| |
| |||||||
Log-Analyse und Auswertung: Searchqu im Firefox lässt sich nicht löschen!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.01.2012, 15:20
| #16 |
 |  Searchqu im Firefox lässt sich nicht löschen! In der Datei steht was von Google Chrome, ist das immer automatisch mit dabei? Denn ich habe an sich kein Google Chrome, also nicht dass ich wüsste! |
|
17.01.2012, 15:27
| #17 |
| | Searchqu im Firefox lässt sich nicht löschen!Code:
ATTFilter 15:23:15.0839 1608 TDSS rootkit removing tool 2.7.3.0 Jan 16 2012 18:53:41
15:23:16.0088 1608 ============================================================
15:23:16.0088 1608 Current date / time: 2012/01/17 15:23:16.0088
15:23:16.0088 1608 SystemInfo:
15:23:16.0088 1608
15:23:16.0088 1608 OS Version: 6.1.7601 ServicePack: 1.0
15:23:16.0088 1608 Product type: Workstation
15:23:16.0088 1608 ComputerName: GIOVA-PC
15:23:16.0088 1608 UserName: Giova
15:23:16.0088 1608 Windows directory: C:\Windows
15:23:16.0088 1608 System windows directory: C:\Windows
15:23:16.0088 1608 Running under WOW64
15:23:16.0088 1608 Processor architecture: Intel x64
15:23:16.0088 1608 Number of processors: 2
15:23:16.0088 1608 Page size: 0x1000
15:23:16.0088 1608 Boot type: Normal boot
15:23:16.0088 1608 ============================================================
15:23:19.0333 1608 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:23:19.0458 1608 Initialize success
15:24:26.0086 2640 ============================================================
15:24:26.0086 2640 Scan started
15:24:26.0086 2640 Mode: Manual; SigCheck; TDLFS;
15:24:26.0086 2640 ============================================================
15:24:26.0819 2640 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:24:26.0944 2640 1394ohci - ok
15:24:26.0991 2640 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:24:27.0006 2640 ACPI - ok
15:24:27.0100 2640 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:24:27.0240 2640 AcpiPmi - ok
15:24:27.0365 2640 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:24:27.0412 2640 adp94xx - ok
15:24:27.0521 2640 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:24:27.0552 2640 adpahci - ok
15:24:27.0568 2640 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:24:27.0583 2640 adpu320 - ok
15:24:27.0724 2640 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
15:24:27.0802 2640 AFD - ok
15:24:27.0895 2640 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:24:27.0911 2640 agp440 - ok
15:24:27.0958 2640 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:24:27.0973 2640 aliide - ok
15:24:28.0051 2640 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:24:28.0083 2640 amdide - ok
15:24:28.0114 2640 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:24:28.0223 2640 AmdK8 - ok
15:24:28.0301 2640 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:24:28.0363 2640 AmdPPM - ok
15:24:28.0473 2640 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:24:28.0504 2640 amdsata - ok
15:24:28.0551 2640 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:24:28.0582 2640 amdsbs - ok
15:24:28.0660 2640 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:24:28.0691 2640 amdxata - ok
15:24:28.0738 2640 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
15:24:28.0800 2640 AmUStor - ok
15:24:28.0925 2640 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:24:29.0065 2640 AppID - ok
15:24:29.0175 2640 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:24:29.0190 2640 arc - ok
15:24:29.0206 2640 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:24:29.0221 2640 arcsas - ok
15:24:29.0253 2640 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
15:24:29.0299 2640 AsDsm - ok
15:24:29.0362 2640 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
15:24:29.0377 2640 ASMMAP64 - ok
15:24:29.0487 2640 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:24:29.0643 2640 AsyncMac - ok
15:24:29.0736 2640 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:24:29.0752 2640 atapi - ok
15:24:29.0814 2640 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
15:24:29.0923 2640 athr - ok
15:24:30.0033 2640 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
15:24:30.0048 2640 avgntflt - ok
15:24:30.0064 2640 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
15:24:30.0079 2640 avipbb - ok
15:24:30.0204 2640 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:24:30.0282 2640 b06bdrv - ok
15:24:30.0376 2640 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:24:30.0454 2640 b57nd60a - ok
15:24:30.0547 2640 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:24:30.0625 2640 Beep - ok
15:24:30.0735 2640 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:24:30.0781 2640 blbdrive - ok
15:24:30.0844 2640 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:24:30.0906 2640 bowser - ok
15:24:30.0984 2640 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:24:31.0062 2640 BrFiltLo - ok
15:24:31.0140 2640 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:24:31.0171 2640 BrFiltUp - ok
15:24:31.0187 2640 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:24:31.0249 2640 Brserid - ok
15:24:31.0327 2640 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:24:31.0374 2640 BrSerWdm - ok
15:24:31.0421 2640 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:24:31.0468 2640 BrUsbMdm - ok
15:24:31.0546 2640 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:24:31.0593 2640 BrUsbSer - ok
15:24:31.0639 2640 BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
15:24:31.0702 2640 BTCFilterService - ok
15:24:31.0764 2640 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:24:31.0811 2640 BTHMODEM - ok
15:24:31.0873 2640 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:24:31.0951 2640 cdfs - ok
15:24:32.0045 2640 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:24:32.0092 2640 cdrom - ok
15:24:32.0185 2640 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:24:32.0232 2640 circlass - ok
15:24:32.0310 2640 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:24:32.0341 2640 CLFS - ok
15:24:32.0482 2640 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:24:32.0529 2640 CmBatt - ok
15:24:32.0575 2640 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:24:32.0591 2640 cmdide - ok
15:24:32.0669 2640 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
