37:08.0906 0x08f0 CmdIde - ok
17:37:08.0968 0x08f0 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:37:09.0171 0x08f0 Compbatt - ok
17:37:09.0234 0x08f0 COMSysApp - ok
17:37:09.0359 0x08f0 Cpqarray - ok
17:37:09.0500 0x08f0 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:37:09.0640 0x08f0 CryptSvc - ok
17:37:09.0687 0x08f0 dac2w2k - ok
17:37:09.0718 0x08f0 dac960nt - ok
17:37:09.0843 0x08f0 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:37:09.0953 0x08f0 DcomLaunch - ok
17:37:10.0031 0x08f0 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:37:10.0203 0x08f0 Dhcp - ok
17:37:10.0250 0x08f0 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:37:10.0421 0x08f0 Disk - ok
17:37:10.0546 0x08f0 dmadmin - ok
17:37:10.0718 0x08f0 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:37:10.0968 0x08f0 dmboot - ok
17:37:11.0031 0x08f0 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:37:11.0203 0x08f0 dmio - ok
17:37:11.0265 0x08f0 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:37:11.0468 0x08f0 dmload - ok
17:37:11.0546 0x08f0 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:37:11.0703 0x08f0 dmserver - ok
17:37:11.0796 0x08f0 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:37:11.0984 0x08f0 DMusic - ok
17:37:12.0046 0x08f0 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:37:12.0109 0x08f0 Dnscache - ok
17:37:12.0281 0x08f0 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:37:12.0437 0x08f0 Dot3svc - ok
17:37:12.0468 0x08f0 dpti2o - ok
17:37:12.0562 0x08f0 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:37:12.0718 0x08f0 drmkaud - ok
17:37:12.0812 0x08f0 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:37:12.0968 0x08f0 EapHost - ok
17:37:13.0046 0x08f0 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:37:13.0234 0x08f0 ERSvc - ok
17:37:13.0343 0x08f0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
17:37:13.0406 0x08f0 Eventlog - ok
17:37:13.0562 0x08f0 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
17:37:13.0625 0x08f0 EventSystem - ok
17:37:13.0687 0x08f0 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:37:13.0828 0x08f0 Fastfat - ok
17:37:13.0906 0x08f0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:37:14.0015 0x08f0 FastUserSwitchingCompatibility - ok
17:37:14.0078 0x08f0 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:37:14.0187 0x08f0 Fdc - ok
17:37:14.0234 0x08f0 [ E7072827D0B5F9BD99D6961571A38973, 6B34FC5A57FB25EE52DBB3D5A1FCD664EF4906418315A69DEFAA99DB3971F78A ] FET5X86V C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
17:37:14.0328 0x08f0 FET5X86V - ok
17:37:14.0421 0x08f0 [ E9648254056BCE81A85380C0C3647DC4, AE58F498BD1C33360FE3BB9EA22C13EA562206B68E7946B587CB5A6DF94586A1 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
17:37:14.0640 0x08f0 FETNDIS - ok
17:37:14.0703 0x08f0 [ A583BC166495B07F704533754CE29CBD, 13D7ADD409AA44F0C171943AC075CB2162E0A0D429A1649C02EAA2F083F7FAF8 ] FETNDISB C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
17:37:14.0796 0x08f0 FETNDISB - ok
17:37:14.0859 0x08f0 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:37:15.0000 0x08f0 Fips - ok
17:37:15.0031 0x08f0 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:37:15.0203 0x08f0 Flpydisk - ok
17:37:15.0312 0x08f0 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:37:15.0437 0x08f0 FltMgr - ok
17:37:15.0609 0x08f0 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:37:15.0625 0x08f0 FontCache3.0.0.0 - ok
17:37:15.0671 0x08f0 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:37:15.0890 0x08f0 Fs_Rec - ok
17:37:15.0937 0x08f0 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:37:16.0156 0x08f0 Ftdisk - ok
17:37:16.0234 0x08f0 [ FF12FA487265DA2AC7DE4BE53F72FF1A, 9B9F29CC36D0C7681676F708270038D38CEA21AD82F4937DBDAE45F0D667786E ] FWLANUSB C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
17:37:16.0296 0x08f0 FWLANUSB - ok
17:37:16.0453 0x08f0 [ 7AD4C281CB1661086B05E087230D4B76, 13DE6654EBAE4CB980E6ED8C4FB66BE413A9429662E300D2DC2A42ED85C051A2 ] fwlanusb4 C:\WINDOWS\system32\DRIVERS\fwlanusb4.sys
17:37:16.0640 0x08f0 fwlanusb4 - ok
17:37:16.0671 0x08f0 [ 3A74C423CF6BCCA6982715878F450A3B, A98D6D377B48D05BE3927F6E93D0DE7741E115C43125C0E0DE6EEFE023DE73BC ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
17:37:16.0828 0x08f0 gagp30kx - ok
17:37:16.0937 0x08f0 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:37:17.0093 0x08f0 Gpc - ok
17:37:17.0171 0x08f0 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:37:17.0312 0x08f0 helpsvc - ok
17:37:17.0421 0x08f0 HidServ - ok
17:37:17.0593 0x08f0 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:37:17.0734 0x08f0 hkmsvc - ok
17:37:17.0812 0x08f0 hpn - ok
17:37:17.0906 0x08f0 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:37:18.0031 0x08f0 HTTP - ok
17:37:18.0125 0x08f0 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:37:18.0281 0x08f0 HTTPFilter - ok
17:37:18.0359 0x08f0 i2omgmt - ok
17:37:18.0421 0x08f0 i2omp - ok
17:37:18.0500 0x08f0 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:37:18.0640 0x08f0 i8042prt - ok
17:37:18.0937 0x08f0 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:37:19.0062 0x08f0 idsvc - ok
17:37:19.0125 0x08f0 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:37:19.0250 0x08f0 Imapi - ok
17:37:19.0343 0x08f0 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:37:19.0515 0x08f0 ImapiService - ok
17:37:19.0578 0x08f0 ini910u - ok
17:37:19.0671 0x08f0 IntelIde - ok
17:37:19.0765 0x08f0 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:37:19.0921 0x08f0 Ip6Fw - ok
17:37:20.0000 0x08f0 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:37:20.0203 0x08f0 IpFilterDriver - ok
17:37:20.0296 0x08f0 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:37:20.0453 0x08f0 IpInIp - ok
17:37:20.0531 0x08f0 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:37:20.0718 0x08f0 IpNat - ok
17:37:20.0781 0x08f0 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:37:20.0906 0x08f0 IPSec - ok
17:37:20.0953 0x08f0 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:37:21.0125 0x08f0 IRENUM - ok
17:37:21.0218 0x08f0 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:37:21.0375 0x08f0 isapnp - ok
17:37:21.0609 0x08f0 [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
17:37:21.0656 0x08f0 JavaQuickStarterService - ok
17:37:21.0687 0x08f0 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:37:21.0890 0x08f0 Kbdclass - ok
17:37:22.0000 0x08f0 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:37:22.0171 0x08f0 kmixer - ok
17:37:22.0234 0x08f0 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:37:22.0296 0x08f0 KSecDD - ok
17:37:22.0375 0x08f0 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:37:22.0453 0x08f0 lanmanserver - ok
17:37:22.0593 0x08f0 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:37:22.0687 0x08f0 lanmanworkstation - ok
17:37:22.0750 0x08f0 lbrtfdc - ok
17:37:22.0890 0x08f0 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:37:23.0062 0x08f0 LmHosts - ok
17:37:23.0171 0x08f0 [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
17:37:24.0718 0x08f0 MBAMSwissArmy - ok
17:37:24.0812 0x08f0 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:37:25.0000 0x08f0 Messenger - ok
17:37:25.0062 0x08f0 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:37:25.0265 0x08f0 mnmdd - ok
17:37:25.0390 0x08f0 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:37:25.0546 0x08f0 mnmsrvc - ok
17:37:25.0625 0x08f0 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:37:25.0781 0x08f0 Modem - ok
17:37:25.0843 0x08f0 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:37:25.0984 0x08f0 Mouclass - ok
17:37:26.0046 0x08f0 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:37:26.0203 0x08f0 MountMgr - ok
17:37:26.0312 0x08f0 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:37:26.0375 0x08f0 MozillaMaintenance - ok
17:37:26.0406 0x08f0 mraid35x - ok
17:37:26.0484 0x08f0 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:37:26.0671 0x08f0 MRxDAV - ok
17:37:26.0781 0x08f0 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:37:26.0906 0x08f0 MRxSmb - ok
17:37:27.0000 0x08f0 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:37:27.0156 0x08f0 MSDTC - ok
17:37:27.0234 0x08f0 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:37:27.0421 0x08f0 Msfs - ok
17:37:27.0515 0x08f0 MSIServer - ok
17:37:27.0625 0x08f0 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:37:27.0765 0x08f0 MSKSSRV - ok
17:37:27.0796 0x08f0 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:37:27.0937 0x08f0 MSPCLOCK - ok
17:37:27.0968 0x08f0 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:37:28.0109 0x08f0 MSPQM - ok
17:37:28.0218 0x08f0 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:37:28.0343 0x08f0 mssmbios - ok
17:37:28.0437 0x08f0 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:37:28.0515 0x08f0 Mup - ok
17:37:28.0640 0x08f0 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:37:28.0796 0x08f0 napagent - ok
17:37:28.0890 0x08f0 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:37:29.0062 0x08f0 NDIS - ok
17:37:29.0109 0x08f0 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:37:29.0156 0x08f0 NdisTapi - ok
17:37:29.0218 0x08f0 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:37:29.0375 0x08f0 Ndisuio - ok
17:37:29.0421 0x08f0 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:37:29.0562 0x08f0 NdisWan - ok
17:37:29.0593 0x08f0 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:37:29.0671 0x08f0 NDProxy - ok
17:37:29.0734 0x08f0 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:37:29.0890 0x08f0 NetBIOS - ok
17:37:29.0953 0x08f0 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:37:30.0140 0x08f0 NetBT - ok
17:37:30.0218 0x08f0 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
17:37:30.0640 0x08f0 NetDDE - ok
