| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: my start incredibar lässt sich nicht entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.08.2012, 20:53
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  my start incredibar lässt sich nicht entfernen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.08.2012, 16:18
| #17 |
 | my start incredibar lässt sich nicht entfernen Hi Arne, nebenbei mein Kaspersky Antivirenprogramm meldet:
__________________Ein legales Programm, das von einem Angreifer genutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen wurde gefunden. Weiß nicht ob das wichtig ist. hier der Log: Code:
ATTFilter 17:04:45.0236 2692 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:04:45.0396 2692 ============================================================
17:04:45.0396 2692 Current date / time: 2012/08/07 17:04:45.0396
17:04:45.0396 2692 SystemInfo:
17:04:45.0396 2692
17:04:45.0396 2692 OS Version: 6.1.7601 ServicePack: 1.0
17:04:45.0396 2692 Product type: Workstation
17:04:45.0396 2692 ComputerName: IG-PC
17:04:45.0396 2692 UserName: IG
17:04:45.0396 2692 Windows directory: C:\Windows
17:04:45.0396 2692 System windows directory: C:\Windows
17:04:45.0396 2692 Processor architecture: Intel x86
17:04:45.0396 2692 Number of processors: 2
17:04:45.0396 2692 Page size: 0x1000
17:04:45.0396 2692 Boot type: Normal boot
17:04:45.0396 2692 ============================================================
17:04:46.0556 2692 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:04:46.0556 2692 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:04:46.0566 2692 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:04:46.0566 2692 ============================================================
17:04:46.0566 2692 \Device\Harddisk0\DR0:
17:04:46.0566 2692 MBR partitions:
17:04:46.0566 2692 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:04:46.0566 2692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
17:04:46.0566 2692 \Device\Harddisk1\DR1:
17:04:46.0566 2692 MBR partitions:
17:04:46.0566 2692 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9632000
17:04:46.0566 2692 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x9632800, BlocksNum 0x30D53000
17:04:46.0566 2692 \Device\Harddisk2\DR2:
17:04:46.0566 2692 MBR partitions:
17:04:46.0566 2692 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747045AF
17:04:46.0566 2692 ============================================================
17:04:46.0586 2692 C: <-> \Device\Harddisk0\DR0\Partition1
17:04:46.0606 2692 D: <-> \Device\Harddisk1\DR1\Partition1
17:04:46.0646 2692 E: <-> \Device\Harddisk1\DR1\Partition0
17:04:47.0046 2692 H: <-> \Device\Harddisk2\DR2\Partition0
17:04:47.0046 2692 ============================================================
17:04:47.0046 2692 Initialize success
17:04:47.0046 2692 ============================================================
17:05:12.0266 6056 ============================================================
17:05:12.0266 6056 Scan started
17:05:12.0266 6056 Mode: Manual; SigCheck; TDLFS;
17:05:12.0266 6056 ============================================================
17:05:13.0176 6056 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
17:05:13.0296 6056 1394ohci - ok
17:05:13.0316 6056 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
17:05:13.0336 6056 ACPI - ok
17:05:13.0336 6056 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
17:05:13.0376 6056 AcpiPmi - ok
17:05:13.0506 6056 AcrSch2Svc (8c0272d20896edee6ec667961c6ef287) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
17:05:13.0546 6056 AcrSch2Svc - ok
17:05:13.0636 6056 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:05:13.0656 6056 AdobeARMservice - ok
17:05:13.0806 6056 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:05:13.0846 6056 AdobeFlashPlayerUpdateSvc - ok
17:05:13.0906 6056 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
17:05:13.0936 6056 adp94xx - ok
17:05:13.0986 6056 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
17:05:14.0006 6056 adpahci - ok
17:05:14.0016 6056 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
17:05:14.0026 6056 adpu320 - ok
17:05:14.0046 6056 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
17:05:14.0086 6056 AeLookupSvc - ok
17:05:14.0136 6056 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
17:05:14.0166 6056 AFD - ok
17:05:14.0186 6056 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
17:05:14.0196 6056 agp440 - ok
17:05:14.0226 6056 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
17:05:14.0236 6056 aic78xx - ok
17:05:14.0266 6056 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
