|
Jemand ist in meinem Netzwerk Auf mich hat es schon seit längerer Zeit jemand abgesehen. Zuerst fand ich den Trojaner Backdoor Bifrose, dann habe ich den WLAN Watcher runtergelanden u. da taucht immer ein Fremder in meinem Netzwerk auf der eine unbekannte MAC Adresse hat u. die IP ist immer verschieden. Gibt es ein gutes Programm wo ich das gut überwachen kann u. es auch entfernen? Mit dem WLAN Watcher siehst du nur wer da ist, kannst es aber nicht entfernen. Habe von meinem Pirelli PRGAV 4202N das SSID die Verschlüsselungsart auf WPA2 u. den Netzwerkschlüssel gändert, das Modemkennwort geändert. Alles hilft nichts. Ich weiss nicht wie diese Person reinkommt. Wenn die Person drinnen ist habe ich in der Netzwerkübersicht zwischen meinem PC u. Router ein "blaues Fragezeichen" mit unbekannt. In der Verwaltungskonsole von meinem Router scheint es auch nicht auf, darum kann ich keine MAC Filterung machen. Ich kann nur eingeben wer draussen bleibt. Gebt mir bitte einen Rat. |
Zitat:
Welche Maßnahmen wurden umgesetzt den zu entfernen? Dir ist klar, dass mehr oder weniger du selbst diesen Schädling installiert hast? :pfeiff: |
Ich hatte das System vorher neu aufgesetzt u. dann war er da. Das Prog. Adaware hat den Trojaner gefunden. Ich habe ihn dann unter Quarantäne gestellt. Pfad wo er gefunden wurde poste ich noch. Vorgeschichte: Es ist ne Frau. . Hat meinen Facebook Account gehackt. Habe dann alles gelöscht. Jetzt vor kurzem wollte sie auf mein ebayKonto. Sie hat es nicht geschafft. Dann erst habe ich Spybot u. Adaware runtergeladen. Auf meinem PC war ein Trojaner. Auf meinem Laptop gleich 2. |
Übrigens habe ich Kaspersky installiert. Aber für was, sie kommt trotzdem ins System? |
Wo und wann wurde nicht gepostet. Warum postest du nicht gleich das Log mit, stattdessen erwähnst du nur, dass du den Funort noch hast. Naja. Immerhin. Zitat:
Ich will dich nicht als DAU bezeichnen aber allein nur durch einen Virenscanner machst du garnichts sicherer. Als erstes musst du lernen; und v.a. einsehen, dass der Virenscanner kein Allheilmittel ist und JEDE Gefahr erkennen und beseitigen kann. Die Werbung versucht das leider so jedem einzutrichtern, aber die Realität sieht nunmal anders aus. |
c:\users\chrisra\appdata\local\google\chrome\user data\default\cache\f_00019c Das ist der gespeicherte Pfad von Adaware von diesem Trojaner. Weiss nicht wo das ist, irgendwas mit dem Cache von Google Chrome oder? |
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code: hier steht das Log |
Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 8392 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 18.12.2011 12:56:58 mbam-log-2011-12-18 (12-56-58).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Durchsuchte Objekte: 473407 Laufzeit: 2 Stunde(n), 1 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Windows.old\Users\chris-ildi\downloads\casinoclassic.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\Windows.old\Users\chris-ildi\downloads\AllSlots.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\Windows.old\Users\chris-ildi\downloads\downloadmanagersetup.exe (Adware.Agent) -> Quarantined and deleted successfully. Den anderen Scan mache ich noch. Bitte um etwas Geduld!!! |
ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-19 08:58:45 # local_time=2011-12-19 09:58:45 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 939470 939470 0 0 # compatibility_mode=5893 16776573 100 94 144855 75915233 0 0 # compatibility_mode=8192 67108863 100 0 3743 3743 0 0 # scanned=12620 # found=0 # cleaned=0 # scan_time=1083 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-19 01:04:56 # local_time=2011-12-19 02:04:56 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 940674 940674 0 0 # compatibility_mode=5893 16776573 100 94 146059 75916437 0 0 # compatibility_mode=8192 67108863 100 0 4947 4947 0 0 # scanned=382273 # found=35 # cleaned=0 # scan_time=14650 C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Downloads\cnet_governor-of-poker-2_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Downloads\SoftonicDownloader_fuer_airsnare.exe Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Lokale Einstellungen\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Lokale Einstellungen\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I E:\CHRIS-ILDI-PC\Backup Set 2010-08-28 092914\Backup Files 2010-08-28 092914\Backup files 4.zip a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Documents\Documents\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_divx-plus.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_jdownloader.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_utorrent.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-19 08:40:35 # local_time=2011-12-19 09:40:35 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 967378 967378 0 0 # compatibility_mode=5893 16776573 100 94 172763 75943141 0 0 # compatibility_mode=8192 67108863 100 0 31651 31651 0 0 # scanned=382513 # found=35 # cleaned=0 # scan_time=15284 C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Downloads\cnet_governor-of-poker-2_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Downloads\SoftonicDownloader_fuer_airsnare.exe Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Lokale Einstellungen\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Lokale Einstellungen\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I E:\CHRIS-ILDI-PC\Backup Set 2010-08-28 092914\Backup Files 2010-08-28 092914\Backup files 4.zip a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Documents\Documents\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_divx-plus.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_jdownloader.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_utorrent.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I |
Bitte nicht falsch verstehen, aber irgendwie hab ich den Eindruck es ist ein Volkssport geworden sich sämtlichen Kram von Softonic zu laden. Da ist immer irgendein Müll wie Toolbars oder der sinnlose Softonic Downloader drin. Warum lädst du die Software nicht von der Seite des Herstellers oder notfalls bei chip.de? |
Ok, werd ich mir merken. |
Zitat:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich. Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.
Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen. Zerstörst Du die Registry, zerstörst Du Windows. Mach bitte ein OTL-Log CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code: netsvcs
|
Das funktioniert nicht. Habe ein Problem mit diesem Programm. Zuerst scannt er ganz normal u. dann kommt unten "Manual File Scan - Getting folder structure..." u. dann passiert nichts mehr. Dann hängt das Programm. |
Dann probier es bitte im abgesicherten Modus aus |
Das gleiche Problem. |
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif |
20:11:24.0149 3136 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31 20:11:24.0309 3136 ============================================================ 20:11:24.0309 3136 Current date / time: 2011/12/21 20:11:24.0309 20:11:24.0309 3136 SystemInfo: 20:11:24.0310 3136 20:11:24.0310 3136 OS Version: 6.1.7601 ServicePack: 1.0 20:11:24.0310 3136 Product type: Workstation 20:11:24.0310 3136 ComputerName: CHRISRA-PC 20:11:24.0310 3136 UserName: chrisra 20:11:24.0310 3136 Windows directory: C:\Windows 20:11:24.0310 3136 System windows directory: C:\Windows 20:11:24.0310 3136 Processor architecture: Intel x86 20:11:24.0310 3136 Number of processors: 4 20:11:24.0310 3136 Page size: 0x1000 20:11:24.0310 3136 Boot type: Normal boot 20:11:24.0310 3136 ============================================================ 20:11:32.0998 3136 Initialize success 20:12:07.0396 2952 ============================================================ 20:12:07.0397 2952 Scan started 20:12:07.0397 2952 Mode: Manual; SigCheck; TDLFS; 20:12:07.0397 2952 ============================================================ 20:12:08.0290 2952 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 20:12:08.0464 2952 1394ohci - ok 20:12:08.0487 2952 acedrv11 (e6f53d6c0dea3d375362265e175ca638) C:\Windows\system32\drivers\acedrv11.sys 20:12:08.0525 2952 acedrv11 - ok 20:12:08.0543 2952 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 20:12:08.0565 2952 ACPI - ok 20:12:08.0583 2952 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 20:12:08.0661 2952 AcpiPmi - ok 20:12:08.0699 2952 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 20:12:08.0730 2952 adp94xx - ok 20:12:08.0750 2952 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 20:12:08.0779 2952 adpahci - ok 20:12:08.0790 2952 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 20:12:08.0814 2952 adpu320 - ok 20:12:08.0856 2952 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 20:12:08.0918 2952 AFD - ok 20:12:08.0934 2952 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 20:12:08.0954 2952 agp440 - ok 20:12:08.0973 2952 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 20:12:08.0996 2952 aic78xx - ok 20:12:09.0007 2952 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 20:12:09.0028 2952 aliide - ok 20:12:09.0043 2952 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 20:12:09.0064 2952 amdagp - ok 20:12:09.0072 2952 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 20:12:09.0092 2952 amdide - ok 20:12:09.0109 2952 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 20:12:09.0173 2952 AmdK8 - ok 20:12:09.0182 2952 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 20:12:09.0241 2952 AmdPPM - ok 20:12:09.0249 2952 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 20:12:09.0269 2952 amdsata - ok 20:12:09.0279 2952 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 20:12:09.0306 2952 amdsbs - ok 20:12:09.0315 2952 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 20:12:09.0335 2952 amdxata - ok 20:12:09.0372 2952 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 20:12:09.0456 2952 AppID - ok 20:12:09.0475 2952 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 20:12:09.0499 2952 arc - ok 20:12:09.0508 2952 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 20:12:09.0532 2952 arcsas - ok 20:12:09.0551 2952 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 20:12:09.0692 2952 AsyncMac - ok 20:12:09.0701 2952 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 20:12:09.0721 2952 atapi - ok 20:12:09.0767 2952 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 20:12:09.0818 2952 b06bdrv - ok 20:12:09.0837 2952 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 20:12:09.0866 2952 b57nd60x - ok 20:12:09.0887 2952 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 20:12:09.0945 2952 Beep - ok 20:12:09.0958 2952 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 20:12:10.0011 2952 blbdrive - ok 20:12:10.0050 2952 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 20:12:10.0084 2952 bowser - ok 20:12:10.0109 2952 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:12:10.0191 2952 BrFiltLo - ok 20:12:10.0223 2952 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:12:10.0262 2952 BrFiltUp - ok 20:12:10.0278 2952 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 20:12:10.0319 2952 Brserid - ok 20:12:10.0344 2952 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 20:12:10.0373 2952 BrSerWdm - ok 20:12:10.0391 2952 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:12:10.0442 2952 BrUsbMdm - ok 20:12:10.0451 2952 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 20:12:10.0486 2952 BrUsbSer - ok 20:12:10.0511 2952 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 20:12:10.0555 2952 BTHMODEM - ok 20:12:10.0571 2952 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 20:12:10.0609 2952 cdfs - ok 20:12:10.0627 2952 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 20:12:10.0651 2952 cdrom - ok 20:12:10.0663 2952 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 20:12:10.0705 2952 circlass - ok 20:12:10.0737 2952 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 20:12:10.0760 2952 CLFS - ok 20:12:10.0775 2952 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 20:12:10.0801 2952 CmBatt - ok 20:12:10.0811 2952 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 20:12:10.0831 2952 cmdide - ok 20:12:10.0850 2952 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 20:12:10.0879 2952 CNG - ok 20:12:10.0896 2952 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 20:12:10.0918 2952 Compbatt - ok 20:12:10.0929 2952 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 20:12:10.0968 2952 CompositeBus - ok 20:12:10.0995 2952 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 20:12:11.0017 2952 crcdisk - ok 20:12:11.0048 2952 cxbu0wdm (b93f0125b1f47a8393938f3919a6565f) C:\Windows\system32\DRIVERS\cxbu0wdm.sys 20:12:11.0090 2952 cxbu0wdm - ok 20:12:11.0113 2952 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 20:12:11.0149 2952 DfsC - ok 20:12:11.0161 2952 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 20:12:11.0206 2952 discache - ok 20:12:11.0215 2952 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 20:12:11.0235 2952 Disk - ok 20:12:11.0281 2952 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys 20:12:11.0339 2952 Dot4 - ok 20:12:11.0359 2952 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys 20:12:11.0395 2952 Dot4Print - ok 20:12:11.0427 2952 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys 20:12:11.0471 2952 dot4usb - ok 20:12:11.0514 2952 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 20:12:11.0557 2952 drmkaud - ok 20:12:11.0614 2952 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 20:12:11.0671 2952 