17:37:30.0671 0x08f0 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:37:30.0812 0x08f0 NetDDEdsdm - ok
17:37:30.0921 0x08f0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:37:31.0062 0x08f0 Netlogon - ok
17:37:31.0187 0x08f0 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
17:37:31.0343 0x08f0 Netman - ok
17:37:31.0468 0x08f0 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:37:31.0500 0x08f0 NetTcpPortSharing - ok
17:37:31.0578 0x08f0 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
17:37:31.0640 0x08f0 Nla - ok
17:37:31.0671 0x08f0 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:37:31.0796 0x08f0 Npfs - ok
17:37:31.0906 0x08f0 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:37:32.0125 0x08f0 Ntfs - ok
17:37:32.0187 0x08f0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:37:32.0343 0x08f0 NtLmSsp - ok
17:37:32.0546 0x08f0 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:37:32.0734 0x08f0 NtmsSvc - ok
17:37:32.0796 0x08f0 [ A568B9A9FFE2D9387222A5C90F86D731, 18F03B780D67AD803439D132E4C9306D15496CA6E755AD4B8011EF9EB0C73706 ] NTSIM C:\WINDOWS\system32\ntsim.sys
17:37:32.0843 0x08f0 NTSIM - detected UnsignedFile.Multi.Generic ( 1 )
17:37:32.0843 0x08f0 NTSIM ( UnsignedFile.Multi.Generic ) - warning
17:37:32.0843 0x08f0 Force sending object to P2P due to detect: C:\WINDOWS\system32\ntsim.sys
17:37:35.0750 0x08f0 Object send P2P result: true
17:37:38.0546 0x08f0 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
17:37:38.0750 0x08f0 Null - ok
17:37:38.0843 0x08f0 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:37:39.0062 0x08f0 NwlnkFlt - ok
17:37:39.0093 0x08f0 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:37:39.0328 0x08f0 NwlnkFwd - ok
17:37:39.0390 0x08f0 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
17:37:39.0546 0x08f0 Parport - ok
17:37:39.0578 0x08f0 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:37:39.0750 0x08f0 PartMgr - ok
17:37:39.0812 0x08f0 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:37:40.0015 0x08f0 ParVdm - ok
17:37:40.0062 0x08f0 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:37:40.0203 0x08f0 PCI - ok
17:37:40.0250 0x08f0 PCIDump - ok
17:37:40.0312 0x08f0 PCIIde - ok
17:37:40.0406 0x08f0 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:37:40.0546 0x08f0 Pcmcia - ok
17:37:40.0593 0x08f0 PDCOMP - ok
17:37:40.0656 0x08f0 PDFRAME - ok
17:37:40.0718 0x08f0 PDRELI - ok
17:37:40.0781 0x08f0 PDRFRAME - ok
17:37:40.0828 0x08f0 perc2 - ok
17:37:40.0890 0x08f0 perc2hib - ok
17:37:41.0125 0x08f0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
17:37:41.0171 0x08f0 PlugPlay - ok
17:37:41.0218 0x08f0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:37:41.0390 0x08f0 PolicyAgent - ok
17:37:41.0453 0x08f0 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:37:41.0578 0x08f0 PptpMiniport - ok
17:37:41.0609 0x08f0 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:37:41.0765 0x08f0 Processor - ok
17:37:41.0812 0x08f0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:37:41.0984 0x08f0 ProtectedStorage - ok
17:37:42.0015 0x08f0 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:37:42.0218 0x08f0 PSched - ok
17:37:42.0265 0x08f0 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:37:42.0468 0x08f0 Ptilink - ok
17:37:42.0500 0x08f0 ql1080 - ok
17:37:42.0578 0x08f0 Ql10wnt - ok
17:37:42.0640 0x08f0 ql12160 - ok
17:37:42.0703 0x08f0 ql1240 - ok
17:37:42.0750 0x08f0 ql1280 - ok
17:37:42.0828 0x08f0 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:37:43.0031 0x08f0 RasAcd - ok
17:37:43.0140 0x08f0 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:37:43.0281 0x08f0 RasAuto - ok
17:37:43.0343 0x08f0 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:37:43.0515 0x08f0 Rasl2tp - ok
17:37:43.0609 0x08f0 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:37:43.0765 0x08f0 RasMan - ok
17:37:43.0812 0x08f0 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:37:43.0984 0x08f0 RasPppoe - ok
17:37:44.0046 0x08f0 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:37:44.0203 0x08f0 Raspti - ok
17:37:44.0312 0x08f0 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:37:44.0453 0x08f0 Rdbss - ok
17:37:44.0515 0x08f0 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:37:44.0671 0x08f0 RDPCDD - ok
17:37:44.0843 0x08f0 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:37:44.0906 0x08f0 RDPWD - ok
17:37:45.0046 0x08f0 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:37:45.0203 0x08f0 RDSessMgr - ok
17:37:45.0296 0x08f0 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:37:45.0437 0x08f0 redbook - ok
17:37:45.0640 0x08f0 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:37:45.0781 0x08f0 RemoteAccess - ok
17:37:45.0828 0x08f0 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:37:45.0968 0x08f0 RpcLocator - ok
17:37:46.0093 0x08f0 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:37:46.0125 0x08f0 RpcSs - ok
17:37:46.0218 0x08f0 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:37:46.0421 0x08f0 RSVP - ok
17:37:46.0484 0x08f0 rt2870 - ok
17:37:46.0562 0x08f0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
17:37:46.0703 0x08f0 SamSs - ok
17:37:46.0843 0x08f0 [ 230FD3749904CA045EA5EC0AA14006E9, D7C79238F862B471740AFF4CC3982658D1339795E9EC884A8921EFE2E547D7C3 ] SANDRA C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x86\Sandra.sys
17:37:46.0859 0x08f0 SANDRA - ok
17:37:46.0906 0x08f0 [ 6858620E6EF1DF704366ACD45A317AD2, 365DAFB461E8DB65BE5DA5C5C77C52373F2515C06FE9510F84677F67F1B228FF ] SandraAgentSrv C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe
17:37:46.0953 0x08f0 SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
17:37:46.0953 0x08f0 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
17:37:49.0859 0x08f0 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:37:50.0031 0x08f0 SCardSvr - ok
17:37:50.0140 0x08f0 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:37:50.0296 0x08f0 Schedule - ok
17:37:50.0375 0x08f0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:37:50.0500 0x08f0 Secdrv - ok
17:37:50.0609 0x08f0 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:37:50.0765 0x08f0 seclogon - ok
17:37:51.0171 0x08f0 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
17:37:51.0312 0x08f0 SENS - ok
17:37:51.0406 0x08f0 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
17:37:51.0640 0x08f0 Serial - ok
17:37:51.0828 0x08f0 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:37:51.0984 0x08f0 Sfloppy - ok
17:37:52.0093 0x08f0 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:37:52.0312 0x08f0 SharedAccess - ok
17:37:52.0390 0x08f0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:37:52.0406 0x08f0 ShellHWDetection - ok
17:37:52.0484 0x08f0 Simbad - ok
17:37:52.0593 0x08f0 Sparrow - ok
17:37:52.0687 0x08f0 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:37:52.0859 0x08f0 splitter - ok
17:37:52.0906 0x08f0 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:37:52.0984 0x08f0 Spooler - ok
17:37:53.0031 0x08f0 [ 7B426B8E809EDF081D771EF429345528, 7ED3E35368CAFD8EB884FBD8B0BF1E2207E5F78374AE69993368E64432D7531B ] sp_rsdrv2 C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
17:37:53.0046 0x08f0 sp_rsdrv2 - detected UnsignedFile.Multi.Generic ( 1 )
17:37:53.0046 0x08f0 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
17:37:56.0062 0x08f0 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:37:56.0218 0x08f0 sr - ok
17:37:56.0312 0x08f0 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
17:37:56.0468 0x08f0 srservice - ok
17:37:56.0593 0x08f0 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:37:56.0718 0x08f0 Srv - ok
17:37:56.0828 0x08f0 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:37:56.0968 0x08f0 SSDPSRV - ok
17:37:57.0156 0x08f0 [ 9CB7C63FD9D5AE484E318F9296279C52, 5148AAF056B962AAC4B72DA0A51DC70429EE23CE618FFDAD501501791348E785 ] ST2012_Svc C:\Programme\Spyware Terminator\st_rsser.exe
17:37:57.0234 0x08f0 ST2012_Svc - ok
17:37:57.0406 0x08f0 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:37:57.0546 0x08f0 stisvc - ok
17:37:57.0609 0x08f0 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:37:57.0734 0x08f0 swenum - ok
17:37:57.0843 0x08f0 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:37:57.0984 0x08f0 swmidi - ok
17:37:58.0078 0x08f0 SwPrv - ok
17:37:58.0140 0x08f0 symc810 - ok
17:37:58.0187 0x08f0 symc8xx - ok
17:37:58.0250 0x08f0 sym_hi - ok
17:37:58.0312 0x08f0 sym_u3 - ok
17:37:58.0421 0x08f0 [ DD43DEF41A17E8167362D6493D11AE80, 8F2750BAAD55E7D1A0D6481AA10054082DA1470D634DF58178092BD7476618C4 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:37:58.0515 0x08f0 SynTP - ok
17:37:58.0609 0x08f0 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:37:58.0750 0x08f0 sysaudio - ok
17:37:58.0843 0x08f0 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:37:58.0968 0x08f0 SysmonLog - ok
17:37:59.0062 0x08f0 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:37:59.0218 0x08f0 TapiSrv - ok
17:37:59.0312 0x08f0 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:37:59.0406 0x08f0 Tcpip - ok
17:37:59.0453 0x08f0 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:37:59.0609 0x08f0 TDPIPE - ok
17:37:59.0656 0x08f0 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:37:59.0781 0x08f0 TDTCP - ok
17:38:00.0296 0x08f0 [ 402794A75A899E296AB3EDEC4ECCB9A8, BB25534D51C3B599072AE06578E788B54B0164DD94358958865927B98F63E016 ] TeamViewer8 C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
17:38:00.0906 0x08f0 TeamViewer8 - ok
17:38:01.0015 0x08f0 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:38:01.0156 0x08f0 TermDD - ok
17:38:01.0281 0x08f0 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
17:38:01.0484 0x08f0 TermService - ok
17:38:01.0562 0x08f0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:38:01.0578 0x08f0 Themes - ok