15:24:32.0731 2640 CNG - ok
15:24:32.0841 2640 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:24:32.0856 2640 Compbatt - ok
15:24:32.0903 2640 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:24:32.0950 2640 CompositeBus - ok
15:24:33.0028 2640 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:24:33.0059 2640 crcdisk - ok
15:24:33.0184 2640 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:24:33.0262 2640 DfsC - ok
15:24:33.0293 2640 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:24:33.0355 2640 discache - ok
15:24:33.0511 2640 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:24:33.0543 2640 Disk - ok
15:24:33.0574 2640 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:24:33.0605 2640 drmkaud - ok
15:24:33.0699 2640 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:24:33.0761 2640 DXGKrnl - ok
15:24:33.0917 2640 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:24:34.0089 2640 ebdrv - ok
15:24:34.0213 2640 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:24:34.0245 2640 elxstor - ok
15:24:34.0338 2640 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:24:34.0401 2640 ErrDev - ok
15:24:34.0510 2640 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys
15:24:34.0588 2640 ETD - ok
15:24:34.0635 2640 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:24:34.0713 2640 exfat - ok
15:24:34.0775 2640 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:24:34.0837 2640 fastfat - ok
15:24:34.0884 2640 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:24:34.0915 2640 fdc - ok
15:24:35.0009 2640 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:24:35.0025 2640 FileInfo - ok
15:24:35.0056 2640 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:24:35.0118 2640 Filetrace - ok
15:24:35.0196 2640 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:24:35.0243 2640 flpydisk - ok
15:24:35.0290 2640 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:24:35.0321 2640 FltMgr - ok
15:24:35.0399 2640 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:24:35.0415 2640 FsDepends - ok
15:24:35.0493 2640 fssfltr (2bf3b36b96d015af666b6aa63ae2e38f) C:\Windows\system32\DRIVERS\fssfltr.sys
15:24:35.0524 2640 fssfltr - ok
15:24:35.0586 2640 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:24:35.0602 2640 Fs_Rec - ok
15:24:35.0664 2640 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:24:35.0695 2640 fvevol - ok
15:24:35.0758 2640 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:24:35.0789 2640 gagp30kx - ok
15:24:35.0820 2640 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:24:35.0836 2640 GEARAspiWDM - ok
15:24:35.0867 2640 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:24:35.0914 2640 hcw85cir - ok
15:24:36.0007 2640 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:24:36.0070 2640 HdAudAddService - ok
15:24:36.0210 2640 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:24:36.0273 2640 HDAudBus - ok
15:24:36.0366 2640 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:24:36.0429 2640 HidBatt - ok
15:24:36.0475 2640 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:24:36.0538 2640 HidBth - ok
15:24:36.0647 2640 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:24:36.0709 2640 HidIr - ok
15:24:36.0803 2640 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:24:36.0834 2640 HidUsb - ok
15:24:36.0881 2640 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:24:36.0897 2640 HpSAMD - ok
15:24:37.0006 2640 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:24:37.0099 2640 HTTP - ok
15:24:37.0162 2640 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:24:37.0193 2640 hwpolicy - ok
15:24:37.0240 2640 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:24:37.0271 2640 i8042prt - ok
15:24:37.0365 2640 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
15:24:37.0380 2640 iaStor - ok
15:24:37.0443 2640 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:24:37.0474 2640 iaStorV - ok
15:24:37.0801 2640 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:24:38.0238 2640 igfx - ok
15:24:38.0316 2640 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:24:38.0347 2640 iirsp - ok
15:24:38.0410 2640 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:24:38.0441 2640 intelide - ok
15:24:38.0472 2640 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:24:38.0503 2640 intelppm - ok
15:24:38.0566 2640 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:24:38.0644 2640 IpFilterDriver - ok
15:24:38.0691 2640 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:24:38.0753 2640 IPMIDRV - ok
15:24:38.0831 2640 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:24:38.0893 2640 IPNAT - ok
15:24:39.0003 2640 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:24:39.0049 2640 IRENUM - ok
15:24:39.0096 2640 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:24:39.0112 2640 isapnp - ok
15:24:39.0205 2640 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:24:39.0237 2640 iScsiPrt - ok
15:24:39.0252 2640 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:24:39.0268 2640 kbdclass - ok
15:24:39.0361 2640 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:24:39.0424 2640 kbdhid - ok
15:24:39.0455 2640 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
15:24:39.0471 2640 kbfiltr - ok
15:24:39.0549 2640 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
15:24:39.0580 2640 KSecDD - ok
15:24:39.0611 2640 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
15:24:39.0627 2640 KSecPkg - ok
15:24:39.0705 2640 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:24:39.0783 2640 ksthunk - ok
15:24:39.0892 2640 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
15:24:39.0923 2640 L1E - ok
15:24:40.0017 2640 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:24:40.0110 2640 lltdio - ok
15:24:40.0219 2640 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:24:40.0251 2640 LSI_FC - ok
15:24:40.0266 2640 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:24:40.0282 2640 LSI_SAS - ok
15:24:40.0297 2640 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:24:40.0313 2640 LSI_SAS2 - ok
15:24:40.0329 2640 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:24:40.0344 2640 LSI_SCSI - ok
15:24:40.0375 2640 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:24:40.0438 2640 luafv - ok
15:24:40.0516 2640 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