17:05:14.0316 6056 ALG - ok
17:05:14.0346 6056 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
17:05:14.0356 6056 aliide - ok
17:05:14.0416 6056 AMD External Events Utility (f1635c21b484713bca63182bcd5dc498) C:\Windows\system32\atiesrxx.exe
17:05:14.0466 6056 AMD External Events Utility - ok
17:05:14.0486 6056 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
17:05:14.0496 6056 amdagp - ok
17:05:14.0506 6056 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
17:05:14.0516 6056 amdide - ok
17:05:14.0526 6056 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
17:05:14.0546 6056 AmdK8 - ok
17:05:14.0816 6056 amdkmdag (8331bf867efea8067026394b26a045ba) C:\Windows\system32\DRIVERS\atipmdag.sys
17:05:14.0986 6056 amdkmdag - ok
17:05:15.0136 6056 amdkmdap (5f9d49df02e2dde0a962a0dd8ff2b405) C:\Windows\system32\DRIVERS\atikmpag.sys
17:05:15.0186 6056 amdkmdap - ok
17:05:15.0226 6056 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
17:05:15.0256 6056 AmdPPM - ok
17:05:15.0266 6056 amdsata (6f64c768a9a48fab7c6d6cee1b30f97f) C:\Windows\system32\DRIVERS\amdsata.sys
17:05:15.0286 6056 amdsata - ok
17:05:15.0336 6056 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
17:05:15.0356 6056 amdsbs - ok
17:05:15.0376 6056 amdxata (e27866684780606bcce640a57937d88a) C:\Windows\system32\drivers\amdxata.sys
17:05:15.0376 6056 amdxata - ok
17:05:15.0406 6056 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
17:05:15.0436 6056 AppID - ok
17:05:15.0466 6056 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
17:05:15.0496 6056 AppIDSvc - ok
17:05:15.0546 6056 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
17:05:15.0616 6056 Appinfo - ok
17:05:15.0656 6056 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
17:05:15.0676 6056 AppMgmt - ok
17:05:15.0736 6056 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
17:05:15.0766 6056 arc - ok
17:05:15.0776 6056 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
17:05:15.0796 6056 arcsas - ok
17:05:15.0806 6056 AsrCDDrv - ok
17:05:15.0816 6056 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
17:05:15.0936 6056 AsyncMac - ok
17:05:15.0966 6056 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
17:05:15.0996 6056 atapi - ok
17:05:16.0036 6056 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
17:05:16.0046 6056 AtiPcie - ok
17:05:16.0096 6056 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
17:05:16.0146 6056 AudioEndpointBuilder - ok
17:05:16.0156 6056 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
17:05:16.0176 6056 Audiosrv - ok
17:05:16.0286 6056 AVP (86805548e45da1668a7035966c64fc3e) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
17:05:16.0316 6056 AVP - ok
17:05:16.0336 6056 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
17:05:16.0366 6056 AxInstSV - ok
17:05:16.0396 6056 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
17:05:16.0446 6056 b06bdrv - ok
17:05:16.0466 6056 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
17:05:16.0516 6056 b57nd60x - ok
17:05:16.0546 6056 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
17:05:16.0586 6056 BDESVC - ok
17:05:16.0606 6056 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
17:05:16.0636 6056 Beep - ok
17:05:16.0686 6056 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
17:05:16.0726 6056 BFE - ok
17:05:16.0776 6056 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
17:05:16.0806 6056 BITS - ok
17:05:16.0826 6056 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
17:05:16.0846 6056 blbdrive - ok
17:05:16.0876 6056 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
17:05:16.0906 6056 bowser - ok
17:05:16.0916 6056 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
17:05:16.0936 6056 BrFiltLo - ok
17:05:16.0936 6056 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
17:05:16.0966 6056 BrFiltUp - ok
17:05:16.0986 6056 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
17:05:17.0006 6056 Browser - ok
17:05:17.0026 6056 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
17:05:17.0056 6056 Brserid - ok
17:05:17.0066 6056 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
17:05:17.0086 6056 BrSerWdm - ok
17:05:17.0086 6056 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:05:17.0106 6056 BrUsbMdm - ok
17:05:17.0106 6056 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
17:05:17.0126 6056 BrUsbSer - ok
17:05:17.0136 6056 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
17:05:17.0156 6056 BTHMODEM - ok
17:05:17.0166 6056 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
17:05:17.0196 6056 bthserv - ok
17:05:17.0216 6056 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