17:38:01.0656 0x08f0 TosIde - ok
17:38:01.0765 0x08f0 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:38:01.0906 0x08f0 TrkWks - ok
17:38:02.0062 0x08f0 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:38:02.0187 0x08f0 Udfs - ok
17:38:02.0312 0x08f0 ultra - ok
17:38:02.0437 0x08f0 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:38:02.0640 0x08f0 Update - ok
17:38:02.0750 0x08f0 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:38:02.0937 0x08f0 upnphost - ok
17:38:03.0046 0x08f0 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
17:38:03.0203 0x08f0 UPS - ok
17:38:03.0250 0x08f0 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:38:03.0359 0x08f0 usbehci - ok
17:38:03.0390 0x08f0 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:38:03.0531 0x08f0 usbhub - ok
17:38:03.0656 0x08f0 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:38:03.0781 0x08f0 USBSTOR - ok
17:38:03.0828 0x08f0 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:38:03.0968 0x08f0 usbuhci - ok
17:38:04.0046 0x08f0 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:38:04.0171 0x08f0 VgaSave - ok
17:38:04.0281 0x08f0 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
17:38:04.0406 0x08f0 ViaIde - ok
17:38:04.0453 0x08f0 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:38:04.0625 0x08f0 VolSnap - ok
17:38:04.0765 0x08f0 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
17:38:04.0906 0x08f0 VSS - ok
17:38:05.0015 0x08f0 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
17:38:05.0156 0x08f0 W32Time - ok
17:38:05.0250 0x08f0 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:38:05.0421 0x08f0 Wanarp - ok
17:38:05.0484 0x08f0 WDICA - ok
17:38:05.0593 0x08f0 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:38:05.0734 0x08f0 wdmaud - ok
17:38:05.0875 0x08f0 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
17:38:05.0984 0x08f0 WebClient - ok
17:38:06.0078 0x08f0 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:38:06.0218 0x08f0 winmgmt - ok
17:38:06.0406 0x08f0 [ F10075C2EC96D2EB118012E78ECE2FC2, EE29CAE50098517654E8A79152F8A37B15A03F55524CE82DDAACBC74E1FAB2F8 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:38:06.0609 0x08f0 WinRM - ok
17:38:06.0796 0x08f0 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:38:06.0875 0x08f0 WmdmPmSN - ok
17:38:07.0015 0x08f0 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:38:07.0171 0x08f0 WmiApSrv - ok
17:38:07.0343 0x08f0 [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
17:38:07.0515 0x08f0 WMPNetworkSvc - ok
17:38:07.0718 0x08f0 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:38:07.0812 0x08f0 WPFFontCache_v0400 - ok
17:38:07.0890 0x08f0 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:38:08.0078 0x08f0 WS2IFSL - ok
17:38:08.0250 0x08f0 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:38:08.0390 0x08f0 wscsvc - ok
17:38:08.0531 0x08f0 WSearch - ok
17:38:08.0656 0x08f0 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:38:08.0812 0x08f0 wuauserv - ok
17:38:08.0890 0x08f0 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:38:08.0953 0x08f0 WudfPf - ok
17:38:09.0015 0x08f0 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:38:09.0109 0x08f0 WudfSvc - ok
17:38:09.0234 0x08f0 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:38:09.0453 0x08f0 WZCSVC - ok
17:38:09.0546 0x08f0 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:38:09.0718 0x08f0 xmlprov - ok
17:38:09.0796 0x08f0 ================ Scan global ===============================
17:38:09.0953 0x08f0 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
17:38:10.0078 0x08f0 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
17:38:10.0203 0x08f0 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
17:38:10.0296 0x08f0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
17:38:10.0296 0x08f0 [ Global ] - ok
17:38:10.0328 0x08f0 ================ Scan MBR ==================================
17:38:10.0375 0x08f0 [ DC02C5AD31FEB689C172B580F75CB5C5 ] \Device\Harddisk0\DR0
17:38:10.0671 0x08f0 \Device\Harddisk0\DR0 - ok
17:38:10.0671 0x08f0 ================ Scan VBR ==================================
17:38:10.0687 0x08f0 [ EE5172A71588415CC0704F6FD98B48CF ] \Device\Harddisk0\DR0\Partition1
17:38:10.0703 0x08f0 \Device\Harddisk0\DR0\Partition1 - ok
17:38:10.0734 0x08f0 [ 1D43546949B138B4CA09DAC2D98B5086 ] \Device\Harddisk0\DR0\Partition2
17:38:10.0734 0x08f0 \Device\Harddisk0\DR0\Partition2 - ok
17:38:12.0468 0x08f0 Win FW state via NFM: enabled
17:38:15.0578 0x08f0 ============================================================
17:38:15.0578 0x08f0 Scan finished
17:38:15.0578 0x08f0 ============================================================
17:38:15.0656 0x0d68 Detected object count: 5
17:38:15.0656 0x0d68 Actual detected object count: 5
17:38:35.0156 0x0d68 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:35.0156 0x0d68 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:38:35.0187 0x0d68 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:35.0187 0x0d68 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:38:35.0218 0x0d68 NTSIM ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:35.0218 0x0d68 NTSIM ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:38:35.0250 0x0d68 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:35.0250 0x0d68 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:38:35.0296 0x0d68 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:35.0296 0x0d68 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:38:44.0781 0x0bb8 Deinitialize success
|
|
30.01.2014, 16:00
| #10 |
| /// the machine /// TB-Ausbilder | 1und1 warnt mich vor Open Dns Resolver Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.01.2014, 19:15
| #11 |
| | 1und1 warnt mich vor Open Dns Resolver Hier sind die Logs: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.30.05 Windows XP Service Pack 3 x86 FAT32 Internet Explorer 8.0.6001.18702 klaus schmidtbauer :: HOME2215 [Administrator] 30.01.2014 18:34:54 mbam-log-2014-01-30 (18-34-54).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 300200 Laufzeit: 13 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by klaus schmidtbauer on 30.01.2014 at 18:46:57,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1659004503-1060284298-725345543-1004\Software\sweetim
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.01.2014 at 18:52:31,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 30/01/2014 um 19:01:27
# Updated 28/01/2014 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzername : klaus schmidtbauer - HOME2215
# Gestartet von : C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\adwcleaner(4).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\prefs.js ]
[ Datei : C:\Dokumente und Einstellungen\annica\Anwendungsdaten\Mozilla\Firefox\Profiles\dzbnoudw.default\prefs.js ]
*************************
AdwCleaner[R5].txt - [1003 octets] - [30/01/2014 19:00:25]
AdwCleaner[S4].txt - [926 octets] - [30/01/2014 19:01:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [985 octets] ##########
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2014 01
Ran by klaus schmidtbauer (administrator) on HOME2215 on 30-01-2014 19:08:07
Running from C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVM Berlin) C:\Programme\avmwlanstick\WLanNetService.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Crawler.com) C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(FileHippo.com) C:\Programme\FileHippo.com\UpdateChecker.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SoundMan] - C:\WINDOWS\SOUNDMAN.EXE [77824 2005-03-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [FileHippo.com] - C:\Programme\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
MountPoints2: {9a792a28-886b-11e0-b280-0040d07fbc5f} - F:\menu.exe
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\RaConfig2500.lnk
ShortcutTarget: RaConfig2500.lnk -> C:\WINDOWS\system32\RaConfig2500.exe (No File)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Wireless N-lite USB Adapter Utility.lnk
ShortcutTarget: Wireless N-lite USB Adapter Utility.lnk -> C:\Programme\ZyXEL\NWD-270N\Common\NWD-270N.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1366006702562
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{31CFEDB3-E669-4238-ADB3-4786430BFED0}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{C4D34AC3-17AE-4762-96B0-52A7020061B1}: [NameServer]8.8.8.8,8.8.4.4
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF Extension: LastPass - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\support@lastpass.com [2013-10-28]
FF Extension: WOT - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: Qualys BrowserCheck - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} [2014-01-28]
FF Extension: Procon Latte Content Filter - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C}.xpi [2013-10-10]
FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-15]
FF Extension: BetterPrivacy - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-01-16]
FF Extension: Greasemonkey - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-04-30]
FF Extension: NoScript - C:\Dokumente und Einstellungen\klaus schmidtbauer\Anwendungsdaten\Mozilla\Firefox\Profiles\5lfyss97.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-04-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
========================== Services (Whitelisted) =================
R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2014-01-29] (Oracle Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-01-10] (Mozilla Foundation)
S4 ST2012_Svc; C:\Programme\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
S4 TeamViewer8; C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe [4153184 2013-07-08] (TeamViewer GmbH)
S4 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2314560 2005-03-25] (Realtek Semiconductor Corp.)