15:24:40.0531 2640 lullaby - ok
15:24:40.0578 2640 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
15:24:40.0594 2640 MBAMProtector - ok
15:24:40.0719 2640 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:24:40.0750 2640 megasas - ok
15:24:40.0781 2640 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:24:40.0797 2640 MegaSR - ok
15:24:40.0812 2640 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:24:40.0875 2640 Modem - ok
15:24:40.0968 2640 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:24:40.0999 2640 monitor - ok
15:24:41.0031 2640 motccgp (93f5adcad940111f6d4d71ae1d9ec7f6) C:\Windows\system32\DRIVERS\motccgp.sys
15:24:41.0109 2640 motccgp - ok
15:24:41.0187 2640 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
15:24:41.0233 2640 motccgpfl - ok
15:24:41.0265 2640 motmodem (db83dc223b9133da3e41afcbdecc46b5) C:\Windows\system32\DRIVERS\motmodem.sys
15:24:41.0467 2640 motmodem - ok
15:24:41.0561 2640 MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
15:24:41.0608 2640 MotoSwitchService - ok
15:24:41.0655 2640 Motousbnet (87701078c3f720ac7a028e937994cc49) C:\Windows\system32\DRIVERS\Motousbnet.sys
15:24:41.0701 2640 Motousbnet - ok
15:24:41.0779 2640 motusbdevice (307727f9829fb46ff4be0e4d1dac5002) C:\Windows\system32\DRIVERS\motusbdevice.sys
15:24:41.0842 2640 motusbdevice - ok
15:24:41.0889 2640 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:24:41.0904 2640 mouclass - ok
15:24:41.0982 2640 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:24:42.0029 2640 mouhid - ok
15:24:42.0076 2640 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:24:42.0107 2640 mountmgr - ok
15:24:42.0185 2640 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:24:42.0216 2640 mpio - ok
15:24:42.0232 2640 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:24:42.0294 2640 mpsdrv - ok
15:24:42.0372 2640 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:24:42.0497 2640 MRxDAV - ok
15:24:42.0575 2640 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:24:42.0653 2640 mrxsmb - ok
15:24:42.0684 2640 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:24:42.0715 2640 mrxsmb10 - ok
15:24:42.0809 2640 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:24:42.0856 2640 mrxsmb20 - ok
15:24:42.0887 2640 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:24:42.0903 2640 msahci - ok
15:24:42.0981 2640 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:24:43.0012 2640 msdsm - ok
15:24:43.0043 2640 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:24:43.0090 2640 Msfs - ok
15:24:43.0168 2640 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:24:43.0230 2640 mshidkmdf - ok
15:24:43.0261 2640 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:24:43.0277 2640 msisadrv - ok
15:24:43.0371 2640 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:24:43.0417 2640 MSKSSRV - ok
15:24:43.0449 2640 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:24:43.0495 2640 MSPCLOCK - ok
15:24:43.0589 2640 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:24:43.0667 2640 MSPQM - ok
15:24:43.0698 2640 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:24:43.0729 2640 MsRPC - ok
15:24:43.0807 2640 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:24:43.0823 2640 mssmbios - ok
15:24:43.0870 2640 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:24:43.0948 2640 MSTEE - ok
15:24:44.0026 2640 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:24:44.0073 2640 MTConfig - ok
15:24:44.0166 2640 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
15:24:44.0182 2640 MTsensor - ok
15:24:44.0197 2640 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:24:44.0229 2640 Mup - ok
15:24:44.0353 2640 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:24:44.0447 2640 NativeWifiP - ok
15:24:44.0494 2640 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:24:44.0525 2640 NDIS - ok
15:24:44.0603 2640 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:24:44.0665 2640 NdisCap - ok
15:24:44.0712 2640 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:24:44.0759 2640 NdisTapi - ok
15:24:44.0837 2640 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:24:44.0915 2640 Ndisuio - ok
15:24:44.0946 2640 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:24:45.0009 2640 NdisWan - ok
15:24:45.0102 2640 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:24:45.0180 2640 NDProxy - ok
15:24:45.0274 2640 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:24:45.0352 2640 NetBIOS - ok
15:24:45.0383 2640 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:24:45.0461 2640 NetBT - ok
15:24:45.0570 2640 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:24:45.0601 2640 nfrd960 - ok
15:24:45.0648 2640 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:24:45.0695 2640 Npfs - ok
15:24:45.0789 2640 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:24:45.0867 2640 nsiproxy - ok
15:24:45.0929 2640 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:24:45.0991 2640 Ntfs - ok
15:24:46.0069 2640 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:24:46.0147 2640 Null - ok
15:24:46.0225 2640 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:24:46.0257 2640 nvraid - ok
15:24:46.0272 2640 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:24:46.0288 2640 nvstor - ok
15:24:46.0303 2640 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:24:46.0335 2640 nv_agp - ok
15:24:46.0537 2640 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:24:46.0600 2640 ohci1394 - ok
15:24:46.0725 2640 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:24:46.0787 2640 Parport - ok
15:24:46.0865 2640 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:24:46.0896 2640 partmgr - ok
15:24:46.0974 2640 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:24:47.0005 2640 pci - ok
15:24:47.0052 2640 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:24:47.0068 2640 pciide - ok
15:24:47.0130 2640 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:24:47.0161 2640 pcmcia - ok
15:24:47.0177 2640 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:24:47.0193 2640 pcw - ok
15:24:47.0224 2640 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:24:47.0302 2640 PEAUTH - ok
15:24:47.0427 2640 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:24:47.0536 2640 PptpMiniport - ok
