| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVirWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.01.2012, 20:10
| #31 |
 |  Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Bittesehr... [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-01-18.04 - Bernd2 18.01.2012 19:45:41.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.2287 [GMT 1:00]
ausgeführt von:: c:\users\Bernd2\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Bernd2\Desktop\CFScript.txt
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-12-18 bis 2012-01-18 ))))))))))))))))))))))))))))))
.
.
2012-01-18 19:01 . 2012-01-18 19:01 -------- d-----w- c:\users\Simon\AppData\Local\temp
2012-01-18 19:01 . 2012-01-18 19:01 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2012-01-18 19:01 . 2012-01-18 19:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-18 19:01 . 2012-01-18 19:01 -------- d-----w- c:\users\Bernd2\AppData\Local\temp
2012-01-18 19:01 . 2012-01-18 19:01 -------- d-----w- c:\users\Bernd\AppData\Local\temp
2012-01-18 18:33 . 2012-01-18 18:33 -------- d-----w- c:\users\Bernd2\AppData\Roaming\Avira
2012-01-18 17:40 . 2012-01-18 17:40 -------- d-----w- c:\users\Simon\AppData\Roaming\Avira
2012-01-18 17:37 . 2011-10-11 14:06 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-01-18 17:37 . 2011-10-11 14:06 134344 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-01-18 17:37 . 2011-10-11 14:06 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-01-18 17:37 . 2012-01-18 17:38 -------- d-----w- c:\programdata\Avira
2012-01-18 17:37 . 2012-01-18 17:37 -------- d-----w- c:\program files\Avira
2012-01-17 13:21 . 2012-01-17 13:21 -------- d-----w- c:\users\Simon\AppData\Roaming\Malwarebytes
2012-01-17 13:21 . 2012-01-17 13:21 -------- d-----w- c:\programdata\Malwarebytes
2012-01-17 13:21 . 2012-01-17 13:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-17 13:21 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-17 12:30 . 2012-01-17 12:30 -------- d-----w- C:\_OTL
2012-01-17 11:17 . 2012-01-17 11:17 -------- d-----w- c:\program files\CCleaner
2012-01-17 06:55 . 2012-01-17 06:55 -------- d-----w- C:\TDSSKiller_Quarantine
2012-01-16 20:03 . 2012-01-16 20:03 -------- d-----w- c:\program files\PhotomatixPro4
2012-01-14 17:09 . 2012-01-14 17:09 -------- d-----w- c:\program files\Imagenomic
2012-01-14 10:02 . 2012-01-14 10:02 -------- d-----w- c:\users\Simon\AppData\Roaming\HDRsoft
2012-01-13 09:21 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6C51F070-F142-4D7D-B22B-078DD8E29E4C}\mpengine.dll
2012-01-11 12:21 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 12:21 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 12:21 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 12:19 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 12:19 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 12:19 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-11 12:19 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 12:19 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 12:18 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-11 12:18 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-11 12:18 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-11 12:18 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-11 12:18 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-11 12:18 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-08 16:02 . 2012-01-08 16:02 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-01-06 17:37 . 2012-01-06 17:37 -------- d-----w- c:\users\Simon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-01-06 17:36 . 2012-01-06 17:36 -------- d-----w- c:\program files\Adobe Download Assistant
2012-01-06 17:36 . 2012-01-06 17:36 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-01-06 11:15 . 2012-01-06 11:15 -------- d-----w- c:\programdata\FLEXnet
2012-01-06 11:12 . 2007-02-20 15:04 190696 ------w- c:\windows\system32\NPSWF32_FlashUtil.exe
2012-01-06 11:12 . 2007-02-20 15:04 2463976 ------w- c:\windows\system32\NPSWF32.dll
2012-01-06 10:57 . 2012-01-06 10:57 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-01-06 10:52 . 2012-01-06 10:52 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-01-06 10:52 . 2012-01-06 10:52 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-01-06 10:51 . 2012-01-06 10:54 -------- d-----w- c:\users\Simon\AppData\Roaming\DAEMON Tools Lite
2012-01-06 10:51 . 2012-01-06 10:51 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-01-01 21:53 . 2012-01-01 21:53 -------- d-----w- c:\program files\iPod
2012-01-01 21:53 . 2012-01-01 21:54 -------- d-----w- c:\program files\iTunes
2011-12-27 11:53 . 2011-12-27 11:53 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-27 11:53 . 2011-12-27 11:53 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-27 11:53 . 2011-12-27 11:53 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-27 11:53 . 2011-12-27 11:53 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-14 17:08 . 2011-06-12 20:23 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:37 . 2011-12-14 11:19 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:42 . 2011-12-14 11:19 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47 . 2011-12-14 11:24 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40 . 2011-12-14 11:24 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39 . 2011-12-14 11:24 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31 . 2011-12-14 11:24 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01 . 2011-12-14 11:19 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01 . 2011-12-14 11:19 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 15:56 . 2011-12-14 11:19 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ------w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ------w- c:\windows\system32\QuickTime.qts
2011-12-27 11:53 . 2011-03-10 22:31 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-31 102400]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2007-09-01 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-09-06 188416]
"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2007-09-07 86016]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-18 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-18 8501792]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"toolbar_eula_launcher"=c:\program files\GoogleEULA\EULALauncher.exe
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"UCam_Menu"="c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "c:\program files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\1.0"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3667741701-2761226800-4140390284-1003]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3667741701-2761226800-4140390284-1004]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3667741701-2761226800-4140390284-1005]
"EnableNotificationsRef"=dword:00000001
.
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - SSMDRV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.aldi.com/
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4
IE: {{00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - {5D7B119E-062F-476B-A5E7-797FAF554BA2} - c:\progra~1\1PASSW~1\AGILE1~1.DLL
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.11.1
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
FF - ProfilePath - c:\users\Bernd2\AppData\Roaming\Mozilla\Firefox\Profiles\ib27m6gx.default\
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
Zeit der Fertigstellung: 2012-01-18 20:07:52
ComboFix-quarantined-files.txt 2012-01-18 19:07
ComboFix2.txt 2012-01-18 17:17
.
Vor Suchlauf: 15 Verzeichnis(se), 11.283.480.576 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 11.171.110.912 Bytes frei
.
- - End Of File - - F91E42030310C38AFC5C48D20E72354C
Und schon einmal wirklich herzlichen Dank für deinen Einsatz für mich!!!  |
|
18.01.2012, 20:17
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.
__________________Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ |
|
18.01.2012, 20:58
| #33 |
| | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 18.01.2012 20:24:37 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Simon\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,72% Memory free 6,19 Gb Paging File | 5,16 Gb Available in Paging File | 83,30% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 126,37 Gb Total Space | 10,47 Gb Free Space | 8,28% Space Free | Partition Type: NTFS Drive D: | 22,66 Gb Total Space | 13,03 Gb Free Space | 57,51% Space Free | Partition Type: FAT32 Computer Name: SIMON-LAPTOP | User Name: Simon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.18 20:23:37 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.10.11 15:06:12 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.11 15:05:59 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 15:05:48 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2011.10.11 15:05:46 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe PRC - [2011.10.11 15:05:46 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 15:05:46 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011.09.14 22:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe PRC - [2011.08.10 14:31:10 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe PRC - [2011.08.10 14:28:38 | 001,526,080 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe PRC - [2010.05.05 18:59:40 | 000,583,360 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007.10.31 12:35:58 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe PRC - [2007.10.03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007.08.31 10:04:26 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe PRC - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - [2012.01.06 11:57:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.10.11 15:05:59 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 15:05:48 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2011.10.11 15:05:46 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2011.10.11 15:05:46 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.10.02 17:41:42 | 000,767,240 | ---- | M] (AgileBits) [Disabled | Stopped] -- C:\Program Files\1Password\Agile1pService.exe -- (Agile1Password) SRV - [2011.09.14 22:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0) SRV - [2011.08.10 14:28:38 | 001,526,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.08.10 14:23:30 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2010.05.05 18:59:40 | 000,583,360 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent) SRV - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe -- (IAANTMON) Intel(R) SRV - [2007.09.11 14:37:58 | 000,118,784 | ---- | M] (Wistron Corp.) [Disabled | Stopped] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc) SRV - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) ========== Driver Services (SafeList) ========== DRV - [2012.01.06 11:52:31 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.10.11 15:06:12 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.10.11 15:06:12 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 15:06:12 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.09.26 17:16:14 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2011.09.16 14:10:50 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2011.08.18 13:45:42 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vncmirror.sys -- (vncmirror) DRV - [2010.11.29 19:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.05.05 18:46:38 | 000,019,680 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva) DRV - [2009.04.11 05:45:37 | 000,185,856 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (netbt) DRV - [2009.02.05 18:39:08 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiWinAcc.sys -- (SiFilter) DRV - [2009.02.05 18:39:00 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SiRemFil.sys -- (SiRemFil) DRV - [2009.02.05 18:38:24 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Si3531.sys -- (Si3531) DRV - [2007.12.18 11:31:00 | 007,630,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007.08.30 19:24:24 | 000,805,416 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607) DRV - [2007.08.28 15:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) DRV - [2007.08.22 18:50:38 | 001,749,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2007.08.08 07:26:06 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007.07.31 10:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap) DRV - [2006.11.28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.11.02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2003.04.28 10:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=0.8.6c: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.06 12:38:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.06 12:38:36 | 000,000,000 | ---D | M] [2011.03.09 10:06:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\mozilla\Extensions [2012.01.06 10:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\mozilla\Firefox\Profiles\xrixt5i0.default\extensions [2011.12.12 22:48:40 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Simon\AppData\Roaming\mozilla\Firefox\Profiles\xrixt5i0.