S1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
R3 FET5X86V; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [43520 2008-09-22] (VIA Technologies, Inc. )
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 FETNDISB; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [42496 2004-04-15] (VIA Technologies, Inc. )
R3 FWLANUSB; C:\WINDOWS\System32\DRIVERS\fwlanusb.sys [265088 2010-10-22] (AVM GmbH)
S3 fwlanusb4; C:\WINDOWS\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-22] (AVM GmbH)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-30] (Malwarebytes Corporation)
S3 NTSIM; C:\WINDOWS\system32\ntsim.sys [7040 2003-07-17] (VIA Networking Technologies, Inc. )
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
S4 IntelIde; No ImagePath
S3 rt2870; system32\DRIVERS\rt2870.sys [x]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-30 19:07 - 2014-01-30 19:08 - 00011530 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST.txt
2014-01-30 19:05 - 2014-01-30 19:05 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST-OlderVersion
2014-01-30 18:58 - 2014-01-30 18:58 - 01166132 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\adwcleaner(4).exe
2014-01-30 18:52 - 2014-01-30 18:52 - 00000783 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\JRT.txt
2014-01-30 18:46 - 2014-01-30 18:46 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-30 18:42 - 2014-01-30 18:42 - 01037068 _____ (Thisisu) C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\JRT.exe
2014-01-30 18:30 - 2014-01-30 19:04 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-30 18:14 - 2014-01-30 18:14 - 00025440 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2014-01-30 18:13 - 2014-01-30 18:13 - 00159544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-29 18:34 - 2014-01-29 18:34 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java
2014-01-29 18:34 - 2014-01-29 18:33 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-29 18:34 - 2014-01-29 18:33 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-29 18:33 - 2014-01-29 18:33 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-29 18:33 - 2014-01-29 18:33 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-29 18:33 - 2014-01-29 18:33 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-29 18:33 - 2014-01-29 18:33 - 00000000 ____D C:\Programme\Java
2014-01-29 18:33 - 2014-01-29 18:33 - 00000000 ____D C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Java
2014-01-28 18:21 - 2014-01-28 18:21 - 00000000 __SHD C:\Recycled
2014-01-28 18:18 - 2014-01-28 18:21 - 00000994 _____ C:\WINDOWS\system32\tmp.reg
2014-01-28 18:18 - 2014-01-28 18:21 - 00000000 _____ C:\WINDOWS\system32\tmp.txt
2014-01-28 18:17 - 2014-01-28 18:22 - 00002819 _____ C:\rapport.txt
2014-01-28 18:01 - 2014-01-28 18:01 - 00000000 ___SD C:\ComboFix
2014-01-27 17:33 - 2014-01-27 17:33 - 00000000 _RSHD C:\cmdcons
2014-01-27 17:33 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr
2014-01-27 17:30 - 2014-01-27 17:30 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-27 17:30 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2014-01-27 17:30 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2014-01-27 17:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-01-27 17:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-01-27 17:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-01-27 17:30 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-01-27 17:30 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2014-01-27 17:30 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2014-01-27 17:30 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2014-01-23 21:55 - 2014-01-23 21:55 - 02314560 _____ C:\WINDOWS\system32\Drivers\ALCXWDM.SYS.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 01897408 _____ C:\WINDOWS\system32\Drivers\nv4_mini.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 01309184 _____ C:\WINDOWS\system32\Drivers\mtlstrm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 01041536 _____ C:\WINDOWS\system32\Drivers\hsfdpsp2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00926080 _____ C:\WINDOWS\system32\Drivers\fwlanusb4.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00800384 _____ C:\WINDOWS\system32\Drivers\dmboot.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00701952 _____ C:\WINDOWS\system32\Drivers\ati2mtag.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00685056 _____ C:\WINDOWS\system32\Drivers\hsfcxts2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00574976 _____ C:\WINDOWS\system32\Drivers\ntfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00456320 _____ C:\WINDOWS\system32\Drivers\mrxsmb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00452736 _____ C:\WINDOWS\system32\Drivers\mtxparhm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00404990 _____ C:\WINDOWS\system32\Drivers\slntamr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00384768 _____ C:\WINDOWS\system32\Drivers\update.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00361600 _____ C:\WINDOWS\system32\Drivers\tcpip.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00357888 _____ C:\WINDOWS\system32\Drivers\srv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00352256 _____ C:\WINDOWS\system32\Drivers\atmuni.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00327168 _____ C:\WINDOWS\system32\Drivers\ati2mtaa.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00273024 _____ C:\WINDOWS\system32\Drivers\bthport.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00265728 _____ C:\WINDOWS\system32\Drivers\http.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00265088 _____ C:\WINDOWS\system32\Drivers\fwlanusb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00262528 _____ C:\WINDOWS\system32\Drivers\cinemst2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00226880 _____ C:\WINDOWS\system32\Drivers\tcpip6.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00220032 _____ C:\WINDOWS\system32\Drivers\hsfbs2s2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00203136 _____ C:\WINDOWS\system32\Drivers\RMCast.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00196224 _____ C:\WINDOWS\system32\Drivers\rdpdr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00188800 _____ C:\WINDOWS\system32\Drivers\acpi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00185664 _____ C:\WINDOWS\system32\Drivers\SynTP.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00180608 _____ C:\WINDOWS\system32\Drivers\mrxdav.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00180360 _____ C:\WINDOWS\system32\Drivers\ntmtlfax.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00175744 _____ C:\WINDOWS\system32\Drivers\rdbss.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00172416 _____ C:\WINDOWS\system32\Drivers\kmixer.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00166912 _____ C:\WINDOWS\system32\Drivers\s3gnbm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00162816 _____ C:\WINDOWS\system32\Drivers\netbt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00154112 _____ C:\WINDOWS\system32\Drivers\dmio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00152832 _____ C:\WINDOWS\system32\Drivers\ipnat.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00146048 _____ C:\WINDOWS\system32\Drivers\portcls.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00144384 _____ C:\WINDOWS\system32\Drivers\Hdaudbus.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00144128 _____ C:\WINDOWS\system32\Drivers\usbport.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00143744 _____ C:\WINDOWS\system32\Drivers\fastfat.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00142592 _____ C:\WINDOWS\system32\Drivers\aec.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00141582 _____ C:\WINDOWS\system32\Drivers\NVCAP.SYS.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00141056 _____ C:\WINDOWS\system32\Drivers\ks.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00139784 _____ C:\WINDOWS\system32\Drivers\rdpwd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00138496 _____ C:\WINDOWS\system32\Drivers\afd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00129792 _____ C:\WINDOWS\system32\Drivers\fltMgr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00129535 _____ C:\WINDOWS\system32\Drivers\slnt7554.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00126686 _____ C:\WINDOWS\system32\Drivers\mtlmnt5.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00123008 _____ C:\WINDOWS\system32\Drivers\usbvideo.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00120576 _____ C:\WINDOWS\system32\Drivers\pcmcia.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00113664 _____ C:\WINDOWS\system32\Drivers\Hdaudio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00105472 _____ C:\WINDOWS\system32\Drivers\mup.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00104960 _____ C:\WINDOWS\system32\Drivers\atinrvxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00101120 _____ C:\WINDOWS\system32\Drivers\bthpan.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00096512 _____ C:\WINDOWS\system32\Drivers\atapi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00096384 _____ C:\WINDOWS\system32\Drivers\scsiport.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00095424 _____ C:\WINDOWS\system32\Drivers\slnthal.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00092928 _____ C:\WINDOWS\system32\Drivers\ksecdd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00088320 _____ C:\WINDOWS\system32\Drivers\nwlnkipx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00083072 _____ C:\WINDOWS\system32\Drivers\wdmaud.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00082944 _____ C:\WINDOWS\system32\Drivers\WudfRd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00081664 _____ C:\WINDOWS\system32\Drivers\videoprt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00079232 _____ C:\WINDOWS\system32\Drivers\sdbus.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00077568 _____ C:\WINDOWS\system32\Drivers\WudfPf.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00075264 _____ C:\WINDOWS\system32\Drivers\ipsec.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00073472 _____ C:\WINDOWS\system32\Drivers\sr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00073216 _____ C:\WINDOWS\system32\Drivers\atintuxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00071552 _____ C:\WINDOWS\system32\Drivers\bridge.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00071168 _____ C:\WINDOWS\system32\Drivers\dxg.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00069120 _____ C:\WINDOWS\system32\Drivers\psched.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00068224 _____ C:\WINDOWS\system32\Drivers\pci.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00066048 _____ C:\WINDOWS\system32\Drivers\udfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00065536 _____ C:\WINDOWS\system32\Drivers\serial.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063744 _____ C:\WINDOWS\system32\Drivers\mf.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063744 _____ C:\WINDOWS\system32\Drivers\cdfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063663 _____ C:\WINDOWS\system32\Drivers\ati1rvxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063488 _____ C:\WINDOWS\system32\Drivers\atinxsxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063232 _____ C:\WINDOWS\system32\Drivers\nwlnknb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00062976 _____ C:\WINDOWS\system32\Drivers\cdrom.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00061824 _____ C:\WINDOWS\system32\Drivers\nic1394.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00060800 _____ C:\WINDOWS\system32\Drivers\sysaudio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00060800 _____ C:\WINDOWS\system32\Drivers\arp1394.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00060160 _____ C:\WINDOWS\system32\Drivers\drmk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00059904 _____ C:\WINDOWS\system32\Drivers\atmarpc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00059520 _____ C:\WINDOWS\system32\Drivers\usbhub.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00059136 _____ C:\WINDOWS\system32\Drivers\rfcomm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00058112 _____ C:\WINDOWS\system32\Drivers\vdmindvd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00057856 _____ C:\WINDOWS\system32\Drivers\atinbtxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00057728 _____ C:\WINDOWS\system32\Drivers\redbook.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00056623 _____ C:\WINDOWS\system32\Drivers\ati1btxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00056576 _____ C:\WINDOWS\system32\Drivers\swmidi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00055936 _____ C:\WINDOWS\system32\Drivers\nwlnkspx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00055808 _____ C:\WINDOWS\system32\Drivers\atmlane.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00053760 _____ C:\WINDOWS\system32\Drivers\volsnap.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00052992 _____ C:\WINDOWS\system32\Drivers\i8042prt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00052864 _____ C:\WINDOWS\system32\Drivers\DMusic.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00052224 _____ C:\WINDOWS\system32\Drivers\atinraxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00051712 _____ C:\WINDOWS\system32\Drivers\tosdvd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00051328 _____ C:\WINDOWS\system32\Drivers\rasl2tp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00049536 _____ C:\WINDOWS\system32\Drivers\classpnp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00049408 _____ C:\WINDOWS\system32\Drivers\stream.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00048384 _____ C:\WINDOWS\system32\Drivers\raspptp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00046848 _____ C:\WINDOWS\system32\Drivers\p3.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00046464 _____ C:\WINDOWS\system32\Drivers\gagp30kx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00044928 _____ C:\WINDOWS\system32\Drivers\agpcpq.