15:24:47.0567 2640 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:24:47.0598 2640 Processor - ok
15:24:47.0692 2640 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:24:47.0754 2640 Psched - ok
15:24:47.0832 2640 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:24:47.0879 2640 ql2300 - ok
15:24:47.0957 2640 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:24:47.0988 2640 ql40xx - ok
15:24:48.0004 2640 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:24:48.0066 2640 QWAVEdrv - ok
15:24:48.0144 2640 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:24:48.0222 2640 RasAcd - ok
15:24:48.0253 2640 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:24:48.0316 2640 RasAgileVpn - ok
15:24:48.0394 2640 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:24:48.0487 2640 Rasl2tp - ok
15:24:48.0534 2640 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:24:48.0597 2640 RasPppoe - ok
15:24:48.0675 2640 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:24:48.0737 2640 RasSstp - ok
15:24:48.0784 2640 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:24:48.0846 2640 rdbss - ok
15:24:48.0924 2640 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:24:48.0971 2640 rdpbus - ok
15:24:49.0018 2640 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:24:49.0065 2640 RDPCDD - ok
15:24:49.0143 2640 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:24:49.0205 2640 RDPENCDD - ok
15:24:49.0252 2640 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:24:49.0299 2640 RDPREFMP - ok
15:24:49.0377 2640 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:24:49.0470 2640 RDPWD - ok
15:24:49.0517 2640 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:24:49.0564 2640 rdyboost - ok
15:24:49.0642 2640 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:24:49.0704 2640 rspndr - ok
15:24:49.0751 2640 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:24:49.0767 2640 sbp2port - ok
15:24:49.0845 2640 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:24:49.0907 2640 scfilter - ok
15:24:50.0032 2640 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:24:50.0094 2640 secdrv - ok
15:24:50.0141 2640 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:24:50.0157 2640 Serenum - ok
15:24:50.0250 2640 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:24:50.0297 2640 Serial - ok
15:24:50.0328 2640 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:24:50.0375 2640 sermouse - ok
15:24:50.0500 2640 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:24:50.0547 2640 sffdisk - ok
15:24:50.0562 2640 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:24:50.0593 2640 sffp_mmc - ok
15:24:50.0687 2640 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:24:50.0718 2640 sffp_sd - ok
15:24:50.0765 2640 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:24:50.0796 2640 sfloppy - ok
15:24:50.0890 2640 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:24:50.0937 2640 Sftfs - ok
15:24:51.0015 2640 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:24:51.0046 2640 Sftplay - ok
15:24:51.0061 2640 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:24:51.0077 2640 Sftredir - ok
15:24:51.0108 2640 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:24:51.0124 2640 Sftvol - ok
15:24:51.0217 2640 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
15:24:51.0249 2640 SiSGbeLH - ok
15:24:51.0280 2640 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:24:51.0295 2640 SiSRaid2 - ok
15:24:51.0295 2640 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:24:51.0311 2640 SiSRaid4 - ok
15:24:51.0327 2640 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:24:51.0373 2640 Smb - ok
15:24:51.0576 2640 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
15:24:51.0623 2640 SNP2UVC - ok
15:24:51.0701 2640 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:24:51.0732 2640 spldr - ok
15:24:51.0795 2640 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:24:51.0857 2640 srv - ok
15:24:51.0951 2640 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:24:52.0013 2640 srv2 - ok
15:24:52.0044 2640 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:24:52.0091 2640 srvnet - ok
15:24:52.0200 2640 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:24:52.0216 2640 stexstor - ok
15:24:52.0247 2640 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:24:52.0263 2640 swenum - ok
15:24:52.0450 2640 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:24:52.0543 2640 Tcpip - ok
15:24:52.0684 2640 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:24:52.0731 2640 TCPIP6 - ok
15:24:52.0809 2640 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:24:52.0871 2640 tcpipreg - ok
15:24:52.0902 2640 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:24:52.0965 2640 TDPIPE - ok
15:24:53.0043 2640 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:24:53.0089 2640 TDTCP - ok
15:24:53.0121 2640 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:24:53.0183 2640 tdx - ok
15:24:53.0261 2640 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:24:53.0292 2640 TermDD - ok
15:24:53.0417 2640 tmpreflt (803ee35df92815ea5d41cee7410c8cc1) C:\Windows\system32\DRIVERS\tmpreflt.sys
15:24:53.0433 2640 tmpreflt - ok
15:24:53.0495 2640 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
15:24:53.0526 2640 tmtdi - ok
15:24:53.0620 2640 tmxpflt (9bd32132a3470cefb3cbea5fa492bd6f) C:\Windows\system32\DRIVERS\tmxpflt.sys
15:24:53.0651 2640 tmxpflt - ok
15:24:53.0682 2640 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:53.0745 2640 tssecsrv - ok
15:24:53.0854 2640 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:24:53.0963 2640 TsUsbFlt - ok
15:24:54.0057 2640 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:24:54.0119 2640 tunnel - ok
15:24:54.0166 2640 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:24:54.0197 2640 uagp35 - ok
15:24:54.0291 2640 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:24:54.0369 2640 udfs - ok
15:24:54.0431 2640 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:24:54.0447 2640 uliagpkx - ok
15:24:54.0540 2640 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:24:54.0603 2640 umbus - ok
15:24:54.0634 2640 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:24:54.0665 2640 UmPass - ok
15:24:54.0759 2640 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:24:54.0805 2640 USBAAPL64 - ok