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2011.11.28 22:00:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions () (No name found) -- C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\EXTENSIONS\{6E764C17-863A-450F-BDD0-6772BD5AAA18}.XPI () (No name found) -- C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI () (No name found) -- C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.12.27 12:53:59 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011.12.27 12:53:56 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.12.27 12:53:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.12.27 12:53:56 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.12.27 12:53:56 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.27 12:53:56 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.12.27 12:53:56 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.01.18 18:10:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (1Password) - {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} - C:\PROGRA~1\1PASSW~1\AGILE1~1.DLL (AgileBits) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe () O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Evernote 4.0 - C:\Users\Simon\AppData\Local\Apps\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: 1Password - {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - C:\PROGRA~1\1PASSW~1\AGILE1~1.DLL (AgileBits) O9 - Extra 'Tools' menuitem : 1Password Ctrl+Alt+ß - {00FAC6C9-C494-4AD8-B3C0-DE677AFDDBD8} - C:\PROGRA~1\1PASSW~1\AGILE1~1.DLL (AgileBits) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197719312979 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C395699-C9E9-4033-BBF3-620ECC9DDFB9}: DhcpNameServer = 192.168.11.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BBB45861-79BD-4D58-A980-3EC0AE2A0BF8}: DhcpNameServer = 192.168.11.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img35.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img35.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{14942f83-9cc6-11e0-a34a-0016d389e0d2}\Shell - "" = AutoRun O33 - MountPoints2\{14942f83-9cc6-11e0-a34a-0016d389e0d2}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{db6cfa6c-9524-11e0-bfa9-0016d389e0d2}\Shell - "" = AutoRun O33 - MountPoints2\{db6cfa6c-9524-11e0-bfa9-0016d389e0d2}\Shell\AutoRun\command - "" = G:\AurLaunch\LaunchScreen.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MPSSvc - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetBT - C:\Windows\System32\drivers\netbt.sys () SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - Service SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error. ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.01.18 20:23:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe [2012.01.18 20:08:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012.01.18 20:07:55 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012.01.18 20:07:55 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\temp [2012.01.18 19:36:02 | 000,000,000 | ---D | C] -- C:\ComboFix [2012.01.18 18:40:07 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Avira [2012.01.18 18:37:46 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.01.18 18:37:39 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.01.18 18:37:39 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys [2012.01.18 18:37:38 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2012.01.18 18:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.01.18 18:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.01.18 17:46:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.01.18 17:46:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.01.18 17:46:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.01.18 17:37:36 | 004,387,138 | ---- | C] (Swearware) -- C:\Users\Simon\Desktop\ComboFix.exe [2012.01.18 17:18:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012.01.18 17:10:48 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.01.17 14:21:40 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Malwarebytes [2012.01.17 14:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.01.17 14:21:19 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.01.17 14:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.01.17 13:30:33 | 000,000,000 | ---D | C] -- C:\_OTL [2012.01.17 12:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.01.17 07:55:34 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012.01.17 00:13:04 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\Cro_Meine_Musik_Mixtape [2012.01.16 22:27:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.01.16 21:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 4.1 [2012.01.16 21:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\PhotomatixPro4 [2012.01.15 12:38:12 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\SHK Psychologisches Insititut [2012.01.15 12:09:12 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\HDR [2012.01.14 18:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imagenomic [2012.01.14 18:09:29 | 000,000,000 | ---D | C] -- C:\Program Files\Imagenomic [2012.01.14 11:02:15 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\HDRsoft [2012.01.13 17:35:00 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\Neuer Ordner [2012.01.12 22:05:26 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Praktikum FC Schalke 04 [2012.01.08 17:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012.01.06 18:37:56 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.01.06 18:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant [2012.01.06 18:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2012.01.06 12:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2012.01.06 12:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS3 [2012.01.06 11:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2012.01.06 11:52:31 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012.01.06 11:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2012.01.06 11:51:43 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\DAEMON Tools Lite [2012.01.06 11:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012.01.05 12:19:55 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Groupon.de [2012.01.01 22:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.01.01 22:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.01.01 22:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2007.10.22 12:45:46 | 000,180,224 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [2007.10.22 12:45:45 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2012.01.18 20:23:37 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe [2012.01.18 20:22:18 | 000,132,531 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\nvModes.001 [2012.01.18 20:15:51 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.18 20:15:51 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.18 20:15:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.18 20:15:35 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys [2012.01.18 18:32:00 | 081,313,744 | ---- | M] () -- C:\Users\Simon\Desktop\avira_antivirus_premium_de.exe [2012.01.18 18:23:05 | 000,132,531 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\nvModes.dat [2012.01.18 18:10:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012.01.18 17:40:53 | 004,387,138 | ---- | M] (Swearware) -- C:\Users\Simon\Desktop\ComboFix.exe [2012.01.18 14:37:39 | 176,112,170 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.01.18 14:19:07 | 000,642,248 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.01.18 14:19:07 | 000,607,228 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.01.18 14:19:07 | 000,131,686 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.01.18 14:19:07 | 000,108,604 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.01.17 12:17:44 | 000,000,808 | ---- | M] () -- C:\Users\Simon\Desktop\CCleaner.lnk [2012.01.16 21:03:50 | 000,001,787 | ---- | M] () -- C:\Users\Simon\Desktop\Photomatix Pro 4.1.4 (32-bit).lnk [2012.01.15 23:17:30 | 000,000,414 | ---- | M] () -- C:\Users\Simon\Desktop\Bilder.lnk [2012.01.15 12:45:40 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012.01.14 18:09:30 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Noiseware Community Edition.lnk [2012.01.13 10:31:34 | 000,040,960 | ---- | M] () -- C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.12 20:33:28 | 000,056,065 | ---- | M] () -- C:\Users\Simon\Desktop\jessicas plan.pdf [2012.01.11 14:21:07 | 000,011,768 | ---- | M] () -- C:\Users\Simon\Documents\20120112Leistungsübersicht_Studium_Simon_Borgmann.pdf [2012.01.11 14:21:00 | 000,182,263 | ---- | M] () -- C:\Users\Simon\Documents\Abiturzeugnis_Simon_Borgmann.pdf [2012.01.09 00:08:26 | 001,735,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.01.08 14:58:46 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 10.lnk [2012.01.06 11:52:31 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012.01.03 17:39:37 | 000,473,666 | ---- | M] () -- C:\Users\Simon\Desktop\821454.pdf [2012.01.02 23:18:01 | 000,007,876 | ---- | M] () -- C:\Users\Simon\.recently-used.xbel [2012.01.02 21:32:29 | 006,977,002 | ---- | M] () -- C:\Users\Simon\Desktop\CUG_EOS450D_DE_Flat.pdf ========== Files Created - No Company Name ========== [2012.01.18 18:30:30 | 081,313,744 | ---- | C] () -- C:\Users\Simon\Desktop\avira_antivirus_premium_de.exe [2012.01.18 17:46:58 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.01.18 17:46:58 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.01.18 17:46:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.01.18 17:46:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.01.18 17:46:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.01.18 17:20:56 | 3219,578,880 | -HS- | C] () -- C:\hiberfil.sys [2012.01.18 11:34:22 | 176,112,170 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.01.17 12:17:44 | 000,000,808 | ---- | C] () -- C:\Users\Simon\Desktop\CCleaner.lnk [2012.01.16 21:03:50 | 000,001,787 | ---- | C] () -- C:\Users\Simon\Desktop\Photomatix Pro 4.1.4 (32-bit).lnk [2012.01.15 23:17:30 | 000,000,414 | ---- | C] () -- C:\Users\Simon\Desktop\Bilder.lnk [2012.01.14 18:09:30 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Noiseware Community Edition.lnk [2012.01.12 20:33:28 | 000,056,065 | ---- | C] () -- C:\Users\Simon\Desktop\jessicas plan.pdf [2012.01.11 14:21:07 | 000,011,768 | ---- | C] () -- C:\Users\Simon\Documents\20120112Leistungsübersicht_Studium_Simon_Borgmann.pdf [2012.01.11 14:21:00 | 000,182,263 | ---- | C] () -- C:\Users\Simon\Documents\Abiturzeugnis_Simon_Borgmann.pdf [2012.01.08 15:06:46 | 000,000,878 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012.01.08 14:58:46 | 000,001,789 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 10.lnk [2012.01.08 14:58:46 | 000,001,773 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 10.lnk [2012.01.06 18:36:52 | 000,000,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012.01.06 12:12:11 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll [2012.01.03 17:39:36 | 000,473,666 | ---- | C] () -- C:\Users\Simon\Desktop\821454.pdf [2012.01.02 23:18:01 | 000,007,876 | ---- | C] () -- C:\Users\Simon\.recently-used.xbel [2012.01.02 21:32:29 | 006,977,002 | ---- | C] () -- C:\Users\Simon\Desktop\CUG_EOS450D_DE_Flat.pdf [2011.09.24 10:33:52 | 000,000,600 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\winscp.rnd [2011.09.20 07:27:59 | 000,152,232 | ---- | C] () -- C:\Windows\System32\mlfcache.dat [2011.06.28 20:40:32 | 000,000,000 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\Default.PLS [2011.05.16 15:28:29 | 000,001,356 | ---- | C] () -- C:\Users\Simon\AppData\Local\d3d9caps.dat [2011.03.11 11:54:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.03.11 11:54:40 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.03.11 11:54:14 | 000,185,856 | ---- | C] () -- C:\Windows\System32\drivers\netbt.sys [2011.03.10 23:56:15 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011.03.10 12:56:38 | 000,040,960 | ---- | C] () -- C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.09 13:15:14 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini [2011.03.09 11:44:38 | 000,132,531 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\nvModes.001 [2011.03.09 11:44:30 | 000,132,531 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\nvModes.dat [2011.03.09 08:47:03 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.03.08 11:41:24 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2007.12.15 06:36:25 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2007.10.25 08:15:05 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2007.10.25 08:15:04 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.10.23 03:20:15 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys [2007.10.22 12:45:45 | 001,749,760 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2007.10.22 12:45:45 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2007.10.22 12:45:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2007.10.22 12:45:45 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini [2007.09.18 08:38:30 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2007.09.18 08:33:27 | 000,015,190 | ---- | C] () -- C:\Windows\M3000Twn.ini [2007.09.18 08:16:24 | 000,000,132 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat [2007.09.12 08:36:27 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.09.12 08:35:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll [2007.09.12 08:35:31 | 000,009,824 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll [2006.12.11 05:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006.11.02 16:33:31 | 000,642,248 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 16:33:31 | 000,131,686 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 001,735,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,607,228 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,108,604 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat ========== LOP Check ========== [2011.10.04 12:56:21 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Agile Web Solutions [2012.01.06 18:37:56 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.01.06 11:54:22 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\DAEMON Tools Lite [2011.06.14 09:14:01 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\DAEMON Tools Pro [2012.01.09 00:36:45 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Dropbox [2012.01.02 23:18:01 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\gtk-2.0 [2012.01.14 11:02:15 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\HDRsoft [2011.03.11 14:04:10 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Mp3tag [2011.10.17 15:50:42 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Nokia Ovi Suite [2011.03.10 12:54:42 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\PC Suite [2011.10.03 11:29:49 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\TuneUp Software [2012.01.18 20:13:32 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.01.16 16:10:43 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Adobe [2011.10.04 12:56:21 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Agile Web Solutions [2011.11.21 09:43:11 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Apple Computer [2012.01.18 18:40:07 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Avira [2012.01.06 18:37:56 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011.06.28 20:40:35 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\CyberLink [2012.01.06 11:54:22 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\DAEMON Tools Lite [2011.06.14 09:14:01 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\DAEMON Tools Pro [2012.01.09 00:36:45 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Dropbox [2012.01.02 23:18:01 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\gtk-2.0 [2012.01.14 11:02:15 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\HDRsoft [2011.03.09 09:50:04 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Identities [2011.03.09 10:05:15 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Macromedia [2012.01.17 14:21:40 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Malwarebytes [2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Media Center Programs [2012.01.14 11:28:02 | 000,000,000 | --SD | M] -- C:\Users\Simon\AppData\Roaming\Microsoft [2011.03.09 10:06:04 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Mozilla [2011.03.11 14:04:10 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Mp3tag [2011.03.16 18:27:36 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Nero [2011.10.17 15:50:42 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Nokia Ovi Suite [2011.03.10 12:54:42 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\PC Suite [2011.10.03 11:29:49 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\TuneUp Software [2011.03.09 12:30:07 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\vlc [2011.03.09 13:26:51 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Winamp [2011.06.14 07:16:29 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2011.12.05 20:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011.12.05 20:18:12 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Users\Simon\AppData\Roaming\Dropbox\bin\Uninstall.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2007.04.17 09:30:38 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=78620BDA3EC87816E5D1FA86F920BC3A -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c2a1b5ae\atapi.sys [2007.04.17 09:30:38 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=78620BDA3EC87816E5D1FA86F920BC3A -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20518_none_dbd8b4d73d81c9d0\atapi.sys [2011.03.08 13:37:17 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2011.03.08 13:37:17 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2011.03.08 13:37:17 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys [2011.03.08 13:37:17 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2007.09.29 23:03:32 | 000,384,024 | ---- | M] (Intel Corporation) MD5=16A4671255CFB842225F0FDB6DBDB414 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys [2007.07.12 15:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_cfa1dde4\iaStor.sys [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2007.09.18 11:09:52 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll [2007.09.18 11:09:52 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll [2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe [2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: WININIT.EXE > [2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\ERDNT\cache\wininit.exe [2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys [2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > |
|
18.01.2012, 21:41
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2012, 00:17
| #35 |
| | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir So zumindest geht es voran. Das macht mich glücklich Code:
ATTFilter 00:14:52.0278 1720 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
00:14:52.0496 1720 ============================================================
00:14:52.0496 1720 Current date / time: 2012/01/19 00:14:52.0496
00:14:52.0496 1720 SystemInfo:
00:14:52.0496 1720
00:14:52.0496 1720 OS Version: 6.0.6002 ServicePack: 2.0
00:14:52.0496 1720 Product type: Workstation
00:14:52.0496 1720 ComputerName: SIMON-LAPTOP
00:14:52.0496 1720 UserName: Simon
00:14:52.0496 1720 Windows directory: C:\Windows
00:14:52.0496 1720 System windows directory: C:\Windows
00:14:52.0496 1720 Processor architecture: Intel x86
00:14:52.0496 1720 Number of processors: 2
00:14:52.0496 1720 Page size: 0x1000
00:14:52.0496 1720 Boot type: Normal boot
00:14:52.0496 1720 ============================================================
00:14:53.0167 1720 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:14:53.0308 1720 Initialize success
00:15:00.0858 2456 ============================================================
00:15:00.0858 2456 Scan started
00:15:00.0858 2456 Mode: Manual; SigCheck; TDLFS;
00:15:00.0858 2456 ============================================================
00:15:01.0560 2456 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:15:01.0669 2456 ACPI - ok
00:15:01.0825 2456 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
00:15:01.0856 2456 adp94xx - ok
00:15:01.0934 2456 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
00:15:01.0950 2456 adpahci - ok
00:15:02.0246 2456 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
00:15:02.0262 2456 adpu160m - ok
00:15:02.0418 2456 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
00:15:02.0434 2456 adpu320 - ok
00:15:02.0558 2456 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:15:02.0636 2456 AFD - ok
00:15:02.0792 2456 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
00:15:02.0902 2456 AgereSoftModem - ok
00:15:03.0026 2456 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:15:03.0042 2456 aic78xx - ok
00:15:03.0182 2456 aliide (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys
00:15:03.0198 2456 aliide - ok
00:15:03.0214 2456 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
00:15:03.0229 2456 amdagp - ok
00:15:03.0354 2456 amdide (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys
00:15:03.0370 2456 amdide - ok
00:15:03.0416 2456 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
00:15:03.0697 2456 AmdK7 - ok
00:15:03.0884 2456 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
00:15:04.0009 2456 AmdK8 - ok
00:15:04.0306 2456 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
00:15:04.0321 2456 arc - ok
00:15:04.0399 2456 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
00:15:04.0415 2456 arcsas - ok
00:15:04.0586 2456 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:15:04.0633 2456 AsyncMac - ok
00:15:04.0696 2456 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:15:04.0696 2456 atapi - ok
00:15:04.0758 2456 ATSWPDRV (69e65a2ce11619f0c868967ca9540b80) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
00:15:04.0805 2456 ATSWPDRV - ok
00:15:04.0883 2456 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
00:15:04.0898 2456 avgntflt - ok
00:15:05.0023 2456 avipbb (475fbb85956534720858ae72010c0a43) C:\Windows\system32\DRIVERS\avipbb.sys
00:15:05.0054 2456 avipbb - ok
00:15:05.0101 2456 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
00:15:05.0117 2456 avkmgr - ok
00:15:05.0164 2456 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:15:05.0210 2456 Beep - ok
00:15:05.0273 2456 blbdrive - ok
00:15:05.0335 2456 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:15:05.0398 2456 bowser - ok
00:15:05.0476 2456 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:15:05.0538 2456 BrFiltLo - ok
00:15:05.0585 2456 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:15:05.0647 2456 BrFiltUp - ok
00:15:05.0710 2456 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:15:05.0788 2456 Brserid - ok
00:15:05.0819 2456 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:15:05.0912 2456 BrSerWdm - ok
00:15:06.0209 2456 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:15:06.0302 2456 BrUsbMdm - ok
00:15:06.0412 2456 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:15:06.0490 2456 BrUsbSer - ok
00:15:06.0536 2456 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
00:15:06.0614 2456 BTHMODEM - ok
00:15:06.0739 2456 Cam5607 (48f64a84054771b2fef55606adf57557) C:\Windows\system32\Drivers\BisonC07.sys
00:15:06.0770 2456 Cam5607 - ok
00:15:06.0817 2456 catchme - ok
00:15:06.0958 2456 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:15:07.0020 2456 cdfs - ok
00:15:07.0067 2456 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:15:07.0129 2456 cdrom - ok
00:15:07.0223 2456 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
00:15:07.0316 2456 circlass - ok
00:15:07.0363 2456 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:15:07.0394 2456 CLFS - ok
00:15:07.0441 2456 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
00:15:07.0535 2456 CmBatt - ok
00:15:07.0972 2456 cmdide (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys
00:15:07.0972 2456 cmdide - ok
00:15:08.0159 2456 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
00:15:08.0174 2456 Compbatt - ok
00:15:08.0221 2456 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
00:15:08.0237 2456 crcdisk - ok
00:15:08.0330 2456 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
00:15:08.0408 2456 Crusoe - ok
00:15:08.0502 2456 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:15:08.0533 2456 DfsC - ok
00:15:08.0596 2456 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:15:08.0611 2456 disk - ok