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00044672 _____ C:\WINDOWS\system32\Drivers\uagp35.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00044672 _____ C:\WINDOWS\system32\Drivers\fips.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00043520 _____ C:\WINDOWS\system32\Drivers\fetnd5bv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00043008 _____ C:\WINDOWS\system32\Drivers\amdagp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042752 _____ C:\WINDOWS\system32\Drivers\alim1541.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042496 _____ C:\WINDOWS\system32\Drivers\fetnd5b.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042368 _____ C:\WINDOWS\system32\Drivers\mountmgr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042368 _____ C:\WINDOWS\system32\Drivers\agp440.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042240 _____ C:\WINDOWS\system32\Drivers\viaagp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042112 _____ C:\WINDOWS\system32\Drivers\imapi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00041856 _____ C:\WINDOWS\system32\Drivers\amdk7.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00041472 _____ C:\WINDOWS\system32\Drivers\raspppoe.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00041472 _____ C:\WINDOWS\system32\Drivers\amdk6.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040960 _____ C:\WINDOWS\system32\Drivers\sisagp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040960 _____ C:\WINDOWS\system32\Drivers\ndproxy.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040840 _____ C:\WINDOWS\system32\Drivers\termdd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040832 _____ C:\WINDOWS\system32\Drivers\crusoe.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040776 _____ C:\WINDOWS\system32\Drivers\mbamswissarmy.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040448 _____ C:\WINDOWS\system32\Drivers\intelppm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040320 _____ C:\WINDOWS\system32\Drivers\nmnt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00039936 _____ C:\WINDOWS\system32\Drivers\processr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00038912 _____ C:\WINDOWS\system32\Drivers\AmdK8.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00038528 _____ C:\WINDOWS\system32\Drivers\wpdusb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00037888 _____ C:\WINDOWS\system32\Drivers\bthmodem.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00037632 _____ C:\WINDOWS\system32\Drivers\isapnp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036864 _____ C:\WINDOWS\system32\Drivers\hidclass.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036608 _____ C:\WINDOWS\system32\Drivers\ip6fw.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036480 _____ C:\WINDOWS\system32\Drivers\bthprint.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036463 _____ C:\WINDOWS\system32\Drivers\ati1tuxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036352 _____ C:\WINDOWS\system32\Drivers\disk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00035072 _____ C:\WINDOWS\system32\Drivers\msgpc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00034735 _____ C:\WINDOWS\system32\Drivers\ati1xsxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00034688 _____ C:\WINDOWS\system32\Drivers\netbios.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00034560 _____ C:\WINDOWS\system32\Drivers\wanarp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00034432 _____ C:\WINDOWS\system32\Drivers\rawwan.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00033792 _____ C:\WINDOWS\system32\Drivers\AmdPPM.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00032896 _____ C:\WINDOWS\system32\Drivers\ipfltdrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00032768 _____ C:\WINDOWS\system32\Drivers\sp_rsdrv2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00032512 _____ C:\WINDOWS\system32\Drivers\nwlnkfwd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00031744 _____ C:\WINDOWS\system32\Drivers\atinxbxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00031360 _____ C:\WINDOWS\system32\Drivers\atmepvc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030848 _____ C:\WINDOWS\system32\Drivers\npfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030671 _____ C:\WINDOWS\system32\Drivers\ati1raxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030592 _____ C:\WINDOWS\system32\Drivers\rndismpx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030592 _____ C:\WINDOWS\system32\Drivers\rndismp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030336 _____ C:\WINDOWS\system32\Drivers\usbehci.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030336 _____ C:\WINDOWS\system32\Drivers\modem.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00029455 _____ C:\WINDOWS\system32\Drivers\ati1xbxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00028672 _____ C:\WINDOWS\system32\Drivers\atinsnxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00027165 _____ C:\WINDOWS\system32\Drivers\fetnd5.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00026368 _____ C:\WINDOWS\system32\Drivers\usbstor.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00026367 _____ C:\WINDOWS\system32\Drivers\ati1snxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025856 _____ C:\WINDOWS\system32\Drivers\hidbth.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025728 _____ C:\WINDOWS\system32\Drivers\usbcamd2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025600 _____ C:\WINDOWS\system32\Drivers\usbcamd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025471 _____ C:\WINDOWS\system32\Drivers\watv10nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025344 _____ C:\WINDOWS\system32\Drivers\sonydcam.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025216 _____ C:\WINDOWS\system32\Drivers\kbdclass.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025088 _____ C:\WINDOWS\system32\Drivers\hidparse.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00024960 _____ C:\WINDOWS\system32\Drivers\pciidex.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00023552 _____ C:\WINDOWS\system32\Drivers\mouclass.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00022856 _____ C:\WINDOWS\system32\Drivers\mbam.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00022271 _____ C:\WINDOWS\system32\Drivers\watv06nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00021896 _____ C:\WINDOWS\system32\Drivers\tdtcp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00021376 _____ C:\WINDOWS\system32\Drivers\tsbvcap.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00021343 _____ C:\WINDOWS\system32\Drivers\ati1ttxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020992 _____ C:\WINDOWS\system32\Drivers\vga.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020864 _____ C:\WINDOWS\system32\Drivers\ipinip.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020608 _____ C:\WINDOWS\system32\Drivers\usbuhci.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020480 _____ C:\WINDOWS\system32\Drivers\secdrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020480 _____ C:\WINDOWS\system32\Drivers\flpydisk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00019712 _____ C:\WINDOWS\system32\Drivers\partmgr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00019200 _____ C:\WINDOWS\system32\Drivers\hidir.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00019072 _____ C:\WINDOWS\system32\Drivers\tdi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00019072 _____ C:\WINDOWS\system32\Drivers\msfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00018944 _____ C:\WINDOWS\system32\Drivers\bthusb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00017024 _____ C:\WINDOWS\system32\Drivers\bthenum.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00016496 _____ C:\WINDOWS\system32\Drivers\NVXBAR.SYS.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00016384 _____ C:\WINDOWS\system32\Drivers\battc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00015872 _____ C:\WINDOWS\system32\Drivers\usbintel.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00015744 _____ C:\WINDOWS\system32\Drivers\serenum.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00015488 _____ C:\WINDOWS\system32\Drivers\mssmbios.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014976 _____ C:\WINDOWS\system32\Drivers\tape.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014592 _____ C:\WINDOWS\system32\Drivers\smclib.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014592 _____ C:\WINDOWS\system32\Drivers\ndisuio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014336 _____ C:\WINDOWS\system32\Drivers\atinpdxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014336 _____ C:\WINDOWS\system32\Drivers\asyncmac.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014208 _____ C:\WINDOWS\system32\Drivers\wacompen.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014208 _____ C:\WINDOWS\system32\Drivers\diskdump.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013952 _____ C:\WINDOWS\system32\Drivers\CmBatt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013952 _____ C:\WINDOWS\system32\Drivers\cbidf2k.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013824 _____ C:\WINDOWS\system32\Drivers\atinttxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013824 _____ C:\WINDOWS\system32\Drivers\atinmdxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013776 _____ C:\WINDOWS\system32\Drivers\recagent.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013240 _____ C:\WINDOWS\system32\Drivers\slwdmsup.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012928 _____ C:\WINDOWS\system32\Drivers\usb8023x.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012928 _____ C:\WINDOWS\system32\Drivers\usb8023.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012672 _____ C:\WINDOWS\system32\Drivers\mutohpen.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012416 _____ C:\WINDOWS\system32\Drivers\nwlnkflt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012288 _____ C:\WINDOWS\system32\Drivers\tunmp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012288 _____ C:\WINDOWS\system32\Drivers\fsvga.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012160 _____ C:\WINDOWS\system32\Drivers\acpiec.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012047 _____ C:\WINDOWS\system32\Drivers\ati1pdxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012040 _____ C:\WINDOWS\system32\Drivers\tdpipe.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012032 _____ C:\WINDOWS\system32\Drivers\ws2ifsl.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012032 _____ C:\WINDOWS\system32\Drivers\riodrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012032 _____ C:\WINDOWS\system32\Drivers\rio8drv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012032 _____ C:\WINDOWS\system32\Drivers\nikedrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011935 _____ C:\WINDOWS\system32\Drivers\wadv11nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011904 _____ C:\WINDOWS\system32\Drivers\sffdisk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011871 _____ C:\WINDOWS\system32\Drivers\wadv09nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011868 _____ C:\WINDOWS\system32\Drivers\mdmxsdk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011807 _____ C:\WINDOWS\system32\Drivers\wadv07nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011776 _____ C:\WINDOWS\system32\Drivers\cpqdap01.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011615 _____ C:\WINDOWS\system32\Drivers\ati1mdxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011392 _____ C:\WINDOWS\system32\Drivers\sfloppy.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011295 _____ C:\WINDOWS\system32\Drivers\wadv08nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011264 _____ C:\WINDOWS\system32\Drivers\irenum.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011008 _____ C:\WINDOWS\system32\Drivers\sffp_sd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00010496 _____ C:\WINDOWS\system32\Drivers\ndistapi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00010496 _____ C:\WINDOWS\system32\Drivers\dxapi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00010240 _____ C:\WINDOWS\system32\Drivers\sffp_mmc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00010240 _____ C:\WINDOWS\system32\Drivers\compbatt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00007680 _____ C:\WINDOWS\system32\Drivers\mcd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00007552 _____ C:\WINDOWS\system32\Drivers\mskssrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00007040 _____ C:\WINDOWS\system32\Drivers\parvdm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00006272 _____ C:\WINDOWS\system32\Drivers\splitter.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005888 _____ C:\WINDOWS\system32\Drivers\smbali.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005888 _____ C:\WINDOWS\system32\Drivers\rootmdm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005376 _____ C:\WINDOWS\system32\Drivers\viaide.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005376 _____ C:\WINDOWS\system32\Drivers\usbd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005376 _____ C:\WINDOWS\system32\Drivers\mspclock.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00004992 _____ C:\WINDOWS\system32\Drivers\mspqm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00004352 _____ C:\WINDOWS\system32\Drivers\swenum.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00004352 _____ C:\WINDOWS\system32\Drivers\avmeject.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00004224 _____ C:\WINDOWS\system32\Drivers\mnmdd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00003456 _____ C:\WINDOWS\system32\Drivers\oprghdlr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00003328 _____ C:\WINDOWS\system32\Drivers\dxgthk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00003072 _____ C:\WINDOWS\system32\Drivers\audstub.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00002944 _____ C:\WINDOWS\system32\Drivers\drmkaud.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00182656 _____ C:\WINDOWS\system32\Drivers\ndis.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00091520 _____ C:\WINDOWS\system32\Drivers\ndiswan.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00080384 _____ C:\WINDOWS\system32\Drivers\parport.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00027392 _____ C:\WINDOWS\system32\Drivers\fdc.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00018688 _____ C:\WINDOWS\system32\Drivers\cdaudio.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00017792 _____ C:\WINDOWS\system32\Drivers\ptilink.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00016512 _____ C:\WINDOWS\system32\Drivers\raspti.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00008832 _____ C:\WINDOWS\system32\Drivers\rasacd.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00007936 _____ C:\WINDOWS\system32\Drivers\fs_rec.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00004224 _____ C:\WINDOWS\system32\Drivers\rdpcdd.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00004224 _____ C:\WINDOWS\system32\Drivers\beep.sys.dump