15:24:54.0837 2640 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:54.0899 2640 usbccgp - ok
15:24:54.0977 2640 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:24:55.0039 2640 usbcir - ok
15:24:55.0055 2640 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:24:55.0102 2640 usbehci - ok
15:24:55.0195 2640 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:24:55.0242 2640 usbhub - ok
15:24:55.0273 2640 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:24:55.0289 2640 usbohci - ok
15:24:55.0367 2640 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:24:55.0445 2640 usbprint - ok
15:24:55.0492 2640 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:24:55.0539 2640 USBSTOR - ok
15:24:55.0617 2640 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
15:24:55.0663 2640 usbuhci - ok
15:24:55.0757 2640 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:24:55.0804 2640 usbvideo - ok
15:24:55.0851 2640 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:24:55.0866 2640 vdrvroot - ok
15:24:55.0960 2640 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:55.0991 2640 vga - ok
15:24:56.0007 2640 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:24:56.0069 2640 VgaSave - ok
15:24:56.0147 2640 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:24:56.0163 2640 vhdmp - ok
15:24:56.0241 2640 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
15:24:56.0303 2640 VIAHdAudAddService - ok
15:24:56.0381 2640 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:24:56.0412 2640 viaide - ok
15:24:56.0459 2640 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:24:56.0490 2640 volmgr - ok
15:24:56.0537 2640 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:24:56.0568 2640 volmgrx - ok
15:24:56.0724 2640 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:24:56.0755 2640 volsnap - ok
15:24:56.0880 2640 vsapint (b01ce1f5a44126892240d179a6dbd43f) C:\Windows\system32\DRIVERS\vsapint.sys
15:24:56.0927 2640 vsapint - ok
15:24:57.0036 2640 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:24:57.0067 2640 vsmraid - ok
15:24:57.0099 2640 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:24:57.0161 2640 vwifibus - ok
15:24:57.0239 2640 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:24:57.0301 2640 vwififlt - ok
15:24:57.0426 2640 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:24:57.0457 2640 WacomPen - ok
15:24:57.0598 2640 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:24:57.0660 2640 WANARP - ok
15:24:57.0676 2640 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:24:57.0723 2640 Wanarpv6 - ok
15:24:57.0816 2640 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:24:57.0832 2640 Wd - ok
15:24:57.0863 2640 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:24:57.0894 2640 Wdf01000 - ok
15:24:57.0988 2640 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:24:58.0035 2640 WfpLwf - ok
15:24:58.0066 2640 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
15:24:58.0081 2640 WimFltr - ok
15:24:58.0097 2640 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:24:58.0113 2640 WIMMount - ok
15:24:58.0206 2640 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:24:58.0269 2640 WinUsb - ok
15:24:58.0284 2640 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:24:58.0315 2640 WmiAcpi - ok
15:24:58.0440 2640 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:24:58.0534 2640 ws2ifsl - ok
15:24:58.0596 2640 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:24:58.0643 2640 WudfPf - ok
15:24:58.0752 2640 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:58.0815 2640 WUDFRd - ok
15:24:58.0861 2640 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:24:59.0033 2640 \Device\Harddisk0\DR0 - ok
15:24:59.0049 2640 Boot (0x1200) (59952d097d67c673b68adf5157202de0) \Device\Harddisk0\DR0\Partition0
15:24:59.0049 2640 \Device\Harddisk0\DR0\Partition0 - ok
15:24:59.0080 2640 Boot (0x1200) (d982282d8b171e6c91431bb3294c2b2c) \Device\Harddisk0\DR0\Partition1
15:24:59.0080 2640 \Device\Harddisk0\DR0\Partition1 - ok
15:24:59.0095 2640 ============================================================
15:24:59.0095 2640 Scan finished
15:24:59.0095 2640 ============================================================
15:24:59.0111 0572 Detected object count: 0
15:24:59.0111 0572 Actual detected object count: 0
|
|
17.01.2012, 15:40
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Searchqu im Firefox lässt sich nicht löschen! Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
17.01.2012, 17:17
| #19 |
| | Searchqu im Firefox lässt sich nicht löschen! Die Ausführung hat irgendwie länger gedauert, nach dem das Log erstellt wurde konnte ich keine Programme mehr öffnen und habe den Computer neu gestartet, jetzt kann ich sie wieder normal öffnen. Hier das Log: [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-01-17.01 - Giova 17.01.2012 15:47:28.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.2623 [GMT 1:00]
ausgeführt von:: c:\users\Giova\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Trend Micro Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\programdata\FullRemove.exe
c:\users\Giova\Documents\~WRL0003.tmp
c:\users\Giova\Documents\~WRL0004.tmp
c:\users\Giova\Documents\~WRL0005.tmp
c:\users\Giova\Documents\~WRL0635.tmp
c:\users\Giova\Documents\~WRL1547.tmp
c:\users\Giova\Documents\~WRL3255.tmp
c:\users\Giova\Documents\~WRL3670.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-12-17 bis 2012-01-17 ))))))))))))))))))))))))))))))
.
.
2012-01-17 15:51 . 2012-01-17 15:51 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E54FE8ED-ECA6-40A3-9937-DB1BFB16D616}\offreg.dll
2012-01-17 15:46 . 2012-01-17 15:46 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-01-17 15:46 . 2012-01-17 15:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-17 14:10 . 2012-01-17 14:10 -------- d-----w- C:\_OTL
2012-01-17 11:42 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E54FE8ED-ECA6-40A3-9937-DB1BFB16D616}\mpengine.dll
2012-01-16 20:53 . 2012-01-16 20:53 -------- d-----w- c:\program files (x86)\ESET
2012-01-16 20:00 . 2012-01-16 20:00 -------- d-----w- c:\users\Giova\AppData\Roaming\Malwarebytes
2012-01-16 19:59 . 2012-01-16 19:59 -------- d-----w- c:\programdata\Malwarebytes