DXGKrnl - ok 20:12:11.0741 2952 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 20:12:11.0838 2952 ebdrv - ok 20:12:11.0863 2952 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 20:12:11.0894 2952 elxstor - ok 20:12:11.0903 2952 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 20:12:11.0928 2952 ErrDev - ok 20:12:11.0968 2952 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 20:12:12.0022 2952 exfat - ok 20:12:12.0056 2952 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 20:12:12.0098 2952 fastfat - ok 20:12:12.0122 2952 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 20:12:12.0161 2952 fdc - ok 20:12:12.0176 2952 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 20:12:12.0196 2952 FileInfo - ok 20:12:12.0206 2952 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 20:12:12.0271 2952 Filetrace - ok 20:12:12.0280 2952 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 20:12:12.0306 2952 flpydisk - ok 20:12:12.0317 2952 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 20:12:12.0340 2952 FltMgr - ok 20:12:12.0357 2952 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 20:12:12.0377 2952 FsDepends - ok 20:12:12.0395 2952 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 20:12:12.0414 2952 Fs_Rec - ok 20:12:12.0435 2952 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 20:12:12.0458 2952 fvevol - ok 20:12:12.0481 2952 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:12:12.0503 2952 gagp30kx - ok 20:12:12.0543 2952 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 20:12:12.0608 2952 hcw85cir - ok 20:12:12.0626 2952 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 20:12:12.0670 2952 HdAudAddService - ok 20:12:12.0697 2952 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 20:12:12.0725 2952 HDAudBus - ok 20:12:12.0734 2952 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 20:12:12.0775 2952 HidBatt - ok 20:12:12.0785 2952 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 20:12:12.0836 2952 HidBth - ok 20:12:12.0846 2952 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 20:12:12.0902 2952 HidIr - ok 20:12:12.0914 2952 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 20:12:12.0971 2952 HidUsb - ok 20:12:12.0995 2952 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 20:12:13.0016 2952 HpSAMD - ok 20:12:13.0047 2952 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 20:12:13.0096 2952 HTTP - ok 20:12:13.0121 2952 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 20:12:13.0138 2952 hwpolicy - ok 20:12:13.0161 2952 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 20:12:13.0196 2952 i8042prt - ok 20:12:13.0221 2952 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 20:12:13.0244 2952 iaStorV - ok 20:12:13.0257 2952 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 20:12:13.0279 2952 iirsp - ok 20:12:13.0380 2952 IntcAzAudAddService (cd08b2dad1ed85bc4bfaf82099fda604) C:\Windows\system32\drivers\RTKVHDA.sys 20:12:13.0517 2952 IntcAzAudAddService - ok 20:12:13.0529 2952 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 20:12:13.0551 2952 intelide - ok 20:12:13.0560 2952 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 20:12:13.0595 2952 intelppm - ok 20:12:13.0611 2952 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:12:13.0658 2952 IpFilterDriver - ok 20:12:13.0679 2952 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 20:12:13.0704 2952 IPMIDRV - ok 20:12:13.0717 2952 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 20:12:13.0757 2952 IPNAT - ok 20:12:13.0775 2952 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 20:12:13.0826 2952 IRENUM - ok 20:12:13.0845 2952 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 20:12:13.0866 2952 isapnp - ok 20:12:13.0880 2952 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 20:12:13.0903 2952 iScsiPrt - ok 20:12:13.0914 2952 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 20:12:13.0935 2952 kbdclass - ok 20:12:13.0956 2952 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 20:12:13.0994 2952 kbdhid - ok 20:12:14.0027 2952 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\Windows\system32\DRIVERS\kl1.sys 20:12:14.0045 2952 KL1 - ok 20:12:14.0066 2952 kl2 (713576569667ac9e0f8556076004a96b) C:\Windows\system32\DRIVERS\kl2.sys 20:12:14.0083 2952 kl2 - ok 20:12:14.0132 2952 KLIF (39920d69eaedb51757527aa54fe25216) C:\Windows\system32\DRIVERS\klif.sys 20:12:14.0160 2952 KLIF - ok 20:12:14.0174 2952 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys 20:12:14.0190 2952 KLIM6 - ok 20:12:14.0213 2952 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys 20:12:14.0230 2952 klmouflt - ok 20:12:14.0250 2952 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 20:12:14.0269 2952 KSecDD - ok 20:12:14.0280 2952 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 20:12:14.0302 2952 KSecPkg - ok 20:12:14.0426 2952 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys 20:12:14.0443 2952 Lavasoft Kernexplorer - ok 20:12:14.0468 2952 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys 20:12:14.0486 2952 Lbd - ok 20:12:14.0499 2952 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 20:12:14.0549 2952 lltdio - ok 20:12:14.0581 2952 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:12:14.0604 2952 LSI_FC - ok 20:12:14.0614 2952 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:12:14.0637 2952 LSI_SAS - ok 20:12:14.0648 2952 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:12:14.0672 2952 LSI_SAS2 - ok 20:12:14.0803 2952 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:12:14.0834 2952 LSI_SCSI - ok 20:12:14.0845 2952 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 20:12:14.0883 2952 luafv - ok 20:12:14.0917 2952 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys 20:12:14.0936 2952 MBAMProtector - ok 20:12:14.0949 2952 MBAMSwissArmy - ok 20:12:14.0963 2952 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 20:12:14.0987 2952 megasas - ok 20:12:14.0998 2952 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 20:12:15.0023 2952 MegaSR - ok 20:12:15.0035 2952 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 20:12:15.0085 2952 Modem - ok 20:12:15.0110 2952 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 20:12:15.0144 2952 monitor - ok 20:12:15.0157 2952 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 20:12:15.0181 2952 mouclass - ok 20:12:15.0190 2952 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 20:12:15.0220 2952 mouhid - ok 20:12:15.0229 2952 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 20:12:15.0249 2952 mountmgr - ok 20:12:15.0259 2952 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 20:12:15.0279 2952 mpio - ok 20:12:15.0308 2952 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 20:12:15.0372 2952 mpsdrv - ok 20:12:15.0396 2952 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 20:12:15.0449 2952 MRxDAV - ok 20:12:15.0471 2952 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:12:15.0525 2952 mrxsmb - ok 20:12:15.0540 2952 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:12:15.0578 2952 mrxsmb10 - ok 20:12:15.0613 2952 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:12:15.0637 2952 mrxsmb20 - ok 20:12:15.0655 2952 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 20:12:15.0686 2952 msahci - ok 20:12:15.0697 2952 