00:15:08.0674 2456 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:15:08.0736 2456 drmkaud - ok
00:15:09.0157 2456 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
00:15:09.0173 2456 dtsoftbus01 - ok
00:15:09.0282 2456 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:15:09.0360 2456 DXGKrnl - ok
00:15:09.0500 2456 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:15:09.0563 2456 E1G60 - ok
00:15:09.0656 2456 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:15:09.0672 2456 Ecache - ok
00:15:09.0781 2456 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
00:15:09.0797 2456 elxstor - ok
00:15:09.0859 2456 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:15:09.0922 2456 exfat - ok
00:15:09.0968 2456 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:15:10.0046 2456 fastfat - ok
00:15:10.0093 2456 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
00:15:10.0156 2456 fdc - ok
00:15:10.0187 2456 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
00:15:10.0265 2456 FETNDIS - ok
00:15:10.0312 2456 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:15:10.0327 2456 FileInfo - ok
00:15:10.0374 2456 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:15:10.0421 2456 Filetrace - ok
00:15:10.0452 2456 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
00:15:10.0514 2456 flpydisk - ok
00:15:10.0561 2456 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:15:10.0577 2456 FltMgr - ok
00:15:10.0608 2456 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
00:15:10.0655 2456 Fs_Rec - ok
00:15:10.0686 2456 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
00:15:10.0702 2456 gagp30kx - ok
00:15:10.0733 2456 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:15:10.0748 2456 GEARAspiWDM - ok
00:15:10.0858 2456 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
00:15:10.0920 2456 HdAudAddService - ok
00:15:10.0982 2456 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:15:11.0029 2456 HDAudBus - ok
00:15:11.0060 2456 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:15:11.0138 2456 HidBth - ok
00:15:11.0170 2456 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
00:15:11.0232 2456 HidIr - ok
00:15:11.0279 2456 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:15:11.0310 2456 HidUsb - ok
00:15:11.0357 2456 Hotkey (8b566ea71d5b76157a9cdb78f25a5731) C:\Windows\system32\drivers\Hotkey.sys
00:15:11.0372 2456 Hotkey ( UnsignedFile.Multi.Generic ) - warning
00:15:11.0372 2456 Hotkey - detected UnsignedFile.Multi.Generic (1)
00:15:11.0404 2456 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
00:15:11.0419 2456 HpCISSs - ok
00:15:11.0466 2456 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:15:11.0575 2456 HTTP - ok
00:15:11.0622 2456 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
00:15:11.0622 2456 i2omp - ok
00:15:11.0669 2456 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:15:11.0700 2456 i8042prt - ok
00:15:11.0747 2456 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
00:15:11.0762 2456 iaStor - ok
00:15:11.0809 2456 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
00:15:11.0825 2456 iaStorV - ok
00:15:11.0856 2456 igfx - ok
00:15:11.0887 2456 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:15:11.0903 2456 iirsp - ok
00:15:12.0012 2456 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys
00:15:12.0106 2456 IntcAzAudAddService - ok
00:15:12.0137 2456 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
00:15:12.0152 2456 intelide - ok
00:15:12.0184 2456 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
00:15:12.0246 2456 intelppm - ok
00:15:12.0293 2456 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:15:12.0340 2456 IpFilterDriver - ok
00:15:12.0355 2456 IpInIp - ok
00:15:12.0402 2456 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
00:15:12.0464 2456 IPMIDRV - ok
00:15:12.0527 2456 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:15:12.0558 2456 IPNAT - ok
00:15:12.0620 2456 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:15:12.0667 2456 IRENUM - ok
00:15:12.0698 2456 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
00:15:12.0714 2456 isapnp - ok
00:15:12.0761 2456 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:15:12.0776 2456 iScsiPrt - ok
00:15:12.0808 2456 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:15:12.0823 2456 iteatapi - ok
00:15:12.0854 2456 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:15:12.0870 2456 iteraid - ok
00:15:12.0901 2456 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:15:12.0917 2456 kbdclass - ok
00:15:12.0948 2456 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
00:15:13.0010 2456 kbdhid - ok
00:15:13.0073 2456 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
00:15:13.0120 2456 KSecDD - ok
00:15:13.0213 2456 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:15:13.0244 2456 lltdio - ok
00:15:13.0307 2456 LMIInfo - ok
00:15:13.0338 2456 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
00:15:13.0338 2456 lmimirr - ok
00:15:13.0354 2456 LMIRfsClientNP - ok
00:15:13.0400 2456 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
00:15:13.0400 2456 LMIRfsDriver - ok
00:15:13.0447 2456 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
00:15:13.0463 2456 LSI_FC - ok
00:15:13.0494 2456 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
00:15:13.0510 2456 LSI_SAS - ok
00:15:13.0541 2456 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
00:15:13.0556 2456 LSI_SCSI - ok
00:15:13.0588 2456 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:15:13.0634 2456 luafv - ok
00:15:13.0650 2456 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
00:15:13.0666 2456 MBAMProtector - ok
00:15:13.0712 2456 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
00:15:13.0728 2456 megasas - ok
00:15:13.0775 2456 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:15:13.0822 2456 Modem - ok
00:15:13.0853 2456 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:15:13.0884 2456 monitor - ok
00:15:13.0931 2456 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:15:13.0946 2456 mouclass - ok
00:15:13.0962 2456 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:15:14.0009 2456 mouhid - ok
00:15:14.0056 2456 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:15:14.0056 2456 MountMgr - ok
00:15:14.0102 2456 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
00:15:14.0118 2456 mpio - ok
00:15:14.0149 2456 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:15:14.0196 2456 mpsdrv - ok
00:15:14.0258 2456 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:15:14.0274 2456 Mraid35x - ok
00:15:14.0305 2456 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:15:14.0352 2456 MRxDAV - ok
00:15:14.0399 2456 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:15:14.0461 2456 mrxsmb - ok
00:15:14.0524 2456 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:15:14.0539 2456 mrxsmb10 - ok
00:15:14.0555 2456 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:15:14.0586 2456 mrxsmb20 - ok
00:15:14.0633 2456 msahci (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys
00:15:14.0648 2456 msahci - ok
00:15:14.0695 2456 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
00:15:14.0711 2456 msdsm - ok
00:15:14.0773 2456 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:15:14.0820 2456 Msfs - ok
00:15:14.0851 2456 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:15:14.0867 2456 msisadrv - ok
00:15:14.0914 2456 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:15:14.0976 2456 MSKSSRV - ok
00:15:15.0007 2456 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:15:15.0054 2456 MSPCLOCK - ok
00:15:15.0085 2456 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:15:15.0132 2456 MSPQM - ok
00:15:15.0179 2456 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:15:15.0194 2456 MsRPC - ok
00:15:15.0241 2456 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:15:15.0257 2456 mssmbios - ok
00:15:15.0288 2456 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:15:15.0335 2456 MSTEE - ok
00:15:15.0366 2456 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:15:15.0382 2456 Mup - ok
00:15:15.0428 2456 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:15:15.0444 2456 NativeWifiP - ok
00:15:15.0506 2456 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:15:15.0538 2456 NDIS - ok
00:15:15.0569 2456 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:15:15.0616 2456 NdisTapi - ok
00:15:15.0647 2456 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:15:15.0678 2456 Ndisuio - ok
00:15:15.0709 2456 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:15:15.0740 2456 NdisWan - ok
00:15:15.0772 2456 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:15:15.0818 2456 NDProxy - ok
00:15:15.0850 2456 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:15:15.0896 2456 NetBIOS - ok
00:15:15.0943 2456 netbt (156ea40d36e6fb8192aea23d00753400) C:\Windows\system32\DRIVERS\netbt.sys
00:15:15.0943 2456 netbt ( Virus.Win32.ZAccess.k ) - infected
00:15:15.0943 2456 netbt - detected Virus.Win32.ZAccess.k (0)
00:15:16.0006 2456 netr28 (b05ffe38336193a9b988b00b230c5b80) C:\Windows\system32\DRIVERS\netr28.sys
00:15:16.0052 2456 netr28 - ok
00:15:16.0146 2456 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
00:15:16.0302 2456 NETw3v32 - ok
00:15:16.0411 2456 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
00:15:16.0583 2456 NETw4v32 - ok
00:15:16.0630 2456 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:15:16.0645 2456 nfrd960 - ok
00:15:16.0708 2456 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:15:16.0723 2456 Npfs - ok
00:15:16.0786 2456 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:15:16.0832 2456 nsiproxy - ok
00:15:16.0910 2456 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:15:17.0004 2456 Ntfs - ok
00:15:17.0051 2456 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:15:17.0113 2456 ntrigdigi - ok
00:15:17.0144 2456 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:15:17.0176 2456 Null - ok
00:15:17.0441 2456 nvlddmkm (e2e55c958e46346a419ec341189bd8e3) C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:15:17.0956 2456 nvlddmkm - ok
00:15:17.0987 2456 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
00:15:18.0002 2456 nvraid - ok
00:15:18.0034 2456 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
00:15:18.0034 2456 nvstor - ok
00:15:18.0065 2456 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
00:15:18.0080 2456 nv_agp - ok
00:15:18.0096 2456 NwlnkFlt - ok
00:15:18.0127 2456 NwlnkFwd - ok
00:15:18.0158 2456 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
00:15:18.0221 2456 ohci1394 - ok
00:15:18.0283 2456 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys
00:15:18.0361 2456 Parport - ok
00:15:18.0408 2456 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:15:18.0424 2456 partmgr - ok
00:15:18.0439 2456 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys
00:15:18.0502 2456 Parvdm - ok
00:15:18.0533 2456 pccsmcfd - ok
00:15:18.0595 2456 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:15:18.0611 2456 pci - ok
00:15:18.0673 2456 pciide (304048c2565a803d091cca1ac945f593) C:\Windows\system32\drivers\pciide.sys
00:15:18.0689 2456 pciide - ok
00:15:18.0720 2456 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:15:18.0736 2456 pcmcia - ok
00:15:18.0782 2456 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:15:18.0907 2456 PEAUTH - ok
00:15:19.0001 2456 PhilCap (f433b5aa6dbac3c8626eefaf134e4763) C:\Windows\system32\DRIVERS\PhilCap.sys
00:15:19.0048 2456 PhilCap - ok
00:15:19.0110 2456 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:15:19.0157 2456 PptpMiniport - ok
00:15:19.0188 2456 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
00:15:19.0266 2456 Processor - ok
00:15:19.0313 2456 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:15:19.0344 2456 PSched - ok
00:15:19.0406 2456 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
00:15:19.0422 2456 PxHelp20 - ok
00:15:19.0484 2456 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
00:15:19.0531 2456 ql2300 - ok
00:15:19.0578 2456 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:15:19.0594 2456 ql40xx - ok
00:15:19.0625 2456 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:15:19.0672 2456 QWAVEdrv - ok
00:15:19.0796 2456 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
00:15:19.0921 2456 R300 - ok
00:15:19.0968 2456 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:15:20.0015 2456 RasAcd - ok
00:15:20.0077 2456 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:15:20.0124 2456 Rasl2tp - ok