2012-01-16 19:59 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-16 19:59 . 2012-01-16 19:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-13 19:57 . 2011-12-08 12:28 311296 ----a-w- c:\windows\SysWow64\TubeFinder.exe
2012-01-13 19:57 . 2011-09-28 08:18 9728 ----a-w- c:\windows\SysWow64\PCCLPFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18 84512 ----a-w- c:\windows\SysWow64\PICCLP32.OCX
2012-01-13 19:57 . 2011-09-28 08:18 364544 ----a-w- c:\windows\SysWow64\PropertyGrid.ocx
2012-01-13 19:57 . 2011-09-28 08:18 141312 ----a-w- c:\windows\SysWow64\MSCMCFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18 119568 ----a-w- c:\windows\SysWow64\VB6FR.DLL
2012-01-13 19:57 . 2011-09-28 08:18 1081616 ----a-w- c:\windows\SysWow64\mscomctl.ocx
2012-01-13 19:57 . 2011-09-28 08:18 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2012-01-13 19:57 . 2011-09-28 08:18 32768 ----a-w- c:\windows\SysWow64\CMDLGFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18 24576 ----a-w- c:\windows\SysWow64\ControlSubX.ocx
2012-01-13 19:57 . 2011-09-28 08:18 152848 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2012-01-13 19:57 . 2012-01-13 19:58 -------- d-----w- c:\users\Giova\AppData\Roaming\FreeFLVConverter
2012-01-12 16:41 . 2012-01-12 16:41 -------- d-----r- c:\program files (x86)\Skype
2012-01-11 11:42 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 11:42 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 11:42 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 11:42 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 11:42 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 11:42 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 11:42 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 11:42 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-01 19:45 . 2012-01-01 19:45 -------- d-----w- c:\users\Giova\AppData\Local\DDMSettings
2011-12-26 21:22 . 2011-12-26 21:22 -------- d-----w- c:\users\Giova\AppData\Local\MetaGeek,_LLC
2011-12-19 21:09 . 2011-12-19 21:10 -------- d-----w- c:\program files\iTunes
2011-12-19 21:09 . 2011-12-19 21:10 -------- d-----w- c:\program files (x86)\iTunes
2011-12-19 21:09 . 2011-12-19 21:09 -------- d-----w- c:\program files\iPod
2011-12-19 12:19 . 2011-12-19 12:19 -------- d-----w- c:\users\Gast\AppData\Local\Microsoft Games
2011-12-19 07:39 . 2011-12-19 08:31 -------- d-----w- c:\users\Gast\AppData\Local\Adobe
2011-12-18 21:42 . 2011-12-18 21:43 -------- d-----w- c:\users\Gast\AppData\Roaming\vlc
2011-12-18 15:53 . 2011-12-18 15:53 -------- d-----w- c:\users\Gast\AppData\Local\Mozilla
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-17 14:17 . 2011-06-09 19:55 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-24 04:52 . 2011-12-15 01:09 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-05 05:41 . 2011-12-15 01:09 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 05:32 . 2011-12-15 01:08 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:35 . 2011-12-15 01:09 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-11-05 04:26 . 2011-12-15 01:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-11-05 03:32 . 2011-12-15 01:09 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-11-05 02:48 . 2011-12-15 01:09 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-10-26 05:21 . 2011-12-15 01:09 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 19550344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-06-29 2429]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-11-03 220744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Giova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-6-29 12862]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-6-29 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SmileyCentral_1vService;SmileyCentral Service;c:\progra~2\SMILEY~2\bar\1.bin\1vbarsvc.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2010-02-23 917768]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-09-07 202048]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 tmpreflt;tmpreflt;c:\windows\system32\DRIVERS\tmpreflt.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-01-16 c:\windows\Tasks\Norton Security Scan for Giova.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-11 13:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-02-23 1022904]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: Free YouTube Download - c:\users\Giova\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Giova\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 195.58.161.122 195.58.160.194
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
FF - ProfilePath - c:\users\Giova\AppData\Roaming\Mozilla\Firefox\Profiles\odoyzwri.default\
FF - prefs.js: browser.startup.homepage - hxxps://online.uni-salzburg.at/plus_online/webnav.ini
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-Searchqu 413 MediaBar - c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstallTB.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-17 17:08:54 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-01-17 16:08
.
Vor Suchlauf: 1.535.299.584 Bytes frei
Nach Suchlauf: 1.930.321.920 Bytes frei
.
- - End Of File - - 0D7C4122433CF7276D6810045C4C927C
|
|
17.01.2012, 21:29
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Searchqu im Firefox lässt sich nicht löschen!Zitat:
 Sowas geht nicht, bitte umgehend einen der beiden deinstallieren
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.01.2012, 22:25
| #23 |
| | Searchqu im Firefox lässt sich nicht löschen! Ok, Trendmicro ist weg und der Computer wurde neu gestartet. Was soll ich jetzt tun? |
|
17.01.2012, 22:28
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Searchqu im Firefox lässt sich nicht löschen! Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter Dirlook::
c:\users\Giova\AppData\Local\DDMSettings
c:\users\Giova\AppData\Local\MetaGeek,_LLC
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.01.2012, 23:15
| #25 |
| | Searchqu im Firefox lässt sich nicht löschen! [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-01-17.01 - Giova 17.01.2012 22:34:39.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.2453 [GMT 1:00]
ausgeführt von:: c:\users\Giova\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Giova\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-12-17 bis 2012-01-17 ))))))))))))))))))))))))))))))
.
.