2014-01-23 21:54 - 2014-01-23 21:55 - 00002944 _____ C:\WINDOWS\system32\Drivers\null.sys.dump
2014-01-23 21:54 - 2014-01-23 21:54 - 00126336 _____ C:\WINDOWS\system32\Drivers\ftdisk.sys.dump
2014-01-23 21:54 - 2014-01-23 21:54 - 00005888 _____ C:\WINDOWS\system32\Drivers\dmload.sys.dump
2014-01-23 21:54 - 2014-01-23 21:54 - 00004352 _____ C:\WINDOWS\system32\Drivers\wmilib.sys.dump
2014-01-23 21:54 - 2014-01-23 21:54 - 00000000 ____D C:\WINDOWS\snack
2014-01-23 21:51 - 2014-01-23 21:51 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\RK_Quarantine
2014-01-23 19:04 - 2014-01-23 19:04 - 00000000 ____D C:\FRST
2014-01-23 19:01 - 2014-01-30 19:05 - 01137152 _____ (Farbar) C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST.exe
2014-01-16 21:38 - 2014-01-16 21:38 - 00000000 __SHD C:\FOUND.000
2014-01-14 21:39 - 2014-01-14 21:39 - 00000190 _____ C:\drwtsn32.log
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\genienext
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\cache
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\.android
2014-01-10 21:45 - 2014-01-10 21:46 - 00000000 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\daemonprocess.txt
2014-01-10 20:43 - 2014-01-10 20:43 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2014-01-10 19:24 - 2014-01-10 19:24 - 00000000 ____D C:\Programme\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-30 19:08 - 2014-01-30 19:07 - 00011530 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST.txt
2014-01-30 19:05 - 2014-01-30 19:05 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST-OlderVersion
2014-01-30 19:05 - 2014-01-23 19:01 - 01137152 _____ (Farbar) C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\FRST.exe
2014-01-30 19:04 - 2014-01-30 18:30 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-30 19:03 - 2011-03-08 19:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-30 19:02 - 2011-03-08 19:11 - 00032542 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-30 19:01 - 2011-03-08 19:16 - 00000190 ___SH C:\Dokumente und Einstellungen\klaus schmidtbauer\ntuser.ini
2014-01-30 18:58 - 2014-01-30 18:58 - 01166132 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\adwcleaner(4).exe
2014-01-30 18:52 - 2014-01-30 18:52 - 00000783 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\JRT.txt
2014-01-30 18:46 - 2014-01-30 18:46 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-30 18:42 - 2014-01-30 18:42 - 01037068 _____ (Thisisu) C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\JRT.exe
2014-01-30 18:14 - 2014-01-30 18:14 - 00025440 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2014-01-30 18:13 - 2014-01-30 18:13 - 00159544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-30 18:07 - 2013-04-15 11:41 - 00065536 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-01-30 18:07 - 2013-04-15 11:41 - 00065536 _____ C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-01-30 18:07 - 2011-06-15 16:54 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-30 18:06 - 2011-03-08 19:06 - 01386192 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-29 20:46 - 2011-03-10 10:46 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-29 18:34 - 2014-01-29 18:34 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java
2014-01-29 18:33 - 2014-01-29 18:34 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-29 18:33 - 2014-01-29 18:34 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-01-29 18:33 - 2014-01-29 18:33 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-29 18:33 - 2014-01-29 18:33 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-29 18:33 - 2014-01-29 18:33 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-29 18:33 - 2014-01-29 18:33 - 00000000 ____D C:\Programme\Java
2014-01-29 18:33 - 2014-01-29 18:33 - 00000000 ____D C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Java
2014-01-28 20:47 - 2013-06-07 17:40 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-28 20:47 - 2013-04-15 08:16 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-01-28 20:47 - 2013-04-15 08:16 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-01-28 20:29 - 2004-08-04 12:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-28 20:23 - 2013-09-27 19:25 - 00006424 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2014-01-28 18:22 - 2014-01-28 18:17 - 00002819 _____ C:\rapport.txt
2014-01-28 18:21 - 2014-01-28 18:21 - 00000000 __SHD C:\Recycled
2014-01-28 18:21 - 2014-01-28 18:18 - 00000994 _____ C:\WINDOWS\system32\tmp.reg
2014-01-28 18:21 - 2014-01-28 18:18 - 00000000 _____ C:\WINDOWS\system32\tmp.txt
2014-01-28 18:01 - 2014-01-28 18:01 - 00000000 ___SD C:\ComboFix
2014-01-27 17:33 - 2014-01-27 17:33 - 00000000 _RSHD C:\cmdcons
2014-01-27 17:33 - 1980-01-01 00:00 - 00000327 __RSH C:\boot.ini
2014-01-27 17:30 - 2014-01-27 17:30 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-23 22:58 - 2013-08-15 19:30 - 00000190 ___SH C:\Dokumente und Einstellungen\annica\ntuser.ini
2014-01-23 21:55 - 2014-01-23 21:55 - 02314560 _____ C:\WINDOWS\system32\Drivers\ALCXWDM.SYS.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 01897408 _____ C:\WINDOWS\system32\Drivers\nv4_mini.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 01309184 _____ C:\WINDOWS\system32\Drivers\mtlstrm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 01041536 _____ C:\WINDOWS\system32\Drivers\hsfdpsp2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00926080 _____ C:\WINDOWS\system32\Drivers\fwlanusb4.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00800384 _____ C:\WINDOWS\system32\Drivers\dmboot.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00701952 _____ C:\WINDOWS\system32\Drivers\ati2mtag.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00685056 _____ C:\WINDOWS\system32\Drivers\hsfcxts2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00574976 _____ C:\WINDOWS\system32\Drivers\ntfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00456320 _____ C:\WINDOWS\system32\Drivers\mrxsmb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00452736 _____ C:\WINDOWS\system32\Drivers\mtxparhm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00404990 _____ C:\WINDOWS\system32\Drivers\slntamr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00384768 _____ C:\WINDOWS\system32\Drivers\update.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00361600 _____ C:\WINDOWS\system32\Drivers\tcpip.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00357888 _____ C:\WINDOWS\system32\Drivers\srv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00352256 _____ C:\WINDOWS\system32\Drivers\atmuni.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00327168 _____ C:\WINDOWS\system32\Drivers\ati2mtaa.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00273024 _____ C:\WINDOWS\system32\Drivers\bthport.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00265728 _____ C:\WINDOWS\system32\Drivers\http.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00265088 _____ C:\WINDOWS\system32\Drivers\fwlanusb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00262528 _____ C:\WINDOWS\system32\Drivers\cinemst2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00226880 _____ C:\WINDOWS\system32\Drivers\tcpip6.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00220032 _____ C:\WINDOWS\system32\Drivers\hsfbs2s2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00203136 _____ C:\WINDOWS\system32\Drivers\RMCast.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00196224 _____ C:\WINDOWS\system32\Drivers\rdpdr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00188800 _____ C:\WINDOWS\system32\Drivers\acpi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00185664 _____ C:\WINDOWS\system32\Drivers\SynTP.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00180608 _____ C:\WINDOWS\system32\Drivers\mrxdav.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00180360 _____ C:\WINDOWS\system32\Drivers\ntmtlfax.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00175744 _____ C:\WINDOWS\system32\Drivers\rdbss.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00172416 _____ C:\WINDOWS\system32\Drivers\kmixer.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00166912 _____ C:\WINDOWS\system32\Drivers\s3gnbm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00162816 _____ C:\WINDOWS\system32\Drivers\netbt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00154112 _____ C:\WINDOWS\system32\Drivers\dmio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00152832 _____ C:\WINDOWS\system32\Drivers\ipnat.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00146048 _____ C:\WINDOWS\system32\Drivers\portcls.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00144384 _____ C:\WINDOWS\system32\Drivers\Hdaudbus.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00144128 _____ C:\WINDOWS\system32\Drivers\usbport.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00143744 _____ C:\WINDOWS\system32\Drivers\fastfat.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00142592 _____ C:\WINDOWS\system32\Drivers\aec.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00141582 _____ C:\WINDOWS\system32\Drivers\NVCAP.SYS.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00141056 _____ C:\WINDOWS\system32\Drivers\ks.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00139784 _____ C:\WINDOWS\system32\Drivers\rdpwd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00138496 _____ C:\WINDOWS\system32\Drivers\afd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00129792 _____ C:\WINDOWS\system32\Drivers\fltMgr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00129535 _____ C:\WINDOWS\system32\Drivers\slnt7554.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00126686 _____ C:\WINDOWS\system32\Drivers\mtlmnt5.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00123008 _____ C:\WINDOWS\system32\Drivers\usbvideo.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00120576 _____ C:\WINDOWS\system32\Drivers\pcmcia.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00113664 _____ C:\WINDOWS\system32\Drivers\Hdaudio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00105472 _____ C:\WINDOWS\system32\Drivers\mup.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00104960 _____ C:\WINDOWS\system32\Drivers\atinrvxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00101120 _____ C:\WINDOWS\system32\Drivers\bthpan.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00096512 _____ C:\WINDOWS\system32\Drivers\atapi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00096384 _____ C:\WINDOWS\system32\Drivers\scsiport.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00095424 _____ C:\WINDOWS\system32\Drivers\slnthal.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00092928 _____ C:\WINDOWS\system32\Drivers\ksecdd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00088320 _____ C:\WINDOWS\system32\Drivers\nwlnkipx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00083072 _____ C:\WINDOWS\system32\Drivers\wdmaud.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00082944 _____ C:\WINDOWS\system32\Drivers\WudfRd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00081664 _____ C:\WINDOWS\system32\Drivers\videoprt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00079232 _____ C:\WINDOWS\system32\Drivers\sdbus.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00077568 _____ C:\WINDOWS\system32\Drivers\WudfPf.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00075264 _____ C:\WINDOWS\system32\Drivers\ipsec.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00073472 _____ C:\WINDOWS\system32\Drivers\sr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00073216 _____ C:\WINDOWS\system32\Drivers\atintuxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00071552 _____ C:\WINDOWS\system32\Drivers\bridge.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00071168 _____ C:\WINDOWS\system32\Drivers\dxg.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00069120 _____ C:\WINDOWS\system32\Drivers\psched.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00068224 _____ C:\WINDOWS\system32\Drivers\pci.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00066048 _____ C:\WINDOWS\system32\Drivers\udfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00065536 _____ C:\WINDOWS\system32\Drivers\serial.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063744 _____ C:\WINDOWS\system32\Drivers\mf.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063744 _____ C:\WINDOWS\system32\Drivers\cdfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063663 _____ C:\WINDOWS\system32\Drivers\ati1rvxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063488 _____ C:\WINDOWS\system32\Drivers\atinxsxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00063232 _____ C:\WINDOWS\system32\Drivers\nwlnknb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00062976 _____ C:\WINDOWS\system32\Drivers\cdrom.