17:05:17.0236 6056 cdfs - ok
17:05:17.0266 6056 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
17:05:17.0286 6056 cdrom - ok
17:05:17.0316 6056 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
17:05:17.0346 6056 CertPropSvc - ok
17:05:17.0346 6056 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
17:05:17.0366 6056 circlass - ok
17:05:17.0386 6056 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
17:05:17.0396 6056 CLFS - ok
17:05:17.0446 6056 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:05:17.0476 6056 clr_optimization_v2.0.50727_32 - ok
17:05:17.0546 6056 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:05:17.0566 6056 clr_optimization_v4.0.30319_32 - ok
17:05:17.0576 6056 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
17:05:17.0596 6056 CmBatt - ok
17:05:17.0606 6056 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
17:05:17.0616 6056 cmdide - ok
17:05:17.0686 6056 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
17:05:17.0726 6056 CNG - ok
17:05:17.0746 6056 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
17:05:17.0756 6056 Compbatt - ok
17:05:17.0766 6056 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:05:17.0786 6056 CompositeBus - ok
17:05:17.0796 6056 COMSysApp - ok
17:05:17.0796 6056 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
17:05:17.0806 6056 crcdisk - ok
17:05:17.0886 6056 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
17:05:17.0966 6056 CryptSvc - ok
17:05:18.0016 6056 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
17:05:18.0066 6056 CSC - ok
17:05:18.0106 6056 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
17:05:18.0136 6056 CscService - ok
17:05:18.0186 6056 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
17:05:18.0226 6056 DcomLaunch - ok
17:05:18.0256 6056 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
17:05:18.0286 6056 defragsvc - ok
17:05:18.0336 6056 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
17:05:18.0366 6056 DfsC - ok
17:05:18.0406 6056 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
17:05:18.0446 6056 Dhcp - ok
17:05:18.0466 6056 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
17:05:18.0496 6056 discache - ok
17:05:18.0536 6056 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
17:05:18.0546 6056 Disk - ok
17:05:18.0566 6056 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
17:05:18.0596 6056 dmvsc - ok
17:05:18.0626 6056 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
17:05:18.0646 6056 Dnscache - ok
17:05:18.0676 6056 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
17:05:18.0716 6056 dot3svc - ok
17:05:18.0736 6056 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
17:05:18.0766 6056 DPS - ok
17:05:18.0796 6056 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
17:05:18.0816 6056 drmkaud - ok
17:05:18.0866 6056 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
17:05:18.0886 6056 DXGKrnl - ok
17:05:18.0916 6056 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
17:05:18.0956 6056 EapHost - ok
17:05:19.0156 6056 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
17:05:19.0226 6056 ebdrv - ok
17:05:19.0346 6056 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
17:05:19.0396 6056 EFS - ok
17:05:19.0466 6056 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
17:05:19.0496 6056 ehRecvr - ok
17:05:19.0516 6056 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
17:05:19.0526 6056 ehSched - ok
17:05:19.0586 6056 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
17:05:19.0616 6056 elxstor - ok
17:05:19.0626 6056 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
17:05:19.0646 6056 ErrDev - ok
17:05:19.0706 6056 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
17:05:19.0736 6056 EventSystem - ok
17:05:19.0766 6056 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
17:05:19.0786 6056 exfat - ok
17:05:19.0856 6056 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
17:05:19.0876 6056 fastfat - ok
17:05:19.0956 6056 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
17:05:20.0016 6056 Fax - ok
17:05:20.0026 6056 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
17:05:20.0036 6056 fdc - ok
17:05:20.0056 6056 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
17:05:20.0086 6056 fdPHost - ok
17:05:20.0106 6056 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
17:05:20.0126 6056 FDResPub - ok
17:05:20.0146 6056 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
17:05:20.0156 6056 FileInfo - ok
17:05:20.0166 6056 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
17:05:20.0186 6056 Filetrace - ok
17:05:20.0196 6056 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