2012-01-17 21:52 . 2012-01-17 21:52 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E54FE8ED-ECA6-40A3-9937-DB1BFB16D616}\offreg.dll
2012-01-17 21:47 . 2012-01-17 21:47 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-01-17 21:47 . 2012-01-17 21:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-17 14:10 . 2012-01-17 14:10 -------- d-----w- C:\_OTL
2012-01-17 11:42 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E54FE8ED-ECA6-40A3-9937-DB1BFB16D616}\mpengine.dll
2012-01-16 20:53 . 2012-01-16 20:53 -------- d-----w- c:\program files (x86)\ESET
2012-01-16 20:00 . 2012-01-16 20:00 -------- d-----w- c:\users\Giova\AppData\Roaming\Malwarebytes
2012-01-16 19:59 . 2012-01-16 19:59 -------- d-----w- c:\programdata\Malwarebytes
2012-01-16 19:59 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-16 19:59 . 2012-01-16 19:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-13 19:57 . 2011-12-08 12:28 311296 ----a-w- c:\windows\SysWow64\TubeFinder.exe
2012-01-13 19:57 . 2011-09-28 08:18 9728 ----a-w- c:\windows\SysWow64\PCCLPFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18 84512 ----a-w- c:\windows\SysWow64\PICCLP32.OCX
2012-01-13 19:57 . 2011-09-28 08:18 364544 ----a-w- c:\windows\SysWow64\PropertyGrid.ocx
2012-01-13 19:57 . 2011-09-28 08:18 141312 ----a-w- c:\windows\SysWow64\MSCMCFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18 119568 ----a-w- c:\windows\SysWow64\VB6FR.DLL
2012-01-13 19:57 . 2011-09-28 08:18 1081616 ----a-w- c:\windows\SysWow64\mscomctl.ocx
2012-01-13 19:57 . 2011-09-28 08:18 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2012-01-13 19:57 . 2011-09-28 08:18 32768 ----a-w- c:\windows\SysWow64\CMDLGFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18 24576 ----a-w- c:\windows\SysWow64\ControlSubX.ocx
2012-01-13 19:57 . 2011-09-28 08:18 152848 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2012-01-13 19:57 . 2012-01-13 19:58 -------- d-----w- c:\users\Giova\AppData\Roaming\FreeFLVConverter
2012-01-12 16:41 . 2012-01-12 16:41 -------- d-----r- c:\program files (x86)\Skype
2012-01-11 11:42 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 11:42 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-01-11 11:42 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 11:42 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-01-11 11:42 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 11:42 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-01-11 11:42 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-01-11 11:42 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-01-01 19:45 . 2012-01-01 19:45 -------- d-----w- c:\users\Giova\AppData\Local\DDMSettings
2011-12-26 21:22 . 2011-12-26 21:22 -------- d-----w- c:\users\Giova\AppData\Local\MetaGeek,_LLC
2011-12-19 21:09 . 2011-12-19 21:10 -------- d-----w- c:\program files\iTunes
2011-12-19 21:09 . 2011-12-19 21:10 -------- d-----w- c:\program files (x86)\iTunes
2011-12-19 21:09 . 2011-12-19 21:09 -------- d-----w- c:\program files\iPod
2011-12-19 12:19 . 2011-12-19 12:19 -------- d-----w- c:\users\Gast\AppData\Local\Microsoft Games
2011-12-19 07:39 . 2011-12-19 08:31 -------- d-----w- c:\users\Gast\AppData\Local\Adobe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-17 14:17 . 2011-06-09 19:55 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-24 04:52 . 2011-12-15 01:09 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-05 05:41 . 2011-12-15 01:09 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 05:32 . 2011-12-15 01:08 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 04:35 . 2011-12-15 01:09 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-11-05 04:26 . 2011-12-15 01:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-11-05 03:32 . 2011-12-15 01:09 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-11-05 02:48 . 2011-12-15 01:09 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-10-26 05:21 . 2011-12-15 01:09 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Giova\AppData\Local\DDMSettings ----
.
2012-01-01 19:45 . 2012-01-06 11:56 186 ----a-w- c:\users\Giova\AppData\Local\DDMSettings\settings.ddi
.
---- Directory of c:\users\Giova\AppData\Local\MetaGeek,_LLC ----
.
2011-12-26 21:22 . 2011-12-26 21:22 2260 ----a-w- c:\users\Giova\AppData\Local\MetaGeek,_LLC\inSSIDer.exe_Url_umwk0c2hi3qlqzox2wrhwjzw4bansefp\2.0.7.126\user.config
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-17_15.49.46 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-01-17 15:47 . 2012-01-17 15:47 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2012-01-17 21:48 . 2012-01-17 21:48 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2012-01-17 15:48 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-17 21:48 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-17 21:48 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-17 15:48 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-17 21:48 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-17 15:48 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-29 21:23 . 2012-01-17 21:50 41588 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-17 21:50 39126 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:30 . 2012-01-17 21:19 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-12-22 19:06 86016 c:\windows\system32\DriverStore\infpub.dat
- 2010-09-09 09:26 . 2012-01-17 15:49 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-09 09:26 . 2012-01-17 21:48 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-17 14:14 . 2012-01-17 21:48 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-01-17 14:14 . 2012-01-17 15:49 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-17 21:48 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-17 15:49 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-08 18:41 . 2012-01-17 14:17 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-08 18:41 . 2012-01-17 21:23 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-08 18:41 . 2012-01-17 14:17 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-08 18:41 . 2012-01-17 21:23 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-09-08 18:41 . 2012-01-17 14:17 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-08 18:41 . 2012-01-17 21:23 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-08 18:36 . 2012-01-17 15:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-08 18:36 . 2012-01-17 21:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-08 18:36 . 2012-01-17 15:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-08 18:36 . 2012-01-17 21:23 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-19 14:20 . 2012-01-17 14:13 7876 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-09-19 14:20 . 2012-01-17 21:20 7876 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-09-08 18:41 . 2012-01-17 21:50 8790 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-31118504-3028418663-3128556308-1001_UserData.bin
+ 2012-01-17 21:48 . 2012-01-17 21:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-17 15:48 . 2012-01-17 15:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-17 21:48 . 2012-01-17 21:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-17 15:48 . 2012-01-17 15:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:30 . 2011-12-22 19:06 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-01-17 21:19 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-01-17 21:19 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-12-19 21:07 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:01 . 2012-01-17 21:48 275420 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-01-17 15:47 275420 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-15 21:13 . 2012-01-17 21:48 45421192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-31118504-3028418663-3128556308-1001-8192.dat
- 2011-07-15 21:13 . 2012-01-17 15:47 45421192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-31118504-3028418663-3128556308-1001-8192.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 19550344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-06-29 2429]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-11-03 220744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Giova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-6-29 12862]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-6-29 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SmileyCentral_1vService;SmileyCentral Service;c:\progra~2\SMILEY~2\bar\1.bin\1vbarsvc.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-09-07 202048]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-01-16 c:\windows\Tasks\Norton Security Scan for Giova.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-11 13:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: Free YouTube Download - c:\users\Giova\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Giova\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 195.58.161.122 195.58.160.194
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
FF - ProfilePath - c:\users\Giova\AppData\Roaming\Mozilla\Firefox\Profiles\odoyzwri.default\
FF - prefs.js: browser.startup.homepage - hxxps://online.uni-salzburg.at/plus_online/webnav.ini
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-17 23:08:59 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-01-17 22:08
ComboFix2.txt 2012-01-17 16:09
.