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00061824 _____ C:\WINDOWS\system32\Drivers\nic1394.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00060800 _____ C:\WINDOWS\system32\Drivers\sysaudio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00060800 _____ C:\WINDOWS\system32\Drivers\arp1394.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00060160 _____ C:\WINDOWS\system32\Drivers\drmk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00059904 _____ C:\WINDOWS\system32\Drivers\atmarpc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00059520 _____ C:\WINDOWS\system32\Drivers\usbhub.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00059136 _____ C:\WINDOWS\system32\Drivers\rfcomm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00058112 _____ C:\WINDOWS\system32\Drivers\vdmindvd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00057856 _____ C:\WINDOWS\system32\Drivers\atinbtxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00057728 _____ C:\WINDOWS\system32\Drivers\redbook.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00056623 _____ C:\WINDOWS\system32\Drivers\ati1btxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00056576 _____ C:\WINDOWS\system32\Drivers\swmidi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00055936 _____ C:\WINDOWS\system32\Drivers\nwlnkspx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00055808 _____ C:\WINDOWS\system32\Drivers\atmlane.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00053760 _____ C:\WINDOWS\system32\Drivers\volsnap.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00052992 _____ C:\WINDOWS\system32\Drivers\i8042prt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00052864 _____ C:\WINDOWS\system32\Drivers\DMusic.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00052224 _____ C:\WINDOWS\system32\Drivers\atinraxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00051712 _____ C:\WINDOWS\system32\Drivers\tosdvd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00051328 _____ C:\WINDOWS\system32\Drivers\rasl2tp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00049536 _____ C:\WINDOWS\system32\Drivers\classpnp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00049408 _____ C:\WINDOWS\system32\Drivers\stream.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00048384 _____ C:\WINDOWS\system32\Drivers\raspptp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00046848 _____ C:\WINDOWS\system32\Drivers\p3.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00046464 _____ C:\WINDOWS\system32\Drivers\gagp30kx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00044928 _____ C:\WINDOWS\system32\Drivers\agpcpq.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00044672 _____ C:\WINDOWS\system32\Drivers\uagp35.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00044672 _____ C:\WINDOWS\system32\Drivers\fips.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00043520 _____ C:\WINDOWS\system32\Drivers\fetnd5bv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00043008 _____ C:\WINDOWS\system32\Drivers\amdagp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042752 _____ C:\WINDOWS\system32\Drivers\alim1541.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042496 _____ C:\WINDOWS\system32\Drivers\fetnd5b.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042368 _____ C:\WINDOWS\system32\Drivers\mountmgr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042368 _____ C:\WINDOWS\system32\Drivers\agp440.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042240 _____ C:\WINDOWS\system32\Drivers\viaagp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00042112 _____ C:\WINDOWS\system32\Drivers\imapi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00041856 _____ C:\WINDOWS\system32\Drivers\amdk7.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00041472 _____ C:\WINDOWS\system32\Drivers\raspppoe.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00041472 _____ C:\WINDOWS\system32\Drivers\amdk6.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040960 _____ C:\WINDOWS\system32\Drivers\sisagp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040960 _____ C:\WINDOWS\system32\Drivers\ndproxy.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040840 _____ C:\WINDOWS\system32\Drivers\termdd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040832 _____ C:\WINDOWS\system32\Drivers\crusoe.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040776 _____ C:\WINDOWS\system32\Drivers\mbamswissarmy.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040448 _____ C:\WINDOWS\system32\Drivers\intelppm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00040320 _____ C:\WINDOWS\system32\Drivers\nmnt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00039936 _____ C:\WINDOWS\system32\Drivers\processr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00038912 _____ C:\WINDOWS\system32\Drivers\AmdK8.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00038528 _____ C:\WINDOWS\system32\Drivers\wpdusb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00037888 _____ C:\WINDOWS\system32\Drivers\bthmodem.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00037632 _____ C:\WINDOWS\system32\Drivers\isapnp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036864 _____ C:\WINDOWS\system32\Drivers\hidclass.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036608 _____ C:\WINDOWS\system32\Drivers\ip6fw.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036480 _____ C:\WINDOWS\system32\Drivers\bthprint.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036463 _____ C:\WINDOWS\system32\Drivers\ati1tuxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00036352 _____ C:\WINDOWS\system32\Drivers\disk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00035072 _____ C:\WINDOWS\system32\Drivers\msgpc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00034735 _____ C:\WINDOWS\system32\Drivers\ati1xsxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00034688 _____ C:\WINDOWS\system32\Drivers\netbios.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00034560 _____ C:\WINDOWS\system32\Drivers\wanarp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00034432 _____ C:\WINDOWS\system32\Drivers\rawwan.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00033792 _____ C:\WINDOWS\system32\Drivers\AmdPPM.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00032896 _____ C:\WINDOWS\system32\Drivers\ipfltdrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00032768 _____ C:\WINDOWS\system32\Drivers\sp_rsdrv2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00032512 _____ C:\WINDOWS\system32\Drivers\nwlnkfwd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00031744 _____ C:\WINDOWS\system32\Drivers\atinxbxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00031360 _____ C:\WINDOWS\system32\Drivers\atmepvc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030848 _____ C:\WINDOWS\system32\Drivers\npfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030671 _____ C:\WINDOWS\system32\Drivers\ati1raxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030592 _____ C:\WINDOWS\system32\Drivers\rndismpx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030592 _____ C:\WINDOWS\system32\Drivers\rndismp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030336 _____ C:\WINDOWS\system32\Drivers\usbehci.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00030336 _____ C:\WINDOWS\system32\Drivers\modem.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00029455 _____ C:\WINDOWS\system32\Drivers\ati1xbxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00028672 _____ C:\WINDOWS\system32\Drivers\atinsnxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00027165 _____ C:\WINDOWS\system32\Drivers\fetnd5.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00026368 _____ C:\WINDOWS\system32\Drivers\usbstor.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00026367 _____ C:\WINDOWS\system32\Drivers\ati1snxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025856 _____ C:\WINDOWS\system32\Drivers\hidbth.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025728 _____ C:\WINDOWS\system32\Drivers\usbcamd2.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025600 _____ C:\WINDOWS\system32\Drivers\usbcamd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025471 _____ C:\WINDOWS\system32\Drivers\watv10nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025344 _____ C:\WINDOWS\system32\Drivers\sonydcam.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025216 _____ C:\WINDOWS\system32\Drivers\kbdclass.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00025088 _____ C:\WINDOWS\system32\Drivers\hidparse.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00024960 _____ C:\WINDOWS\system32\Drivers\pciidex.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00023552 _____ C:\WINDOWS\system32\Drivers\mouclass.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00022856 _____ C:\WINDOWS\system32\Drivers\mbam.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00022271 _____ C:\WINDOWS\system32\Drivers\watv06nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00021896 _____ C:\WINDOWS\system32\Drivers\tdtcp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00021376 _____ C:\WINDOWS\system32\Drivers\tsbvcap.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00021343 _____ C:\WINDOWS\system32\Drivers\ati1ttxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020992 _____ C:\WINDOWS\system32\Drivers\vga.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020864 _____ C:\WINDOWS\system32\Drivers\ipinip.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020608 _____ C:\WINDOWS\system32\Drivers\usbuhci.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020480 _____ C:\WINDOWS\system32\Drivers\secdrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00020480 _____ C:\WINDOWS\system32\Drivers\flpydisk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00019712 _____ C:\WINDOWS\system32\Drivers\partmgr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00019200 _____ C:\WINDOWS\system32\Drivers\hidir.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00019072 _____ C:\WINDOWS\system32\Drivers\tdi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00019072 _____ C:\WINDOWS\system32\Drivers\msfs.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00018944 _____ C:\WINDOWS\system32\Drivers\bthusb.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00017024 _____ C:\WINDOWS\system32\Drivers\bthenum.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00016496 _____ C:\WINDOWS\system32\Drivers\NVXBAR.SYS.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00016384 _____ C:\WINDOWS\system32\Drivers\battc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00015872 _____ C:\WINDOWS\system32\Drivers\usbintel.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00015744 _____ C:\WINDOWS\system32\Drivers\serenum.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00015488 _____ C:\WINDOWS\system32\Drivers\mssmbios.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014976 _____ C:\WINDOWS\system32\Drivers\tape.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014592 _____ C:\WINDOWS\system32\Drivers\smclib.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014592 _____ C:\WINDOWS\system32\Drivers\ndisuio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014336 _____ C:\WINDOWS\system32\Drivers\atinpdxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014336 _____ C:\WINDOWS\system32\Drivers\asyncmac.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014208 _____ C:\WINDOWS\system32\Drivers\wacompen.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00014208 _____ C:\WINDOWS\system32\Drivers\diskdump.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013952 _____ C:\WINDOWS\system32\Drivers\CmBatt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013952 _____ C:\WINDOWS\system32\Drivers\cbidf2k.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013824 _____ C:\WINDOWS\system32\Drivers\atinttxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013824 _____ C:\WINDOWS\system32\Drivers\atinmdxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013776 _____ C:\WINDOWS\system32\Drivers\recagent.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00013240 _____ C:\WINDOWS\system32\Drivers\slwdmsup.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012928 _____ C:\WINDOWS\system32\Drivers\usb8023x.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012928 _____ C:\WINDOWS\system32\Drivers\usb8023.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012672 _____ C:\WINDOWS\system32\Drivers\mutohpen.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012416 _____ C:\WINDOWS\system32\Drivers\nwlnkflt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012288 _____ C:\WINDOWS\system32\Drivers\tunmp.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012288 _____ C:\WINDOWS\system32\Drivers\fsvga.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012160 _____ C:\WINDOWS\system32\Drivers\acpiec.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012047 _____ C:\WINDOWS\system32\Drivers\ati1pdxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012040 _____ C:\WINDOWS\system32\Drivers\tdpipe.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012032 _____ C:\WINDOWS\system32\Drivers\ws2ifsl.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012032 _____ C:\WINDOWS\system32\Drivers\riodrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012032 _____ C:\WINDOWS\system32\Drivers\rio8drv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00012032 _____ C:\WINDOWS\system32\Drivers\nikedrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011935 _____ C:\WINDOWS\system32\Drivers\wadv11nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011904 _____ C:\WINDOWS\system32\Drivers\sffdisk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011871 _____ C:\WINDOWS\system32\Drivers\wadv09nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011868 _____ C:\WINDOWS\system32\Drivers\mdmxsdk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011807 _____ C:\WINDOWS\system32\Drivers\wadv07nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011776 _____ C:\WINDOWS\system32\Drivers\cpqdap01.