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 20:12:15.0721 2952 msdsm - ok 20:12:15.0747 2952 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 20:12:15.0791 2952 Msfs - ok 20:12:15.0822 2952 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 20:12:15.0868 2952 mshidkmdf - ok 20:12:15.0889 2952 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 20:12:15.0910 2952 msisadrv - ok 20:12:15.0936 2952 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 20:12:15.0982 2952 MSKSSRV - ok 20:12:16.0000 2952 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 20:12:16.0035 2952 MSPCLOCK - ok 20:12:16.0055 2952 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 20:12:16.0089 2952 MSPQM - ok 20:12:16.0100 2952 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 20:12:16.0122 2952 MsRPC - ok 20:12:16.0134 2952 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 20:12:16.0156 2952 mssmbios - ok 20:12:16.0169 2952 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 20:12:16.0204 2952 MSTEE - ok 20:12:16.0228 2952 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 20:12:16.0254 2952 MTConfig - ok 20:12:16.0263 2952 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 20:12:16.0283 2952 Mup - ok 20:12:16.0307 2952 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 20:12:16.0336 2952 NativeWifiP - ok 20:12:16.0365 2952 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 20:12:16.0397 2952 NDIS - ok 20:12:16.0407 2952 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 20:12:16.0443 2952 NdisCap - ok 20:12:16.0462 2952 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 20:12:16.0509 2952 NdisTapi - ok 20:12:16.0529 2952 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 20:12:16.0562 2952 Ndisuio - ok 20:12:16.0593 2952 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 20:12:16.0638 2952 NdisWan - ok 20:12:16.0656 2952 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 20:12:16.0703 2952 NDProxy - ok 20:12:16.0716 2952 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 20:12:16.0757 2952 NetBIOS - ok 20:12:16.0786 2952 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 20:12:16.0823 2952 NetBT - ok 20:12:16.0843 2952 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 20:12:16.0866 2952 nfrd960 - ok 20:12:16.0878 2952 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 20:12:16.0932 2952 Npfs - ok 20:12:16.0952 2952 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 20:12:16.0987 2952 nsiproxy - ok 20:12:17.0048 2952 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 20:12:17.0184 2952 Ntfs - ok 20:12:17.0360 2952 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 20:12:17.0397 2952 Null - ok 20:12:17.0431 2952 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys 20:12:17.0464 2952 NVENETFD - ok 20:12:17.0505 2952 NVHDA (93c0f383b39b1f5fe7203e3270d4cf52) C:\Windows\system32\drivers\nvhda32v.sys 20:12:17.0522 2952 NVHDA - ok 20:12:17.0727 2952 nvlddmkm (4152708c0c24e30dae7fa87d5afe1d7b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:12:18.0007 2952 nvlddmkm - ok 20:12:18.0048 2952 NVNET (5bf9c11586f4764446407f509f1beca8) C:\Windows\system32\DRIVERS\nvmf6232.sys 20:12:18.0070 2952 NVNET - ok 20:12:18.0095 2952 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 20:12:18.0117 2952 nvraid - ok 20:12:18.0134 2952 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\Windows\system32\DRIVERS\nvsmu.sys 20:12:18.0185 2952 nvsmu - ok 20:12:18.0204 2952 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 20:12:18.0228 2952 nvstor - ok 20:12:18.0250 2952 nvstor32 (3ff57a9a657c9690ecbc8b1e3b6e3979) C:\Windows\system32\DRIVERS\nvstor32.sys 20:12:18.0267 2952 nvstor32 - ok 20:12:18.0292 2952 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 20:12:18.0313 2952 nv_agp - ok 20:12:18.0373 2952 NxpCap (6abc0333409e7ab86ba610bcf5bddf7b) C:\Windows\system32\DRIVERS\NxpCap.sys 20:12:18.0423 2952 NxpCap - ok 20:12:18.0439 2952 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 20:12:18.0475 2952 ohci1394 - ok 20:12:18.0492 2952 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 20:12:18.0522 2952 Parport - ok 20:12:18.0540 2952 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 20:12:18.0559 2952 partmgr - ok 20:12:18.0573 2952 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 20:12:18.0606 2952 Parvdm - ok 20:12:18.0636 2952 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 20:12:18.0658 2952 pci - ok 20:12:18.0676 2952 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 20:12:18.0712 2952 pciide - ok 20:12:18.0734 2952 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 20:12:18.0797 2952 pcmcia - ok 20:12:18.0808 2952 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 20:12:18.0836 2952 pcw - ok 20:12:18.0851 2952 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 20:12:18.0910 2952 PEAUTH - ok 20:12:18.0971 2952 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 20:12:19.0016 2952 PptpMiniport - ok 20:12:19.0025 2952 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 20:12:19.0058 2952 Processor - ok 20:12:19.0074 2952 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 20:12:19.0111 2952 Psched - ok 20:12:19.0154 2952 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 20:12:19.0200 2952 ql2300 - ok 20:12:19.0222 2952 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 20:12:19.0245 2952 ql40xx - ok 20:12:19.0257 2952 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 20:12:19.0283 2952 QWAVEdrv - ok 20:12:19.0293 2952 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 20:12:19.0332 2952 RasAcd - ok 20:12:19.0350 2952 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:12:19.0395 2952 RasAgileVpn - ok 20:12:19.0408 2952 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:12:19.0445 2952 Rasl2tp - ok 20:12:19.0457 2952 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 20:12:19.0501 2952 RasPppoe - ok 20:12:19.0511 2952 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 20:12:19.0546 2952 RasSstp - ok 20:12:19.0578 2952 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 20:12:19.0613 2952 rdbss - ok 20:12:19.0633 2952 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 20:12:19.0660 2952 rdpbus - ok 20:12:19.0689 2952 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:12:19.0737 2952 RDPCDD - ok 20:12:19.0757 2952 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 20:12:19.0790 2952 RDPENCDD - ok 20:12:19.0811 2952 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 20:12:19.0843 2952 RDPREFMP - ok 20:12:19.0868 2952 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 20:12:19.0903 2952 RDPWD - ok 20:12:19.0927 2952 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 20:12:19.0948 2952 rdyboost - ok 20:12:19.0974 2952 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 20:12:20.0011 2952 rspndr - ok 20:12:20.0060 2952 RTL8192su (9ce8deffaffccbf473015d76ae8ee514) C:\Windows\system32\DRIVERS\RTL8192su.sys 20:12:20.0088 2952 RTL8192su - ok 20:12:20.0118 2952 sbapifs (3d6ba67c758735918e323d4d6f64449a) C:\Windows\system32\DRIVERS\sbapifs.sys 20:12:20.0140 2952 sbapifs - ok 20:12:20.0159 2952 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 20:12:20.0179 2952 sbp2port - ok 20:12:20.0202 2952 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 20:12:20.0252 2952 scfilter - ok 