Vor Suchlauf: 2.330.009.600 Bytes frei
Nach Suchlauf: 2.287.067.136 Bytes frei
.
- - End Of File - - BF3A1D1DF56F9224F98B6F45759817F7
|
|
18.01.2012, 11:55
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Searchqu im Firefox lässt sich nicht löschen! Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.01.2012, 12:25
| #27 |
| | Searchqu im Firefox lässt sich nicht löschen!Code:
ATTFilter aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-18 11:58:24
-----------------------------
11:58:24.807 OS Version: Windows x64 6.1.7601 Service Pack 1
11:58:24.808 Number of processors: 2 586 0x170A
11:58:24.809 ComputerName: GIOVA-PC UserName: Giova
11:58:25.500 Initialize success
12:02:32.522 AVAST engine defs: 12011800
12:02:41.301 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:02:41.304 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
12:02:41.316 Disk 0 MBR read successfully
12:02:41.319 Disk 0 MBR scan
12:02:41.338 Disk 0 Windows 7 default MBR code
12:02:41.342 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 20002 MB offset 63
12:02:41.389 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 40965750
12:02:41.395 Disk 0 Partition - 00 0F Extended LBA 208932 MB offset 197246976
12:02:41.426 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 208931 MB offset 197249024
12:02:41.433 Service scanning
12:02:46.462 Modules scanning
12:02:46.469 Disk 0 trace - called modules:
12:02:46.493 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
12:02:46.834 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a87060]
12:02:46.849 3 CLASSPNP.SYS[fffff88001bbb43f] -> nt!IofCallDriver -> [0xfffffa8004613570]
12:02:46.860 5 ACPI.sys[fffff88000f027a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004619050]
12:02:47.494 AVAST engine scan C:\Windows
12:02:56.290 AVAST engine scan C:\Windows\system32
12:05:08.221 AVAST engine scan C:\Windows\system32\drivers
12:05:19.922 AVAST engine scan C:\Users\Giova
12:22:01.017 AVAST engine scan C:\ProgramData
12:24:33.628 Scan finished successfully
12:24:59.061 Disk 0 MBR has been saved successfully to "C:\Users\Giova\Desktop\MBR.dat"
12:24:59.067 The log file has been saved successfully to "C:\Users\Giova\Desktop\aswMBR.txt"
|
|
18.01.2012, 12:27
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Searchqu im Firefox lässt sich nicht löschen! Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.01.2012, 16:11
| #29 |
| | Searchqu im Firefox lässt sich nicht löschen! Hier das Log von Malwarebytes, Superantispyware ist noch in Arbeit. Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.0.1800 www.malwarebytes.org Datenbank Version: v2012.01.18.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Giova :: GIOVA-PC [Administrator] Schutz: Deaktiviert 18.01.2012 12:28:57 mbam-log-2012-01-18 (12-28-57).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 355105 Laufzeit: 2 Stunde(n), 42 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
18.01.2012, 16:44
| #30 |
| | Searchqu im Firefox lässt sich nicht löschen! Und hier das Log von Superantispyware. Was soll ich mit den gefundenen infizierten Dateien machen? Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 01/18/2012 at 04:42 PM
Application Version : 5.0.1142
Core Rules Database Version : 8139
Trace Rules Database Version: 5951
Scan type : Complete Scan
Total Scan Time : 03:55:23
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 655
Memory threats detected : 0
Registry items scanned : 70939
Registry threats detected : 0
File items scanned : 192624
File threats detected : 167
Adware.Tracking Cookie
C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\3SOWUB4V.txt [ /mediaplex.com ]
C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\WS58T4AU.txt [ /c.atdmt.com ]
C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\41208G2V.txt [ /apmebf.com ]
C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\Q5XI3KHJ.txt [ /atdmt.com ]
C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\MISMID06.txt [ /atdmt.combing.com ]
C:\USERS\GIOVA\Cookies\3SOWUB4V.txt [ Cookie:giova@mediaplex.com/ ]
C:\USERS\GIOVA\Cookies\WS58T4AU.txt [ Cookie:giova@c.atdmt.com/ ]
C:\USERS\GIOVA\Cookies\Q5XI3KHJ.txt [ Cookie:giova@atdmt.com/ ]
C:\USERS\GIOVA\Cookies\MISMID06.txt [ Cookie:giova@atdmt.combing.com/ ]
.doubleclick.net [ C:\USERS\GIOVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.divx.112.2o7.net [ C:\USERS\GIOVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.frontlinegmbh.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjl4eoazwbq.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.ad6media.fr [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.ad6media.fr [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgmyeodpalo.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekoukcjwbq.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.eucerin.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.viewablemedia.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
s04.flagcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.xxxmatch.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.xxxmatch.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
wt.xxxmatch.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.c.gigcount.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
partneradserver.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.snapfish.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
stats.bmw.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.divx.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
spenden.wikimedia.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.texasinstrument.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mediamarkt.at [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.mediamarkt.at [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
s02.flagcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
s04.flagcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
s07.flagcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekysmcpgeq.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
delivery.way2traffic.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
tracking.oe24.at [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlyagazeeq.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmykkdjmep.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.findlauren.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
stat.aldi.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlooodzggp.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.global.beyondrichmedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.global.beyondrichmedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.global.beyondrichmedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
tracking.dc-storm.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
media.liste-grossistes-aubervilliers.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.mtvn.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
s14.shinystat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
s14.shinystat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
.shinystat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
|
|
| Themen zu Searchqu im Firefox lässt sich nicht löschen! |
| adobe, alternate, antivir, asus, autorun, avira, bho, converter, defender, desktop, error, explorer, firefox, format, google, home, logfile, löschen, mozilla, mp3, otl-datei, pdf, plug-in, registry, scan, security, security scan, software, vdeck.exe, webcheck, windows |
Linear-Darstellung