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011615 _____ C:\WINDOWS\system32\Drivers\ati1mdxx.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011392 _____ C:\WINDOWS\system32\Drivers\sfloppy.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011295 _____ C:\WINDOWS\system32\Drivers\wadv08nt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011264 _____ C:\WINDOWS\system32\Drivers\irenum.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00011008 _____ C:\WINDOWS\system32\Drivers\sffp_sd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00010496 _____ C:\WINDOWS\system32\Drivers\ndistapi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00010496 _____ C:\WINDOWS\system32\Drivers\dxapi.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00010240 _____ C:\WINDOWS\system32\Drivers\sffp_mmc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00010240 _____ C:\WINDOWS\system32\Drivers\compbatt.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00007680 _____ C:\WINDOWS\system32\Drivers\mcd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00007552 _____ C:\WINDOWS\system32\Drivers\mskssrv.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00007040 _____ C:\WINDOWS\system32\Drivers\parvdm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00006272 _____ C:\WINDOWS\system32\Drivers\splitter.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005888 _____ C:\WINDOWS\system32\Drivers\smbali.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005888 _____ C:\WINDOWS\system32\Drivers\rootmdm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005376 _____ C:\WINDOWS\system32\Drivers\viaide.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005376 _____ C:\WINDOWS\system32\Drivers\usbd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00005376 _____ C:\WINDOWS\system32\Drivers\mspclock.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00004992 _____ C:\WINDOWS\system32\Drivers\mspqm.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00004352 _____ C:\WINDOWS\system32\Drivers\swenum.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00004352 _____ C:\WINDOWS\system32\Drivers\avmeject.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00004224 _____ C:\WINDOWS\system32\Drivers\mnmdd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00003456 _____ C:\WINDOWS\system32\Drivers\oprghdlr.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00003328 _____ C:\WINDOWS\system32\Drivers\dxgthk.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00003072 _____ C:\WINDOWS\system32\Drivers\audstub.sys.dump
2014-01-23 21:55 - 2014-01-23 21:55 - 00002944 _____ C:\WINDOWS\system32\Drivers\drmkaud.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00182656 _____ C:\WINDOWS\system32\Drivers\ndis.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00091520 _____ C:\WINDOWS\system32\Drivers\ndiswan.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00080384 _____ C:\WINDOWS\system32\Drivers\parport.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00027392 _____ C:\WINDOWS\system32\Drivers\fdc.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00018688 _____ C:\WINDOWS\system32\Drivers\cdaudio.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00017792 _____ C:\WINDOWS\system32\Drivers\ptilink.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00016512 _____ C:\WINDOWS\system32\Drivers\raspti.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00008832 _____ C:\WINDOWS\system32\Drivers\rasacd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00007936 _____ C:\WINDOWS\system32\Drivers\fs_rec.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00004224 _____ C:\WINDOWS\system32\Drivers\rdpcdd.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00004224 _____ C:\WINDOWS\system32\Drivers\beep.sys.dump
2014-01-23 21:55 - 2014-01-23 21:54 - 00002944 _____ C:\WINDOWS\system32\Drivers\null.sys.dump
2014-01-23 21:54 - 2014-01-23 21:54 - 00126336 _____ C:\WINDOWS\system32\Drivers\ftdisk.sys.dump
2014-01-23 21:54 - 2014-01-23 21:54 - 00005888 _____ C:\WINDOWS\system32\Drivers\dmload.sys.dump
2014-01-23 21:54 - 2014-01-23 21:54 - 00004352 _____ C:\WINDOWS\system32\Drivers\wmilib.sys.dump
2014-01-23 21:54 - 2014-01-23 21:54 - 00000000 ____D C:\WINDOWS\snack
2014-01-23 21:51 - 2014-01-23 21:51 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\RK_Quarantine
2014-01-23 19:04 - 2014-01-23 19:04 - 00000000 ____D C:\FRST
2014-01-16 21:38 - 2014-01-16 21:38 - 00000000 __SHD C:\FOUND.000
2014-01-16 18:34 - 2011-04-11 20:06 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-14 21:39 - 2014-01-14 21:39 - 00000190 _____ C:\drwtsn32.log
2014-01-14 21:33 - 2013-04-18 21:03 - 00001448 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Defraggler.lnk
2014-01-14 21:29 - 2013-04-15 12:53 - 00001506 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Startmenü\Programme\Update Checker.lnk
2014-01-14 21:29 - 2013-04-15 12:53 - 00001500 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop\Update Checker.lnk
2014-01-14 20:47 - 2013-05-01 17:47 - 00000558 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\CCleaner.lnk
2014-01-14 19:44 - 2013-04-15 12:59 - 00002347 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
2014-01-10 22:01 - 2011-03-31 18:48 - 00000606 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Mozilla Firefox.lnk
2014-01-10 22:01 - 2011-03-08 20:21 - 00000600 _____ C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
2014-01-10 22:01 - 2011-03-08 19:16 - 00000665 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\Startmenü\Programme\Internet Explorer.lnk
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\genienext
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Anwendungsdaten\cache
2014-01-10 21:46 - 2014-01-10 21:46 - 00000000 ____D C:\Dokumente und Einstellungen\klaus schmidtbauer\.android
2014-01-10 21:46 - 2014-01-10 21:45 - 00000000 _____ C:\Dokumente und Einstellungen\klaus schmidtbauer\daemonprocess.txt
2014-01-10 20:43 - 2014-01-10 20:43 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2014-01-10 19:24 - 2014-01-10 19:24 - 00000000 ____D C:\Programme\Mozilla Firefox
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\klaus schmidtbauer\Lokale Einstellungen\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe
[2004-08-04 12:00] - [2008-04-14 04:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\WINDOWS\system32\winlogon.exe
[2004-08-04 12:00] - [2008-04-14 04:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\WINDOWS\system32\svchost.exe
[2004-08-04 12:00] - [2008-04-14 04:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\WINDOWS\system32\services.exe
[2004-08-04 12:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\WINDOWS\system32\User32.dll
[2004-08-04 12:00] - [2008-04-14 04:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\WINDOWS\system32\userinit.exe
[2004-08-04 12:00] - [2008-04-14 04:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\WINDOWS\system32\rpcss.dll
[2004-08-04 12:00] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b
ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 12:00] - [2008-04-14 03:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-01-2014 01 Ran by klaus schmidtbauer at 2014-01-30 19:09:23 Running from C:\Dokumente und Einstellungen\klaus schmidtbauer\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== ==================== Installed Programs ====================== Adobe Flash Player 11 ActiveX (Version: 11.7.700.224 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) (Version: 11.0.06 - Adobe Systems Incorporated) Athlon 64 Processor Driver (Version: 1.1.0.14 - ) AVM FRITZ!WLAN (Version: - AVM Berlin) CCleaner (Version: 4.09 - Piriform) Defraggler (Version: 2.16 - Piriform) FileHippo.com Update Checker (Version: - ) Free YouTube Download version 3.2.11.812 (Version: 3.2.11.812 - DVDVideoSoft Ltd.) Java 7 Update 51 (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden LibreOffice 4.1 Help Pack (German) (Version: 4.1.0.4 - The Document Foundation) LibreOffice 4.1.0.4 (Version: 4.1.0.4 - The Document Foundation) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla) Mozilla Maintenance Service (Version: 26.0 - Mozilla) NVIDIA WDM Drivers (Version: - ) Platform (Version: 1.1 - VIA Technologies, Inc.) Hidden Realtek AC'97 Audio (Version: - ) Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group) Sicherheitsupdate für Windows Internet Explorer 7 (KB2817183) (Version: 1 - Microsoft Corporation) Hidden Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2) (Version: 2 - Microsoft Corporation) Hidden Sicherheitsupdate für Windows Internet Explorer 7 (KB982381) (Version: 1 - Microsoft Corporation) Hidden Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB923789) (Version: - Microsoft Corporation) Spyware Terminator 2012 (Version: 3.0.0.82 - Crawler.com) Synaptics Pointing Device Driver (Version: 7.11.9.0 - ) TeamViewer 8 (Version: 8.0.19617 - TeamViewer) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation) Update für Windows Internet Explorer 8 (KB2598845) (Version: 1 - Microsoft Corporation) Update für Windows Internet Explorer 8 (KB2632503) (Version: 1 - Microsoft Corporation) VIA Plattform-Geräte-Manager (Version: 1.1 - VIA Technologies, Inc.) VIA Rhine-Family Fast-Ethernet Adapter (Version: - ) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Genuine Advantage Validation Tool (KB892130) (Version: - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation) Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format 11 runtime (Version: - ) Windows Media Player 11 (Version: - ) ==================== Restore Points ========================= 28-01-2014 21:08:54 Revo Uninstaller's restore point - Google Chrome 28-01-2014 21:08:54 Systemprüfpunkt 28-01-2014 21:08:54 ComboFix created restore point 28-01-2014 19:18:22 Software Distribution Service 3.0 29-01-2014 17:19:07 Revo Uninstaller's restore point - SiSoftware Sandra Lite 2012.SP4c 29-01-2014 17:21:01 Revo Uninstaller's restore point - Java 7 Update 45 29-01-2014 17:21:11 Java 7 Update 45 wird entfernt 29-01-2014 17:33:08 Java 7 Update 51 wird installiert ==================== Hosts content: ========================== 2004-08-04 12:00 - 2014-01-28 18:21 - 00567778 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 fr.a2dfp.net 127.0.0.1 m.fr.a2dfp.net 127.0.0.1 ad.a8.net 127.0.0.1 asy.a8ww.net 127.0.0.1 abcstats.com 127.0.0.1 a.abv.bg 127.0.0.1 adserver.abv.bg 127.0.0.1 adv.abv.bg 127.0.0.1 bimg.abv.bg 127.0.0.1 ca.abv.bg 127.0.0.1 www2.a-counter.kiev.ua 127.0.0.1 track.acclaimnetwork.com 127.0.0.1 accuserveadsystem.com 127.0.0.1 www.accuserveadsystem.com 127.0.0.1 achmedia.com 127.0.0.1 csh.actiondesk.com 127.0.0.1 www.activemeter.com #[Tracking.Cookie] 127.0.0.1 ads.activepower.net 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie] 127.0.0.1 cms.ad2click.nl 127.0.0.1 ad2games.com 127.0.0.1 ads.ad2games.com 127.0.0.1 content.ad20.net 127.0.0.1 core.ad20.net 127.0.0.1 banner.ad.nu 127.0.0.1 cl21.v4.adaction.se 127.0.0.1 adadvisor.net 127.0.0.1 tag1.adaptiveads.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Videocontroller (VGA-kompatibel) Description: Videocontroller (VGA-kompatibel) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Netzwerkcontroller Description: Netzwerkcontroller Class Guid: {00000000-0000-0000-0000-000000000000} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI-Kommunikationscontroller (einfach) Description: PCI-Kommunikationscontroller (einfach) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/30/2014 06:13:50 PM) (Source: Windows Search Service) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Die Inhaltsindex-Metadaten können nicht gelesen werden. (0xc0041801) Error: (01/30/2014 06:13:50 PM) (Source: Windows Search Service) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindex-Metadaten können nicht gelesen werden. (0xc0041801) Error: (01/30/2014 06:13:50 PM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (0x80070490) Error: (01/30/2014 06:13:50 PM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindex kann nicht gelesen werden. (0xc0041800) System errors: ============= Error: (01/30/2014 06:13:51 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: 2147749155 (0x80040D23). Microsoft Office Sessions: ========================= Error: (01/30/2014 06:13:50 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung Details: Die Inhaltsindex-Metadaten können nicht gelesen werden. (0xc0041801) Error: (01/30/2014 06:13:50 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindex-Metadaten können nicht gelesen werden. (0xc0041801) Error: (01/30/2014 06:13:50 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (0x80070490) Search.TripoliIndexer Error: (01/30/2014 06:13:50 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindex kann nicht gelesen werden. (0xc0041800) Search.JetPropStore ==================== Memory info =========================== Percentage of memory in use: 84% Total physical RAM: 447.48 MB Available physical RAM: 69.75 MB Total Pagefile: 1055.18 MB Available Pagefile: 732.03 MB Total Virtual: 2047.88 MB Available Virtual: 1944.74 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:46.87 GB) (Free:36.99 GB) FAT32 ==>[Drive with boot components (Windows XP)] Drive d: () (Fixed) (Total:27.63 GB) (Free:27.31 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 7FA27FA2) Partition 1: (Active) - (Size=47 GB) - (Type=0C) Partition 2: (Not Active) - (Size=28 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
|
31.01.2014, 12:15
| #12 | |
| /// the machine /// TB-Ausbilder | 1und1 warnt mich vor Open Dns ResolverZitat:
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu 1und1 warnt mich vor Open Dns Resolver |
| 1und1, allgemein, antworten, anwendung, brauche, code, dns, einfach, folge, frage, fragen, initiative, kostenlose, kunde, löschen, mobilfunk, norton, norton 360, nutzen, passwörter, programm, rechner, rum, sicherheit, uhrzeit, verschickt, virus, warnt, ändern |
WARNUNG an die MITLESER: 
Linear-Darstellung