00:15:20.0171 2456 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:15:20.0202 2456 RasPppoe - ok
00:15:20.0233 2456 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:15:20.0264 2456 RasSstp - ok
00:15:20.0311 2456 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:15:20.0358 2456 rdbss - ok
00:15:20.0389 2456 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:15:20.0436 2456 RDPCDD - ok
00:15:20.0483 2456 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
00:15:20.0545 2456 rdpdr - ok
00:15:20.0561 2456 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:15:20.0608 2456 RDPENCDD - ok
00:15:20.0670 2456 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
00:15:20.0717 2456 RDPWD - ok
00:15:20.0795 2456 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:15:20.0826 2456 rspndr - ok
00:15:20.0888 2456 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
00:15:20.0904 2456 RTL8169 - ok
00:15:20.0951 2456 RTSTOR (557d431125aa3d58f2d132fda1eb8255) C:\Windows\system32\drivers\RTSTOR.SYS
00:15:20.0998 2456 RTSTOR - ok
00:15:21.0044 2456 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:15:21.0060 2456 sbp2port - ok
00:15:21.0122 2456 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:15:21.0185 2456 secdrv - ok
00:15:21.0216 2456 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
00:15:21.0294 2456 Serenum - ok
00:15:21.0310 2456 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
00:15:21.0388 2456 Serial - ok
00:15:21.0419 2456 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:15:21.0466 2456 sermouse - ok
00:15:21.0528 2456 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
00:15:21.0590 2456 sffdisk - ok
00:15:21.0606 2456 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
00:15:21.0684 2456 sffp_mmc - ok
00:15:21.0700 2456 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
00:15:21.0762 2456 sffp_sd - ok
00:15:21.0809 2456 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
00:15:21.0871 2456 sfloppy - ok
00:15:21.0934 2456 Si3531 (93beacc3815a4653a655c8bd7622ff63) C:\Windows\system32\DRIVERS\Si3531.sys
00:15:21.0949 2456 Si3531 - ok
00:15:21.0965 2456 SiFilter (165448bc832d424b97270c8d1276e24a) C:\Windows\system32\DRIVERS\SiWinAcc.sys
00:15:21.0980 2456 SiFilter - ok
00:15:21.0996 2456 SiRemFil (9be8ea3a8c7e6d47e710f6fa14b7442b) C:\Windows\system32\DRIVERS\SiRemFil.sys
00:15:22.0012 2456 SiRemFil - ok
00:15:22.0027 2456 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
00:15:22.0043 2456 SiSRaid2 - ok
00:15:22.0074 2456 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
00:15:22.0090 2456 SiSRaid4 - ok
00:15:22.0136 2456 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:15:22.0183 2456 Smb - ok
00:15:22.0277 2456 SNP2UVC (279c771ed7d5d6132d7fe08efc781fa4) C:\Windows\system32\DRIVERS\snp2uvc.sys
00:15:22.0433 2456 SNP2UVC - ok
00:15:22.0464 2456 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:15:22.0480 2456 spldr - ok
00:15:22.0526 2456 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:15:22.0558 2456 srv - ok
00:15:22.0620 2456 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:15:22.0651 2456 srv2 - ok
00:15:22.0698 2456 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:15:22.0714 2456 srvnet - ok
00:15:22.0776 2456 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
00:15:22.0792 2456 ssmdrv - ok
00:15:22.0854 2456 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:15:22.0854 2456 swenum - ok
00:15:22.0901 2456 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:15:22.0916 2456 Symc8xx - ok
00:15:22.0932 2456 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:15:22.0963 2456 Sym_hi - ok
00:15:22.0979 2456 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:15:22.0994 2456 Sym_u3 - ok
00:15:23.0041 2456 SynTP (4c6de67ebb6c487f7690a373fcfde279) C:\Windows\system32\DRIVERS\SynTP.sys
00:15:23.0057 2456 SynTP - ok
00:15:23.0150 2456 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
00:15:23.0182 2456 Tcpip - ok
00:15:23.0244 2456 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
00:15:23.0291 2456 Tcpip6 - ok
00:15:23.0338 2456 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
00:15:23.0384 2456 tcpipreg - ok
00:15:23.0431 2456 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:15:23.0478 2456 TDPIPE - ok
00:15:23.0509 2456 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:15:23.0556 2456 TDTCP - ok
00:15:23.0587 2456 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:15:23.0634 2456 tdx - ok
00:15:23.0665 2456 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:15:23.0681 2456 TermDD - ok
00:15:23.0743 2456 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:15:23.0790 2456 tssecsrv - ok
00:15:23.0868 2456 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
00:15:23.0915 2456 TuneUpUtilitiesDrv - ok
00:15:23.0962 2456 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:15:24.0008 2456 tunmp - ok
00:15:24.0024 2456 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:15:24.0055 2456 tunnel - ok
00:15:24.0102 2456 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
00:15:24.0118 2456 uagp35 - ok
00:15:24.0149 2456 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:15:24.0196 2456 udfs - ok
00:15:24.0227 2456 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
00:15:24.0242 2456 uliagpkx - ok
00:15:24.0289 2456 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
00:15:24.0305 2456 uliahci - ok
00:15:24.0383 2456 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:15:24.0398 2456 UlSata - ok
00:15:24.0445 2456 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:15:24.0461 2456 ulsata2 - ok
00:15:24.0492 2456 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:15:24.0523 2456 umbus - ok
00:15:24.0570 2456 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
00:15:24.0601 2456 USBAAPL - ok
00:15:24.0664 2456 usbccgp (03b01e8dbd2da2b49157b7e51912aaf2) C:\Windows\system32\DRIVERS\usbccgp.sys
00:15:24.0710 2456 usbccgp - ok
00:15:24.0757 2456 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:15:24.0820 2456 usbcir - ok
00:15:24.0866 2456 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:15:24.0898 2456 usbehci - ok
00:15:24.0944 2456 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:15:24.0991 2456 usbhub - ok
00:15:25.0022 2456 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
00:15:25.0069 2456 usbohci - ok
00:15:25.0100 2456 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
00:15:25.0163 2456 usbprint - ok
00:15:25.0210 2456 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
00:15:25.0241 2456 usbser - ok
00:15:25.0272 2456 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:15:25.0288 2456 USBSTOR - ok
00:15:25.0334 2456 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
00:15:25.0350 2456 usbuhci - ok
00:15:25.0397 2456 usbvideo (8cffeb4af074fd3e24bad6381cc33361) C:\Windows\system32\Drivers\usbvideo.sys
00:15:25.0459 2456 usbvideo - ok
00:15:25.0459 2456 uxddrv - ok
00:15:25.0537 2456 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
00:15:25.0600 2456 vga - ok
00:15:25.0631 2456 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:15:25.0678 2456 VgaSave - ok
00:15:25.0709 2456 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
00:15:25.0709 2456 viaagp - ok
00:15:25.0756 2456 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
00:15:25.0818 2456 ViaC7 - ok
00:15:25.0849 2456 viaide (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys
00:15:25.0865 2456 viaide - ok
00:15:25.0896 2456 vncmirror (3b8f222b23917c041e4da29ccc57e7d0) C:\Windows\system32\DRIVERS\vncmirror.sys
00:15:25.0958 2456 vncmirror - ok
00:15:25.0990 2456 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:15:26.0005 2456 volmgr - ok
00:15:26.0068 2456 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:15:26.0083 2456 volmgrx - ok
00:15:26.0130 2456 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:15:26.0146 2456 volsnap - ok
00:15:26.0192 2456 vpnva (1b7c80c66742dafaa31f98af4c3a5bc2) C:\Windows\system32\DRIVERS\vpnva.sys
00:15:26.0208 2456 vpnva - ok
00:15:26.0255 2456 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
00:15:26.0270 2456 vsmraid - ok
00:15:26.0317 2456 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:15:26.0380 2456 WacomPen - ok
00:15:26.0426 2456 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:15:26.0458 2456 Wanarp - ok
00:15:26.0458 2456 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:15:26.0489 2456 Wanarpv6 - ok
00:15:26.0520 2456 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
00:15:26.0536 2456 Wd - ok
00:15:26.0598 2456 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
00:15:26.0614 2456 Wdf01000 - ok
00:15:26.0738 2456 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
00:15:26.0754 2456 WmiAcpi - ok
00:15:26.0832 2456 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:15:26.0879 2456 WpdUsb - ok
00:15:26.0926 2456 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:15:26.0957 2456 ws2ifsl - ok
00:15:27.0004 2456 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:15:27.0066 2456 WUDFRd - ok
00:15:27.0082 2456 XUIF - ok
00:15:27.0113 2456 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
00:15:27.0206 2456 \Device\Harddisk0\DR0 - ok
00:15:27.0222 2456 Boot (0x1200) (80de89a911e4aa1ab234ee6c546ddaef) \Device\Harddisk0\DR0\Partition0
00:15:27.0222 2456 \Device\Harddisk0\DR0\Partition0 - ok
00:15:27.0238 2456 Boot (0x1200) (926de62e4e5056316edbdf9774b986ea) \Device\Harddisk0\DR0\Partition1
00:15:27.0238 2456 \Device\Harddisk0\DR0\Partition1 - ok
00:15:27.0238 2456 ============================================================
00:15:27.0238 2456 Scan finished
00:15:27.0238 2456 ============================================================
00:15:27.0253 3992 Detected object count: 2
00:15:27.0253 3992 Actual detected object count: 2
00:15:36.0551 3992 Hotkey ( UnsignedFile.Multi.Generic ) - skipped by user
00:15:36.0551 3992 Hotkey ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:15:36.0551 3992 netbt ( Virus.Win32.ZAccess.k ) - skipped by user
00:15:36.0551 3992 netbt ( Virus.Win32.ZAccess.k ) - User select action: Skip
|
|
19.01.2012, 09:19
| #36 |
| | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Kann ich diese Dateien bearbeiten bzw zumindest die eine Datei löschen? Oder was lässt sich aus dem Log lesen? |
|
19.01.2012, 10:56
| #37 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVirZitat:
Versuch mal diesen Eintrag (und nur diesen!) mit dem TDSS-Killer zu löschen. Starte Windows danach neu und mach ein neues Log mit dem TDSS-Killer.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2012, 11:48
| #38 |
| | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVirCode:
ATTFilter 11:44:14.0316 3764 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
11:44:14.0363 3764 ============================================================
11:44:14.0363 3764 Current date / time: 2012/01/19 11:44:14.0363
11:44:14.0363 3764 SystemInfo:
11:44:14.0363 3764
11:44:14.0363 3764 OS Version: 6.0.6002 ServicePack: 2.0
11:44:14.0363 3764 Product type: Workstation
11:44:14.0363 3764 ComputerName: SIMON-LAPTOP
11:44:14.0363 3764 UserName: Simon
11:44:14.0363 3764 Windows directory: C:\Windows
11:44:14.0363 3764 System windows directory: C:\Windows
11:44:14.0363 3764 Processor architecture: Intel x86
11:44:14.0363 3764 Number of processors: 2
11:44:14.0363 3764 Page size: 0x1000
11:44:14.0363 3764 Boot type: Normal boot
11:44:14.0363 3764 ============================================================
11:44:18.0684 3764 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:44:18.0887 3764 Initialize success
11:44:28.0341 3860 ============================================================
11:44:28.0341 3860 Scan started
11:44:28.0341 3860 Mode: Manual; SigCheck; TDLFS;
11:44:28.0341 3860 ============================================================
11:44:29.0667 3860 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:44:29.0947 3860 ACPI - ok
11:44:30.0103 3860 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:44:30.0135 3860 adp94xx - ok
11:44:30.0259 3860 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:44:30.0275 3860 adpahci - ok
11:44:30.0431 3860 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:44:30.0447 3860 adpu160m - ok
11:44:30.0634 3860 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:44:30.0774 3860 adpu320 - ok
11:44:30.0899 3860 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:44:45.0703 3860 AFD - ok
11:44:45.0875 3860 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
11:44:46.0125 3860 AgereSoftModem - ok
11:44:46.0437 3860 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:44:46.0468 3860 aic78xx - ok