20:12:20.0283 2952 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 20:12:20.0338 2952 secdrv - ok 20:12:20.0367 2952 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 20:12:20.0392 2952 Serenum - ok 20:12:20.0410 2952 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 20:12:20.0437 2952 Serial - ok 20:12:20.0446 2952 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 20:12:20.0483 2952 sermouse - ok 20:12:20.0515 2952 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 20:12:20.0548 2952 sffdisk - ok 20:12:20.0557 2952 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 20:12:20.0581 2952 sffp_mmc - ok 20:12:20.0591 2952 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 20:12:20.0632 2952 sffp_sd - ok 20:12:20.0641 2952 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 20:12:20.0668 2952 sfloppy - ok 20:12:20.0714 2952 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 20:12:20.0737 2952 sisagp - ok 20:12:20.0747 2952 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:12:20.0769 2952 SiSRaid2 - ok 20:12:20.0779 2952 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 20:12:20.0803 2952 SiSRaid4 - ok 20:12:20.0838 2952 SLEE_17_DRIVER (eaca11d07d7e74d72b913089b75b1416) C:\Windows\system32\drivers\Sleen17.sys 20:12:20.0855 2952 SLEE_17_DRIVER - ok 20:12:20.0868 2952 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 20:12:20.0904 2952 Smb - ok 20:12:20.0926 2952 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 20:12:20.0946 2952 spldr - ok 20:12:20.0991 2952 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 20:12:21.0047 2952 srv - ok 20:12:21.0071 2952 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 20:12:21.0098 2952 srv2 - ok 20:12:21.0134 2952 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 20:12:21.0162 2952 srvnet - ok 20:12:21.0197 2952 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 20:12:21.0222 2952 stexstor - ok 20:12:21.0272 2952 STGMFEngine32 (e5d761276cbf76155bebef33a9da0590) C:\Windows\system32\drivers\STGMFEngine32.sys 20:12:21.0281 2952 STGMFEngine32 ( UnsignedFile.Multi.Generic ) - warning 20:12:21.0281 2952 STGMFEngine32 - detected UnsignedFile.Multi.Generic (1) 20:12:21.0309 2952 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys 20:12:21.0352 2952 StillCam - ok 20:12:21.0366 2952 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 20:12:21.0389 2952 swenum - ok 20:12:21.0463 2952 tap0901 (1e89de7a4fb7a854ebb241d0aa8996dd) C:\Windows\system32\DRIVERS\tap0901.sys 20:12:21.0497 2952 tap0901 - ok 20:12:21.0573 2952 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 20:12:21.0624 2952 Tcpip - ok 20:12:21.0659 2952 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 20:12:21.0695 2952 TCPIP6 - ok 20:12:21.0739 2952 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 20:12:21.0795 2952 tcpipreg - ok 20:12:21.0832 2952 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 20:12:21.0879 2952 TDPIPE - ok 20:12:21.0889 2952 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 20:12:21.0929 2952 TDTCP - ok 20:12:21.0968 2952 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 20:12:22.0002 2952 tdx - ok 20:12:22.0022 2952 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 20:12:22.0043 2952 TermDD - ok 20:12:22.0083 2952 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:12:22.0124 2952 tssecsrv - ok 20:12:22.0165 2952 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 20:12:22.0201 2952 TsUsbFlt - ok 20:12:22.0231 2952 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 20:12:22.0277 2952 tunnel - ok 20:12:22.0300 2952 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 20:12:22.0324 2952 uagp35 - ok 20:12:22.0389 2952 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 20:12:22.0428 2952 udfs - ok 20:12:22.0459 2952 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 20:12:22.0480 2952 uliagpkx - ok 20:12:22.0493 2952 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 20:12:22.0516 2952 umbus - ok 20:12:22.0525 2952 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 20:12:22.0569 2952 UmPass - ok 20:12:22.0582 2952 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 20:12:22.0617 2952 usbccgp - ok 20:12:22.0637 2952 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 20:12:22.0664 2952 usbcir - ok 20:12:22.0674 2952 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 20:12:22.0714 2952 usbehci - ok 20:12:22.0736 2952 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 20:12:22.0761 2952 usbhub - ok 20:12:22.0770 2952 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 20:12:22.0802 2952 usbohci - ok 20:12:22.0822 2952 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 20:12:22.0849 2952 usbprint - ok 20:12:22.0879 2952 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 20:12:22.0903 2952 usbscan - ok 20:12:22.0915 2952 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:12:22.0946 2952 USBSTOR - ok 20:12:22.0969 2952 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 20:12:22.0991 2952 usbuhci - ok 20:12:23.0007 2952 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 20:12:23.0029 2952 vdrvroot - ok 20:12:23.0041 2952 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 20:12:23.0067 2952 vga - ok 20:12:23.0090 2952 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 20:12:23.0124 2952 VgaSave - ok 20:12:23.0148 2952 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 20:12:23.0171 2952 vhdmp - ok 20:12:23.0181 2952 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 20:12:23.0203 2952 viaagp - ok 20:12:23.0213 2952 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 20:12:23.0257 2952 ViaC7 - ok 20:12:23.0277 2952 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 20:12:23.0296 2952 viaide - ok 20:12:23.0336 2952 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 20:12:23.0356 2952 volmgr - ok 20:12:23.0369 2952 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 20:12:23.0394 2952 volmgrx - ok 20:12:23.0415 2952 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 20:12:23.0439 2952 volsnap - ok 20:12:23.0451 2952 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 20:12:23.0476 2952 vsmraid - ok 20:12:23.0497 2952 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 20:12:23.0540 2952 vwifibus - ok 20:12:23.0550 2952 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 20:12:23.0579 2952 vwififlt - ok 20:12:23.0600 2952 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys 20:12:23.0639 2952 vwifimp - ok 20:12:23.0657 2952 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 20:12:23.0683 2952 WacomPen - ok 20:12:23.0719 2952 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 20:12:23.0761 2952 WANARP - ok 20:12:23.0766 2952 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 20:12:23.0799 2952 Wanarpv6 - ok 20:12:23.0837 2952 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 20:12:23.0859 2952 Wd - ok 20:12:23.0875 2952 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 20:12:23.0903 2952 Wdf01000 - ok 20:12:23.0938 2952 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 20:12:23.0973 2952 WfpLwf - ok 20:12:23.0983 2952 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 20:12:24.0003 2952 WIMMount - ok 20:12:24.0045 2952 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\drivers\WinUSB.sys 20:12:24.0070 2952 WinUsb - ok 20:12:24.0088 2952 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 20:12:24.0123 2952 WmiAcpi - ok 20:12:24.0161 2952 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 20:12:24.0196 2952 ws2ifsl - ok 20:12:24.0233 2952 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys 20:12:24.0259 2952 WSDPrintDevice - ok 20:12:24.0302 2952 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 20:12:24.0336 2952 WudfPf - ok 20:12:24.0356 2952 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:12:24.0389 2952 WUDFRd - ok 20:12:24.0421 2952 X10Hid (1f93fcb5bab3a921ecba522f63586f4a) C:\Windows\system32\Drivers\x10hid.sys 20:12:24.0437 2952 X10Hid - ok 20:12:24.0474 2952 XUIF (378dc1b0b1f62a7488ee8d31a3c6e949) C:\Windows\system32\Drivers\x10ufx2.sys 20:12:24.0491 2952 XUIF - ok 20:12:24.0506 2952 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:12:24.0624 2952 \Device\Harddisk0\DR0 - ok 20:12:24.0628 2952 Boot (0x1200) (d3fa4e1c541a333610499e31148cd881) \Device\Harddisk0\DR0\Partition0 20:12:24.0629 2952 \Device\Harddisk0\DR0\Partition0 - ok 20:12:24.0655 2952 Boot (0x1200) (d564620f3af6315a714ea374949e3080) \Device\Harddisk0\DR0\Partition1 20:12:24.0656 2952 \Device\Harddisk0\DR0\Partition1 - ok 20:12:24.0680 2952 Boot (0x1200) (adaab3f3891a478ba66817ab90fd121e) \Device\Harddisk0\DR0\Partition2 20:12:24.0680 2952 \Device\Harddisk0\DR0\Partition2 - ok 20:12:24.0681 2952 ============================================================ 20:12:24.0681 2952 Scan finished 20:12:24.0681 2952 ============================================================ 20:12:24.0703 5584 Detected object count: 1 20:12:24.0703 5584 Actual detected object count: 1 20:12:57.0461 5584 STGMFEngine32 ( UnsignedFile.Multi.Generic ) - skipped by user 20:12:57.0461 5584 STGMFEngine32 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
|
Combofix Logfile: Code: ComboFix 11-12-22.01 - chrisra 22.12.2011 9:37.1.4 - x86 |
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). |
OSAM Logfile: Code: Report of OSAM: Autorun Manager v5.0.11926.0If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
aswMBR version 0.9.9.1116 Copyright(c) 2011 AVAST Software Run date: 2011-12-23 18:50:21 ----------------------------- 18:50:21.158 OS Version: Windows 6.1.7601 Service Pack 1 18:50:21.158 Number of processors: 4 586 0x170A 18:50:21.161 ComputerName: CHRISRA-PC UserName: chrisra 18:50:32.268 Initialize success 18:52:02.873 AVAST engine defs: 11122300 18:52:44.833 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063 18:52:44.836 Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3 18:52:46.843 Disk 0 MBR read successfully 18:52:46.847 Disk 0 MBR scan 18:52:46.852 Disk 0 Windows 7 default MBR code 18:52:46.855 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 18:52:46.869 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 512422 MB offset 206848 18:52:46.876 Disk 0 Partition - 00 05 Extended 440320 MB offset 1049647104 18:52:46.905 Disk 0 Partition 3 00 12 Compaq diag NTFS 1025 MB offset 1951422464 18:52:46.939 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 419838 MB offset 1049649152 18:52:46.949 Disk 0 scanning sectors +1953521664 18:52:47.035 Disk 0 scanning C:\Windows\system32\drivers 18:52:56.540 Service scanning 18:52:57.824 Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5 18:52:57.830 Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5 18:52:57.839 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5 18:52:57.847 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5 18:52:58.520 Modules scanning 18:53:02.842 Disk 0 trace - called modules: 18:53:02.865 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor32.sys 18:53:02.871 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d74a00] 18:53:02.878 3 CLASSPNP.SYS[8c79959e] -> nt!IofCallDriver -> [0x86713930] 18:53:02.883 5 ACPI.sys[8bac73d4] -> nt!IofCallDriver -> \Device\00000063[0x86be55e0] 18:53:05.810 AVAST engine scan C:\Windows 18:53:12.832 AVAST engine scan C:\Windows\system32 18:55:50.152 AVAST engine scan C:\Windows\system32\drivers 18:56:03.670 AVAST engine scan C:\Users\chrisra 18:57:36.990 File: C:\Users\chrisra\Downloads\wlan-watcher-2.0.exe.exe **INFECTED** Win32:Malware-gen 18:57:38.911 AVAST engine scan C:\ProgramData 19:00:03.711 Scan finished successfully 19:00:48.692 Disk 0 MBR has been saved successfully to "C:\Users\chrisra\Documents\MBR.dat" 19:00:48.700 The log file has been saved successfully to "C:\Users\chrisra\Documents\aswMBR.txt" |
Mit dem DVD Laufwerk habe ich seit diesen Scans ein Problem. Wenn ich vorher die Computerbild DVD einlegte, hat er mir die cobi.exe angeboten u. direkt gestartet. Jetzt bietet er mir das nicht mehr an. Ich muss den Windows Explorer öffnen u. alle Programme manuell auswählen. Jetzt will er immer den DVD Film wiedergeben oder den Ordner öffnen. Was ist da passiert? |
Zitat:
Zitat:
|
Habe ich bereits wieder gelöscht. Auf Bitsnoop oder so hiess die Seite. Wenn ich diesen WLAN Watcher laufen lasse, habe ich zwischendurch immer eine unbekannte MAC Adresse u. wechselnde IP drinnen. Freitag ist ihr Tag. Jetzt habe ich in der Konsole vom Router alle IP Adressen ausser die ich brauche blockiert. Seitdem ist sie nicht mehr erschienen. Ich verstehe nicht wie die rein kommt. Kein Programm findet was, aber sie ist drinnen. |
Autorun wurde deaktiviert. Das war vorher aber besser. Wie kann ich es wieder aktivieren? |
Und warum das ganze? Ich habe bereits erklärt, dass Autorun eine Unsitte ist. Was ist mit GMER, ging das nicht? |
GMER kommt noch. |
GMER Logfile: Code: GMER 1.0.15.15641 - hxxp://www.gmer.net |
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
|
Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Datenbank Version: 911122601 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 26.12.2011 10:49:27 mbam-log-2011-12-26 (10-49-27).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 429966 Laufzeit: 2 Stunde(n), 9 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 12 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 2 Infizierte Verzeichnisse: 0 Infizierte Dateien: 10 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Value: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Value: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (hxxp://startsear.ch/?aff=7&cf=9ccc6ea0-2c87-11e1-9d01-d60cfed1e7af) Good: (hxxp://www.google.com) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (hxxp://startsear.ch/?aff=7&cf=9ccc6ea0-2c87-11e1-9d01-d60cfed1e7af) Good: (hxxp://www.google.com) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\program files\startsearch plugin\ssbarlcher.dll (PUP.VShareRedir) -> Quarantined and deleted successfully. c:\microgaming\Casino\virtualcity\install.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\microgaming\Casino\virtualcity\bresume.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\microgaming\Casino\virtualcity\dresume.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\microgaming\Casino\virtualcity\sresume.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\microgaming\Casino\virtualcity\tresume.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\Users\chrisra\AppData\Local\Temp\vir2D0B.tmp (PUP.Casino.Gen) -> Quarantined and deleted successfully. c:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 (PUP.BundleOffer.Downloader.S) -> Quarantined and deleted successfully. c:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 (PUP.BundleOffer.Downloader.S) -> Quarantined and deleted successfully. c:\Windows.old\Users\chris-ildi\downloads\softonicdownloader_fuer_airsnare.exe (PUP.BundleOffer.Downloader.S) -> Quarantined and deleted successfully. |
SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 12/26/2011 at 01:12 PM Application Version : 5.0.1142 Core Rules Database Version : 8087 Trace Rules Database Version: 5899 Scan type : Complete Scan Total Scan Time : 02:11:08 Operating System Information Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 1004 Memory threats detected : 0 Registry items scanned : 39055 Registry threats detected : 0 File items scanned : 293245 File threats detected : 138 Adware.Tracking Cookie .xiti.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.etracker.de [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] wstat.wibiya.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .e-2dj6wjlyopd5cgo.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .www.partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .partypoker.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.tldadserv.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] counter2.sexmoney.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .counter.sexsuche.tv [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ero-advertising.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .msnportal.112.2o7.net [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] de.sitestat.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.zanox.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .getclicky.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .static.getclicky.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] in.getclicky.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .e-2dj6aelyqnaziko.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.oe24.at [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] tracking.oe24.at [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .westernunionglobal.112.2o7.net [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .kaspersky.122.2o7.net [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] de.sitestat.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .www.crackserialcodes.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .www.crackserialcodes.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .www.crackserialcodes.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .yadro.ru [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media-crawler.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adx.chip.de [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ww251.smartadserver.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .smartadserver.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .e-2dj6wjlospcpkeo.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .e-2dj6aekoskdzalp.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .e-2dj6aelocncjelp.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .2o7.net [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .2o7.net [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\CHRISRA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xiti.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .e-2dj6wmloalajebq.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .e-2dj6wjlyegazsbo.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .e-2dj6wgliokdpido.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .e-2dj6wdlysgazceo.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] tracking.mlsat02.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .liveperson.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .liveperson.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] server.iad.liveperson.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .e-2dj6whliejcpicq.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .e-2dj6whk4smczclp.stats.esomniture.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] ad3.adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] ww251.smartadserver.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .clickfuse.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] ad2.adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .mediametrics.mpsa.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediametrics.mpsa.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] in.getclicky.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .toplist.cz [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] de.sitestat.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .getclicky.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .static.getclicky.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adx.chip.de [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xiti.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .daimlerag.122.2o7.net [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .msnportal.112.2o7.net [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .paypal.112.2o7.net [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.paypal.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .microsoftsto.112.2o7.net [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] www.etracker.de [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stats.paypal.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VSRDTD2Q.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI2\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .2o7.net [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI2\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] statse.webtrendslive.com [ C:\WINDOWS.OLD\USERS\CHRIS-ILDI2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FPUS45OP.DEFAULT\COOKIES.SQLITE ] Adware.Languard C:\WINDOWS\INSTALLER\{A6359D99-5663-4B51-9FB0-E1F17C5CCCF0}\LANGUARD.EXE Trojan.Dropper/Win-NV C:\WINDOWS.OLD\PROGRAM FILES\HOFER FOTO SERVICE\HOFER_FOTO_SERVICE\EXPLORE.EXE C:\WINDOWS.OLD\PROGRAM FILES\HOFER FOTO SERVICE\MEDION_FOTOS_AUF_CD_DVD_8_SE\EXPLORE.EXE |
ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-19 08:58:45 # local_time=2011-12-19 09:58:45 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 939470 939470 0 0 # compatibility_mode=5893 16776573 100 94 144855 75915233 0 0 # compatibility_mode=8192 67108863 100 0 3743 3743 0 0 # scanned=12620 # found=0 # cleaned=0 # scan_time=1083 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-19 01:04:56 # local_time=2011-12-19 02:04:56 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 940674 940674 0 0 # compatibility_mode=5893 16776573 100 94 146059 75916437 0 0 # compatibility_mode=8192 67108863 100 0 4947 4947 0 0 # scanned=382273 # found=35 # cleaned=0 # scan_time=14650 C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Downloads\cnet_governor-of-poker-2_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Downloads\SoftonicDownloader_fuer_airsnare.exe Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Lokale Einstellungen\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Lokale Einstellungen\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I E:\CHRIS-ILDI-PC\Backup Set 2010-08-28 092914\Backup Files 2010-08-28 092914\Backup files 4.zip a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Documents\Documents\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_divx-plus.