11:44:46.0608 3860 aliide (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys
11:44:46.0624 3860 aliide - ok
11:44:46.0733 3860 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:44:46.0764 3860 amdagp - ok
11:44:47.0482 3860 amdide (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys
11:44:47.0497 3860 amdide - ok
11:44:47.0716 3860 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:44:47.0950 3860 AmdK7 - ok
11:44:48.0324 3860 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
11:44:48.0418 3860 AmdK8 - ok
11:44:48.0621 3860 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:44:48.0667 3860 arc - ok
11:44:48.0886 3860 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:44:48.0901 3860 arcsas - ok
11:44:49.0089 3860 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:44:49.0291 3860 AsyncMac - ok
11:44:49.0432 3860 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:44:49.0447 3860 atapi - ok
11:44:49.0650 3860 ATSWPDRV (69e65a2ce11619f0c868967ca9540b80) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
11:44:49.0759 3860 ATSWPDRV - ok
11:44:49.0915 3860 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
11:44:49.0947 3860 avgntflt - ok
11:44:50.0118 3860 avipbb (475fbb85956534720858ae72010c0a43) C:\Windows\system32\DRIVERS\avipbb.sys
11:44:50.0149 3860 avipbb - ok
11:44:50.0274 3860 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
11:44:50.0290 3860 avkmgr - ok
11:44:50.0337 3860 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:44:50.0399 3860 Beep - ok
11:44:50.0555 3860 blbdrive - ok
11:44:50.0695 3860 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:44:50.0758 3860 bowser - ok
11:44:50.0820 3860 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:44:51.0039 3860 BrFiltLo - ok
11:44:51.0226 3860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:44:51.0288 3860 BrFiltUp - ok
11:44:51.0366 3860 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:44:51.0460 3860 Brserid - ok
11:44:51.0491 3860 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:44:51.0631 3860 BrSerWdm - ok
11:44:51.0741 3860 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:44:51.0803 3860 BrUsbMdm - ok
11:44:51.0912 3860 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:44:51.0990 3860 BrUsbSer - ok
11:44:52.0131 3860 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:44:52.0224 3860 BTHMODEM - ok
11:44:52.0474 3860 Cam5607 (48f64a84054771b2fef55606adf57557) C:\Windows\system32\Drivers\BisonC07.sys
11:44:52.0552 3860 Cam5607 - ok
11:44:52.0755 3860 catchme - ok
11:44:52.0911 3860 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:44:53.0020 3860 cdfs - ok
11:44:53.0363 3860 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:44:53.0441 3860 cdrom - ok
11:44:53.0659 3860 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
11:44:53.0737 3860 circlass - ok
11:44:53.0925 3860 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:44:53.0956 3860 CLFS - ok
11:44:54.0081 3860 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:44:54.0237 3860 CmBatt - ok
11:44:54.0268 3860 cmdide (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys
11:44:54.0299 3860 cmdide - ok
11:44:54.0330 3860 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:44:54.0361 3860 Compbatt - ok
11:44:54.0408 3860 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:44:54.0439 3860 crcdisk - ok
11:44:54.0455 3860 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:44:54.0533 3860 Crusoe - ok
11:44:54.0658 3860 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:44:54.0736 3860 DfsC - ok
11:44:54.0783 3860 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:44:54.0814 3860 disk - ok
11:44:54.0939 3860 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:44:55.0173 3860 drmkaud - ok
11:44:55.0297 3860 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:44:55.0329 3860 dtsoftbus01 - ok
11:44:55.0438 3860 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:44:55.0485 3860 DXGKrnl - ok
11:44:55.0750 3860 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:44:55.0921 3860 E1G60 - ok
11:44:56.0031 3860 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:44:56.0062 3860 Ecache - ok
11:44:56.0233 3860 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:44:56.0265 3860 elxstor - ok
11:44:56.0530 3860 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:44:56.0623 3860 exfat - ok
11:44:56.0826 3860 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:44:56.0920 3860 fastfat - ok
11:44:57.0216 3860 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:44:57.0310 3860 fdc - ok
11:44:57.0497 3860 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
11:44:57.0762 3860 FETNDIS - ok
11:44:57.0934 3860 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:44:57.0965 3860 FileInfo - ok
11:44:58.0074 3860 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:44:58.0137 3860 Filetrace - ok
11:44:58.0199 3860 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:44:58.0308 3860 flpydisk - ok
11:44:58.0402 3860 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:44:58.0433 3860 FltMgr - ok
11:44:58.0511 3860 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:44:58.0573 3860 Fs_Rec - ok
11:44:58.0745 3860 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:44:58.0854 3860 gagp30kx - ok
11:44:58.0979 3860 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:44:59.0026 3860 GEARAspiWDM - ok
11:44:59.0119 3860 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:44:59.0197 3860 HdAudAddService - ok
11:44:59.0291 3860 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:44:59.0416 3860 HDAudBus - ok
11:44:59.0463 3860 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:44:59.0525 3860 HidBth - ok
11:44:59.0603 3860 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:44:59.0697 3860 HidIr - ok
11:44:59.0759 3860 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:44:59.0806 3860 HidUsb - ok
11:44:59.0837 3860 Hotkey (8b566ea71d5b76157a9cdb78f25a5731) C:\Windows\system32\drivers\Hotkey.sys
11:44:59.0868 3860 Hotkey ( UnsignedFile.Multi.Generic ) - warning
11:44:59.0868 3860 Hotkey - detected UnsignedFile.Multi.Generic (1)
11:44:59.0931 3860 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:44:59.0962 3860 HpCISSs - ok
11:45:00.0009 3860 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:45:00.0087 3860 HTTP - ok
11:45:00.0118 3860 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:45:00.0149 3860 i2omp - ok
11:45:00.0196 3860 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:45:00.0243 3860 i8042prt - ok
11:45:00.0336 3860 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
11:45:00.0352 3860 iaStor - ok
11:45:00.0399 3860 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:45:00.0461 3860 iaStorV - ok
11:45:00.0508 3860 igfx - ok
11:45:00.0539 3860 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:45:00.0555 3860 iirsp - ok
11:45:00.0679 3860 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys
11:45:00.0851 3860 IntcAzAudAddService - ok
11:45:00.0945 3860 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:45:00.0960 3860 intelide - ok
11:45:01.0007 3860 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:45:01.0069 3860 intelppm - ok
11:45:01.0210 3860 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:45:01.0257 3860 IpFilterDriver - ok
11:45:01.0335 3860 IpInIp - ok
11:45:01.0444 3860 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:45:01.0553 3860 IPMIDRV - ok
11:45:01.0647 3860 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:45:01.0771 3860 IPNAT - ok
11:45:01.0834 3860 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:45:01.0881 3860 IRENUM - ok
11:45:01.0927 3860 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:45:01.0943 3860 isapnp - ok
11:45:01.0990 3860 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:45:02.0005 3860 iScsiPrt - ok
11:45:02.0099 3860 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:45:02.0115 3860 iteatapi - ok
11:45:02.0177 3860 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:45:02.0193 3860 iteraid - ok
11:45:02.0224 3860 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:45:02.0239 3860 kbdclass - ok
11:45:02.0302 3860 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
11:45:02.0427 3860 kbdhid - ok
11:45:02.0489 3860 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
11:45:02.0567 3860 KSecDD - ok
11:45:02.0661 3860 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:45:02.0785 3860 lltdio - ok
11:45:02.0895 3860 LMIInfo - ok
11:45:02.0973 3860 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
11:45:03.0019 3860 lmimirr - ok
11:45:03.0082 3860 LMIRfsClientNP - ok
11:45:03.0129 3860 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
11:45:03.0144 3860 LMIRfsDriver - ok
11:45:03.0238 3860 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:45:03.0331 3860 LSI_FC - ok
11:45:03.0394 3860 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:45:03.0409 3860 LSI_SAS - ok
11:45:03.0456 3860 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:45:03.0487 3860 LSI_SCSI - ok
11:45:03.0519 3860 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:45:03.0565 3860 luafv - ok
11:45:03.0675 3860 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
11:45:03.0690 3860 MBAMProtector - ok
11:45:03.0737 3860 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:45:03.0815 3860 megasas - ok
11:45:03.0862 3860 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:45:03.0909 3860 Modem - ok
11:45:03.0955 3860 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:45:04.0033 3860 monitor - ok
11:45:04.0096 3860 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:45:04.0111 3860 mouclass - ok
11:45:04.0127 3860 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:45:04.0205 3860 mouhid - ok
11:45:04.0267 3860 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:45:04.0314 3860 MountMgr - ok
11:45:04.0392 3860 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:45:04.0392 3860 mpio - ok
11:45:04.0470 3860 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:45:04.0548 3860 mpsdrv - ok
11:45:04.0642 3860 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:45:04.0720 3860 Mraid35x - ok
11:45:04.0782 3860 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:45:04.0845 3860 MRxDAV - ok
11:45:04.0891 3860 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:45:04.0985 3860 mrxsmb - ok
11:45:05.0047 3860 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:45:05.0141 3860 mrxsmb10 - ok
11:45:05.0188 3860 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:45:05.0219 3860 mrxsmb20 - ok
11:45:05.0297 3860 msahci (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys
11:45:05.0313 3860 msahci - ok
11:45:05.0422 3860 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:45:05.0437 3860 msdsm - ok
11:45:05.0531 3860 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:45:05.0562 3860 Msfs - ok
11:45:05.0593 3860 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:45:05.0625 3860 msisadrv - ok
11:45:05.0703 3860 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:45:05.0827 3860 MSKSSRV - ok
11:45:05.0890 3860 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:45:05.0937 3860 MSPCLOCK - ok
11:45:05.0968 3860 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:45:06.0015 3860 MSPQM - ok
11:45:06.0124 3860 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:45:06.0139 3860 MsRPC - ok
11:45:06.0186 3860 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:45:06.0217 3860 mssmbios - ok
11:45:06.0264 3860 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:45:06.0311 3860 MSTEE - ok
11:45:06.0342 3860 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:45:06.0373 3860 Mup - ok
11:45:06.0451 3860 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:45:06.0498 3860 NativeWifiP - ok
11:45:06.0545 3860 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:45:06.0607 3860 NDIS - ok
11:45:06.0639 3860 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:45:06.0685 3860 NdisTapi - ok
11:45:06.0717 3860 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:45:06.0763 3860 Ndisuio - ok
11:45:06.0841 3860 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:45:06.0904 3860 NdisWan - ok
11:45:06.0951 3860 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:45:06.0997 3860 NDProxy - ok
11:45:07.0091 3860 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:45:07.0169 3860 NetBIOS - ok
11:45:07.0247 3860 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:45:07.0309 3860 netbt - ok
11:45:07.0434 3860 netr28 (b05ffe38336193a9b988b00b230c5b80) C:\Windows\system32\DRIVERS\netr28.sys
11:45:07.0512 3860 netr28 - ok
11:45:07.0777 3860 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
11:45:08.0074 3860 NETw3v32 - ok
11:45:08.0292 3860 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
11:45:08.0635 3860 NETw4v32 - ok
11:45:08.0760 3860 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:45:08.0807 3860 nfrd960 - ok
11:45:08.0869 3860 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:45:08.0916 3860 Npfs - ok
11:45:08.0963 3860 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:45:09.0010 3860 nsiproxy - ok
11:45:09.0103 3860 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:45:09.0213 3860 Ntfs - ok
11:45:09.0337 3860 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:45:09.0415 3860 ntrigdigi - ok
11:45:09.0478 3860 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:45:09.0540 3860 Null - ok
11:45:09.0805 3860 nvlddmkm (e2e55c958e46346a419ec341189bd8e3) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:45:10.0445 3860 nvlddmkm - ok
11:45:10.0570 3860 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
11:45:10.0601 3860 nvraid - ok
11:45:10.0663 3860 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
11:45:10.0679 3860 nvstor - ok
11:45:10.0773 3860 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:45:10.0788 3860 nv_agp - ok
11:45:10.0804 3860 NwlnkFlt - ok
11:45:10.0819 3860 NwlnkFwd - ok
11:45:10.0897 3860 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
11:45:10.0975 3860 ohci1394 - ok
11:45:11.0038 3860 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys
11:45:11.0241 3860 Parport - ok
11:45:11.0381 3860 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:45:11.0397 3860 partmgr - ok
11:45:11.0443 3860 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys
11:45:11.0553 3860 Parvdm - ok
11:45:11.0584 3860 pccsmcfd - ok
11:45:11.0631 3860 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:45:11.0662 3860 pci - ok
11:45:11.0740 3860 pciide (304048c2565a803d091cca1ac945f593) C:\Windows\system32\drivers\pciide.sys
11:45:11.0818 3860 pciide - ok
11:45:11.0896 3860 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:45:11.0911 3860 pcmcia - ok
11:45:11.0958 3860 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:45:12.0145 3860 PEAUTH - ok
11:45:12.0223 3860 PhilCap (f433b5aa6dbac3c8626eefaf134e4763) C:\Windows\system32\DRIVERS\PhilCap.sys
11:45:12.0317 3860 PhilCap - ok
11:45:12.0379 3860 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:45:12.0442 3860 PptpMiniport - ok
11:45:12.0473 3860 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:45:12.0567 3860 Processor - ok
11:45:12.0707 3860 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:45:12.0785 3860 PSched - ok
11:45:12.0894 3860 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
11:45:12.0925 3860 PxHelp20 - ok
11:45:13.0050 3860 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:45:13.0128 3860 ql2300 - ok
11:45:13.0175 3860 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:45:13.0269 3860 ql40xx - ok
11:45:13.0331 3860 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:45:13.0393 3860 QWAVEdrv - ok
11:45:13.0503 3860 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
11:45:13.0877 3860 R300 - ok
11:45:14.0033 3860 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:45:14.0080 3860 RasAcd - ok
11:45:14.0158 3860 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:45:14.0251 3860 Rasl2tp - ok
11:45:14.0298 3860 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:45:14.0345 3860 RasPppoe - ok
11:45:14.0376 3860 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:45:14.0392 3860 RasSstp - ok
11:45:14.0454 3860 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:45:14.0595 3860 rdbss - ok
11:45:14.0626 3860 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:45:14.0673 3860 RDPCDD - ok
11:45:14.0735 3860 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
11:45:14.0813 3860 rdpdr - ok
11:45:14.0829 3860 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:45:14.0922 3860 RDPENCDD - ok
11:45:14.0985 3860 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
11:45:15.0063 3860 RDPWD - ok
11:45:15.0126 3860 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:45:15.0204 3860 rspndr - ok
11:45:15.0251 3860 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
11:45:15.0282 3860 RTL8169 - ok
11:45:15.0360 3860 RTSTOR (557d431125aa3d58f2d132fda1eb8255) C:\Windows\system32\drivers\RTSTOR.SYS
11:45:15.0407 3860 RTSTOR - ok
11:45:15.0485 3860 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:45:15.0516 3860 sbp2port - ok
11:45:15.0610 3860 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:45:15.0688 3860 secdrv - ok
11:45:15.0719 3860 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
11:45:15.0812 3860 Serenum - ok
11:45:15.0844 3860 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
11:45:16.0000 3860 Serial - ok
11:45:16.0031 3860 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:45:16.0250 3860 sermouse - ok
11:45:16.0313 3860 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
11:45:16.0375 3860 sffdisk - ok
11:45:16.0406 3860 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:45:16.0484 3860 sffp_mmc - ok
11:45:16.0531 3860 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
11:45:16.0625 3860 sffp_sd - ok
11:45:16.0781 3860 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:45:16.0859 3860 sfloppy - ok
11:45:17.0139 3860 Si3531 (93beacc3815a4653a655c8bd7622ff63) C:\Windows\system32\DRIVERS\Si3531.sys
11:45:17.0155 3860 Si3531 - ok
11:45:17.0264 3860 SiFilter (165448bc832d424b97270c8d1276e24a) C:\Windows\system32\DRIVERS\SiWinAcc.sys
11:45:17.0295 3860 SiFilter - ok
11:45:17.0358 3860 SiRemFil (9be8ea3a8c7e6d47e710f6fa14b7442b) C:\Windows\system32\DRIVERS\SiRemFil.sys
11:45:17.0373 3860 SiRemFil - ok
11:45:17.0420 3860 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:45:17.0436 3860 SiSRaid2 - ok
11:45:17.0467 3860 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:45:17.0498 3860 SiSRaid4 - ok
11:45:17.0779 3860 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:45:17.0857 3860 Smb - ok
11:45:17.0966 3860 SNP2UVC (279c771ed7d5d6132d7fe08efc781fa4) C:\Windows\system32\DRIVERS\snp2uvc.sys
11:45:18.0169 3860 SNP2UVC - ok
11:45:18.0247 3860 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:45:18.0263 3860 spldr - ok
11:45:18.0481 3860 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:45:18.0590 3860 srv - ok
11:45:18.0684 3860 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:45:18.0777 3860 srv2 - ok
11:45:18.0840 3860 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:45:18.0933 3860 srvnet - ok
11:45:19.0043 3860 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
11:45:19.0058 3860 ssmdrv - ok
11:45:19.0136 3860 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:45:19.0199 3860 swenum - ok
11:45:19.0245 3860 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:45:19.0261 3860 Symc8xx - ok
11:45:19.0308 3860 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:45:19.0339 3860 Sym_hi - ok
11:45:19.0355 3860 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:45:19.0370 3860 Sym_u3 - ok
11:45:19.0448 3860 SynTP (4c6de67ebb6c487f7690a373fcfde279) C:\Windows\system32\DRIVERS\SynTP.sys
11:45:19.0479 3860 SynTP - ok
11:45:19.0729 3860 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
11:45:19.0838 3860 Tcpip - ok
11:45:19.0901 3860 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
11:45:19.0947 3860 Tcpip6 - ok
11:45:20.0119 3860 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:45:20.0181 3860 tcpipreg - ok
11:45:20.0275 3860 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:45:20.0322 3860 TDPIPE - ok
11:45:20.0447 3860 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:45:20.0540 3860 TDTCP - ok
11:45:20.0696 3860 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:45:20.0743 3860 tdx - ok
11:45:20.0852 3860 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:45:20.0868 3860 TermDD - ok
11:45:20.0961 3860 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:45:21.0039 3860 tssecsrv - ok
11:45:21.0180 3860 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
11:45:21.0195 3860 TuneUpUtilitiesDrv - ok
11:45:21.0383 3860 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:45:21.0507 3860 tunmp - ok
11:45:21.0539 3860 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:45:21.0585 3860 tunnel - ok
11:45:21.0663 3860 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
11:45:21.0679 3860 uagp35 - ok
11:45:21.0897 3860 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:45:22.0069 3860 udfs - ok
11:45:22.0459 3860 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:45:22.0584 3860 uliagpkx - ok
11:45:22.0771 3860 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:45:22.0802 3860 uliahci - ok
11:45:22.0880 3860 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:45:22.0911 3860 UlSata - ok
11:45:22.0958 3860 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:45:22.0989 3860 ulsata2 - ok
11:45:23.0099 3860 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:45:23.0130 3860 umbus - ok
11:45:23.0192 3860 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
11:45:23.0301 3860 USBAAPL - ok
11:45:23.0364 3860 usbccgp (03b01e8dbd2da2b49157b7e51912aaf2) C:\Windows\system32\DRIVERS\usbccgp.sys
11:45:23.0504 3860 usbccgp - ok
11:45:23.0598 3860 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:45:23.0691 3860 usbcir - ok
11:45:23.0738 3860 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:45:23.0785 3860 usbehci - ok
11:45:23.0847 3860 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:45:23.0894 3860 usbhub - ok
11:45:23.0941 3860 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:45:24.0003 3860 usbohci - ok
11:45:24.0035 3860 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
11:45:24.0097 3860 usbprint - ok
11:45:24.0144 3860 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
11:45:24.0206 3860 usbser - ok
11:45:24.0300 3860 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:45:24.0331 3860 USBSTOR - ok
11:45:24.0425 3860 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:45:24.0581 3860 usbuhci - ok
11:45:24.0737 3860 usbvideo (8cffeb4af074fd3e24bad6381cc33361) C:\Windows\system32\Drivers\usbvideo.sys
11:45:24.0799 3860 usbvideo - ok
11:45:24.0799 3860 uxddrv - ok
11:45:24.0955 3860 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
11:45:25.0049 3860 vga - ok
11:45:25.0095 3860 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:45:25.0314 3860 VgaSave - ok
11:45:25.0470 3860 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:45:25.0517 3860 viaagp - ok
11:45:25.0610 3860 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:45:25.0704 3860 ViaC7 - ok
11:45:25.0751 3860 viaide (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys
11:45:25.0766 3860 viaide - ok
11:45:25.0844 3860 vncmirror (3b8f222b23917c041e4da29ccc57e7d0) C:\Windows\system32\DRIVERS\vncmirror.sys
11:45:25.0953 3860 vncmirror - ok
11:45:26.0000 3860 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:45:26.0031 3860 volmgr - ok
11:45:26.0141 3860 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:45:26.0187 3860 volmgrx - ok
11:45:26.0234 3860 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:45:26.0265 3860 volsnap - ok
11:45:26.0312 3860 vpnva (1b7c80c66742dafaa31f98af4c3a5bc2) C:\Windows\system32\DRIVERS\vpnva.sys
11:45:26.0328 3860 vpnva - ok
11:45:26.0421 3860 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:45:26.0437 3860 vsmraid - ok
11:45:26.0499 3860 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:45:26.0577 3860 WacomPen - ok
11:45:26.0827 3860 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:45:26.0936 3860 Wanarp - ok
11:45:26.0936 3860 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:45:26.0967 3860 Wanarpv6 - ok
11:45:27.0186 3860 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:45:27.0201 3860 Wd - ok
11:45:27.0279 3860 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
11:45:27.0326 3860 Wdf01000 - ok
11:45:27.0482 3860 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:45:27.0513 3860 WmiAcpi - ok
11:45:27.0607 3860 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:45:27.0669 3860 WpdUsb - ok
11:45:27.0716 3860 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:45:27.0763 3860 ws2ifsl - ok
11:45:27.0888 3860 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:45:27.0950 3860 WUDFRd - ok
11:45:27.0966 3860 XUIF - ok
11:45:28.0013 3860 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:45:28.0325 3860 \Device\Harddisk0\DR0 - ok