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_jdownloader.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_utorrent.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-19 08:40:35 # local_time=2011-12-19 09:40:35 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 967378 967378 0 0 # compatibility_mode=5893 16776573 100 94 172763 75943141 0 0 # compatibility_mode=8192 67108863 100 0 31651 31651 0 0 # scanned=382513 # found=35 # cleaned=0 # scan_time=15284 C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM100.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM108.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM117.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM42.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM55.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM64.zip Win32/Bagle.gen.zip worm (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\AppData\Local\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Downloads\cnet_governor-of-poker-2_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Downloads\SoftonicDownloader_fuer_airsnare.exe Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Lokale Einstellungen\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\2\D0\D6944d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I C:\Windows.old\Users\chris-ildi\Lokale Einstellungen\Mozilla\Firefox\Profiles\vsrdtd2q.default\Cache\8\32\A5852d01 Win32/SoftonicDownloader application (unable to clean) 00000000000000000000000000000000 I E:\CHRIS-ILDI-PC\Backup Set 2010-08-28 092914\Backup Files 2010-08-28 092914\Backup files 4.zip a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Documents\Documents\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_divx-plus.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_jdownloader.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Downloads\SoftonicDownloader_fuer_utorrent.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=12 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-26 03:22:45 # local_time=2011-12-26 04:22:45 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 1557312 1557312 0 0 # compatibility_mode=5893 16776573 100 94 275201 76533075 0 0 # compatibility_mode=8192 67108863 100 0 621585 621585 0 0 # scanned=184153 # found=3 # cleaned=0 # scan_time=11079 C:\Users\chrisra\AppData\Roaming\MicroTorrent\torrent_downloader.exe a variant of Win32/Toolbar.Zugo application (unable to clean) 00000000000000000000000000000000 I E:\CHRIS-ILDI-PC\Backup Set 2010-08-28 092914\Backup Files 2010-08-28 092914\Backup files 4.zip a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I E:\Documents\Documents\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-27 09:42:28 # local_time=2011-12-27 10:42:28 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 1629637 1629637 0 0 # compatibility_mode=5893 16776573 100 94 6651 76605400 0 0 # compatibility_mode=8192 67108863 100 0 693910 693910 0 0 # scanned=111812 # found=1 # cleaned=0 # scan_time=4739 C:\Users\chrisra\AppData\Roaming\MicroTorrent\torrent_downloader.exe a variant of Win32/Toolbar.Zugo application (unable to clean) 00000000000000000000000000000000 I ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f3eb69eaa7adf04f9ccbc9b8127d89d5 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-12-27 11:00:04 # local_time=2011-12-27 12:00:04 (+0100, Mitteleuropäische Zeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 1634544 1634544 0 0 # compatibility_mode=5893 16776573 100 94 11558 76610307 0 0 # compatibility_mode=8192 67108863 100 0 698817 698817 0 0 # scanned=111787 # found=1 # cleaned=0 # scan_time=4487 C:\Users\chrisra\AppData\Roaming\MicroTorrent\torrent_downloader.exe a variant of Win32/Toolbar.Zugo application (unable to clean) 00000000000000000000000000000000 I |
War einiges an Schrott dabei. Rechner soweit wieder im Lot oder gibt es noch Probleme? |
Ich hoffe es ist alles in Ordnung. Danke dir für alles. |
Dann wären wir durch! :abklatsch: Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Adobe - Andere Version des Adobe Flash Player installieren Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es. |
Beim deinstallieren von Combofix erhalte ich immer "Combofix konnte nicht gefunden werden"......... |
Sorry, das habe ich schon gemacht. Weil ich den Leitfaden zur Bedienung von Combofix durchgelesen habe. |
Downloade dir bitte CF_UNINST.exe und speichere diese auf deinem Desktop.
|
Wollte heute so sicherheitshalber noch einen Komplettscan mit Superantispyware machen u. siehe da er hat 2 x Trojan.Agent/Gen-FakeDefender gefunden. Was ist das??? Ist das gefährlich? Er scannt noch, wenn du den Log brauchst poste ich ihn. |
SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 01/05/2012 at 09:27 PM Application Version : 5.0.1142 Core Rules Database Version : 8104 Trace Rules Database Version: 5916 Scan type : Complete Scan Total Scan Time : 01:27:36 Operating System Information Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 1046 Memory threats detected : 0 Registry items scanned : 39610 Registry threats detected : 0 File items scanned : 146354 File threats detected : 38 Trojan.Agent/Gen-FakeDefender C:\PROGRAMDATA\NVIDIA\UPDATUS\DOWNLOAD\71E59489\DRSUPDATE.10530863_RUNASUSER.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\DOWNLOAD\8789D51\DRSUPDATE.11403901_RUNASUSER.EXE Adware.Tracking Cookie www.tldadserv.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .ero-advertising.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] counter2.sexmoney.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .counter.sexsuche.tv [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .ero-advertising.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] ad.velmedia.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] ad.velmedia.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] ad.velmedia.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] ad.velmedia.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .velmedia.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] www.netxmedia.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] farm1.netxmedia.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .easy-adserver.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] s2.netxmedia.net [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .gostats.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .gostats.de [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .xxxmatch.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .adultfriendfinder.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] ad.zanox.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] www.xxxmatch.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] www.xxxmatch.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] wt.xxxmatch.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .ero-advertising.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] .ero-advertising.com [ C:\USERS\CHRISRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4VU3RHX.DEFAULT\COOKIES.SQLITE ] |
Das sind Fehlalarme. Der Rest Cookies. Alles harmlos. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 20:42 Uhr. |
Copyright ©2000-2025, Trojaner-Board