11:45:28.0340 3860 Boot (0x1200) (80de89a911e4aa1ab234ee6c546ddaef) \Device\Harddisk0\DR0\Partition0
11:45:28.0340 3860 \Device\Harddisk0\DR0\Partition0 - ok
11:45:28.0356 3860 Boot (0x1200) (926de62e4e5056316edbdf9774b986ea) \Device\Harddisk0\DR0\Partition1
11:45:28.0356 3860 \Device\Harddisk0\DR0\Partition1 - ok
11:45:28.0356 3860 ============================================================
11:45:28.0356 3860 Scan finished
11:45:28.0356 3860 ============================================================
11:45:28.0371 3856 Detected object count: 1
11:45:28.0371 3856 Actual detected object count: 1
11:45:31.0491 3856 Hotkey ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:31.0491 3856 Hotkey ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
19.01.2012, 12:13
| #39 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2012, 12:17
| #40 |
| | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Hey, schon einmal super. Werde es ungefähr mal um 15 Uhr laufen lassen und danach alle drei Sachen posten. |
|
19.01.2012, 17:37
| #41 |
| | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir GMER hat mir zweimal einen BlueScreen beschert. Hier der OSAM-Log: Code:
ATTFilter OSAM Logfile: Code:
ATTFilter aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-19 15:13:23
-----------------------------
15:13:23.364 OS Version: Windows 6.0.6002 Service Pack 2
15:13:23.364 Number of processors: 2 586 0xF0D
15:13:23.364 ComputerName: SIMON-LAPTOP UserName: Simon
15:13:24.503 Initialize success
15:13:31.195 AVAST engine defs: 12011901
15:13:35.376 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
15:13:35.376 Disk 0 Vendor: WDC_WD16 04.0 Size: 152627MB BusType: 3
15:13:35.392 Disk 0 MBR read successfully
15:13:35.392 Disk 0 MBR scan
15:13:35.407 Disk 0 Windows VISTA default MBR code
15:13:35.407 Disk 0 Partition - 00 0F Extended LBA 23218 MB offset 265024305
15:13:35.407 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 129406 MB offset 63
15:13:35.438 Disk 0 Partition 2 00 0B FAT32 MSDOS5.0 23218 MB offset 265024368
15:13:35.501 Disk 0 scanning sectors +312576705
15:13:35.875 Disk 0 scanning C:\Windows\system32\drivers
15:13:53.831 Service scanning
15:13:54.782 Service uxddrv G:\DIAGNOSE\WSTGER32\2PART\uxddrv86.sys **LOCKED** 21
15:13:55.344 Modules scanning
15:14:00.710 Disk 0 trace - called modules:
15:14:00.773 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
15:14:00.788 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ca3780]
15:14:00.788 3 CLASSPNP.SYS[8abb58b3] -> nt!IofCallDriver -> [0x8598cf08]
15:14:00.804 5 acpi.sys[806906bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85951028]
15:14:01.834 AVAST engine scan C:\Windows
15:14:12.067 AVAST engine scan C:\Windows\system32
15:17:33.526 AVAST engine scan C:\Windows\system32\drivers
15:17:47.737 AVAST engine scan C:\Users\Simon
15:54:14.645 AVAST engine scan C:\ProgramData
16:00:28.874 Scan finished successfully
17:34:00.024 Disk 0 MBR has been saved successfully to "C:\Users\Simon\Desktop\MBR.dat"
17:34:00.024 The log file has been saved successfully to "C:\Users\Simon\Desktop\aswMBR.txt"
|
|
19.01.2012, 21:42
| #42 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.01.2012, 08:19
| #43 |
| | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Puh, doch noch Funde. Sind da schlimme dabei? Was soll ich damit machen? Hier einmal das Ergebnis von SuperAntiSpyware... Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 01/20/2012 at 07:50 AM
Application Version : 5.0.1142
Core Rules Database Version : 8147
Trace Rules Database Version: 5959
Scan type : Complete Scan
Total Scan Time : 07:49:30
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator
Memory items scanned : 648
Memory threats detected : 0
Registry items scanned : 38927
Registry threats detected : 0
File items scanned : 192867
File threats detected : 376
Adware.Tracking Cookie
C:\USERS\BERND2\AppData\Roaming\Microsoft\Windows\Cookies\bernd2@atdmt[2].txt [ Cookie:bernd2@atdmt.com/ ]
C:\USERS\BERND2\AppData\Roaming\Microsoft\Windows\Cookies\bernd2@2o7[1].txt [ Cookie:bernd2@2o7.net/ ]
C:\USERS\BERND2\Cookies\bernd2@atdmt[2].txt [ Cookie:bernd2@atdmt.com/ ]
C:\USERS\BERND2\Cookies\bernd2@2o7[1].txt [ Cookie:bernd2@2o7.net/ ]
de.sitestat.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.secmedia.de [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\BERND\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9EO8BRZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjl4kpczecp.stats.esomniture.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
s08.flagcounter.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
s07.flagcounter.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
keyword-advertising.web.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
www.counter-go.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
www.pixeltrack66.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
www.pixeltrack66.com [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
truedigitalmedia.go2cloud.org [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
truedigitalmedia.go2cloud.org [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BERND2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IB27M6GX.DEFAULT\COOKIES.SQLITE ]
secure-uk.imrworldwide.com [ C:\USERS\SIMON\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\P7SDPQMA ]
.ero-advertising.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
livestat.derstandard.at [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.bubblestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.findagrave.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.findagrave.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.findagrave.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.findagrave.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.findagrave.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.keygenguru.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.keygenguru.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.top4top.namewww.keygenguru.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.top4top.namewww.keygenguru.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.top4top.namewww.keygenguru.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www9.addfreestats.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www7.addfreestats.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
nl.2.cqcounter.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjliekcjofo.stats.esomniture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjloqoczsho.stats.esomniture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjl4smdpsbq.stats.esomniture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmyahdpebp.stats.esomniture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkoogcpwcp.stats.esomniture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4qoajglp.stats.esomniture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkyknajgeo.stats.esomniture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
stat.onestat.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
s4.trafficmaxx.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
truedigitalmedia.go2cloud.org [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
truedigitalmedia.go2cloud.org [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.stats4free.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.crackinn.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.crackinn.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.crackinn.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
tracking.fahrrad.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
tracking.fahrrad.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
flagcounter.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
s08.flagcounter.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
s06.flagcounter.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.media.io [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.media.io [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.media.io [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
media.stage-entertainment.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
s20.mediaconverter.org [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
s19.mediaconverter.org [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
s18.mediaconverter.org [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediaconverter.org [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.mediaconverter.org [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.trafficer.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.trafficer.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.viewablemedia.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.pixeltrack66.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.pixeltrack66.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
webcount.feratel.at [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.bagfinder.lowepro.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.bagfinder.lowepro.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.comstats.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.comstats.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.comstats.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.cunda.122.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.philips.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.sonyeurope.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.germanwings.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.vogelservices.122.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.beiersdorf.122.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.lokalportal24de.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.122.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.oracle.112.2o7.net [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
.tns-counter.ru [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
www.stats.casio.de [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XRIXT5I0.DEFAULT\COOKIES.SQLITE ]
cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Z7DMYYF2 ]
content.yieldmanager.edgesuite.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Z7DMYYF2 ]
objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Z7DMYYF2 ]
Trojan.Agent/Gen-Kryptik
C:\TDSSKILLER_QUARANTINE\17.01.2012_07.54.21\SUSP0001\SVC0000\TSK0000.DTA
Ich habe noch nichts mit den Daten von SUPERAntiSpyware gemacht. Halte das Fenster geöffnet, um die Dateien evtl in Quarantäne zu schieben oder ähnliches... Die beiden anderen Scans lass ich noch durchlaufen und poste die Ergebnisse im Laufe des Tages. |
|
20.01.2012, 12:15
| #44 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Das sind nur Cookies und ein Fund in der TDSS-Quarantäne. Kann alles weg. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Mach bitte die anderen Logs auch noch
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.01.2012, 15:09
| #45 |
| | Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir Also hier noch einmal der Log von Malewarebytes... Hoffe, dass da auch nix schlimmes drin ist. Lass dann nochmal den Online Scan laufen. Hast du neben "eingeschränkten Benutzer Konto" noch weitere Sicherheitstipps?? Welche Scanprogramme soll/Kann ich drauf lassen oder deinstallieren? Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.0.1800 www.malwarebytes.org Datenbank Version: v2012.01.20.01 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Simon :: SIMON-LAPTOP [Administrator] Schutz: Deaktiviert 20.01.2012 08:23:23 mbam-log-2012-01-20 (08-23-23).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 402288 Laufzeit: 3 Stunde(n), 42 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 4 HKCR\batfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: () Gut: ("%1" %*) -> Löschen bei Neustart. HKCR\comfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: () Gut: ("%1" %*) -> Löschen bei Neustart. HKCR\piffile\shell\open\command| (Broken.OpenCommand) -> Bösartig: () Gut: ("%1" %*) -> Löschen bei Neustart. HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: () Gut: (regedit.exe "%1") -> Löschen bei Neustart. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
| Themen zu Nach HTML/Infected.WebPage.Gen2 - 14 Warnungen und 18 Versteckte Objekte bei AntiVir |
| antivir, antivirus, avira, datei, dringend, firefox, firewall, forum, free, gefährlich, internet, internetverbindung, microsoft, neu, probleme, surfen, system, system32, verbindung, virus, vista, warnung, windows, windows firewall |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