17:05:20.0206 6056 flpydisk - ok
17:05:20.0246 6056 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
17:05:20.0256 6056 FltMgr - ok
17:05:20.0336 6056 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
17:05:20.0376 6056 FontCache - ok
17:05:20.0446 6056 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:05:20.0456 6056 FontCache3.0.0.0 - ok
17:05:20.0456 6056 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
17:05:20.0466 6056 FsDepends - ok
17:05:20.0496 6056 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
17:05:20.0506 6056 Fs_Rec - ok
17:05:20.0536 6056 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
17:05:20.0546 6056 fvevol - ok
17:05:20.0566 6056 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
17:05:20.0576 6056 gagp30kx - ok
17:05:20.0636 6056 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
17:05:20.0676 6056 gpsvc - ok
17:05:20.0706 6056 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
17:05:20.0766 6056 hcw85cir - ok
17:05:20.0816 6056 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
17:05:20.0856 6056 HdAudAddService - ok
17:05:20.0896 6056 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:05:20.0926 6056 HDAudBus - ok
17:05:20.0936 6056 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
17:05:20.0956 6056 HidBatt - ok
17:05:20.0966 6056 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
17:05:20.0986 6056 HidBth - ok
17:05:21.0006 6056 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
17:05:21.0026 6056 HidIr - ok
17:05:21.0046 6056 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
17:05:21.0066 6056 hidserv - ok
17:05:21.0086 6056 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
17:05:21.0106 6056 HidUsb - ok
17:05:21.0136 6056 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
17:05:21.0156 6056 hkmsvc - ok
17:05:21.0176 6056 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
17:05:21.0196 6056 HomeGroupListener - ok
17:05:21.0226 6056 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
17:05:21.0256 6056 HomeGroupProvider - ok
17:05:21.0266 6056 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
17:05:21.0276 6056 HpSAMD - ok
17:05:21.0306 6056 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
17:05:21.0336 6056 HTTP - ok
17:05:21.0346 6056 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
17:05:21.0356 6056 hwpolicy - ok
17:05:21.0356 6056 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
17:05:21.0376 6056 i8042prt - ok
17:05:21.0426 6056 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
17:05:21.0446 6056 iaStorV - ok
17:05:21.0576 6056 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:05:21.0616 6056 idsvc - ok
17:05:21.0626 6056 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
17:05:21.0636 6056 iirsp - ok
17:05:21.0736 6056 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
17:05:21.0796 6056 IKEEXT - ok
17:05:21.0796 6056 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
17:05:21.0806 6056 intelide - ok
17:05:21.0836 6056 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\drivers\intelppm.sys
17:05:21.0846 6056 intelppm - ok
17:05:21.0886 6056 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
17:05:21.0936 6056 IPBusEnum - ok
17:05:21.0966 6056 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:05:21.0996 6056 IpFilterDriver - ok
17:05:22.0026 6056 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
17:05:22.0066 6056 iphlpsvc - ok
17:05:22.0066 6056 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
17:05:22.0086 6056 IPMIDRV - ok
17:05:22.0086 6056 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
17:05:22.0116 6056 IPNAT - ok
17:05:22.0146 6056 irda (9f7e491fb0ba0f9e370163834fc1fe31) C:\Windows\system32\DRIVERS\irda.sys
17:05:22.0176 6056 irda - ok
17:05:22.0196 6056 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
17:05:22.0216 6056 IRENUM - ok
17:05:22.0236 6056 Irmon (4220d2f03d5c4226d0a1aa4b84025e45) C:\Windows\System32\irmon.dll
17:05:22.0256 6056 Irmon - ok
17:05:22.0356 6056 irsir (d04da73127ffed720dfc4eb673a23e04) C:\Windows\system32\DRIVERS\irsir.sys
17:05:22.0416 6056 irsir - ok
17:05:22.0446 6056 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
17:05:22.0456 6056 isapnp - ok
17:05:22.0486 6056 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
17:05:22.0516 6056 iScsiPrt - ok
17:05:22.0526 6056 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:05:22.0546 6056 kbdclass - ok
17:05:22.0556 6056 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
17:05:22.0576 6056 kbdhid - ok
17:05:22.0616 6056 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:05:22.0626 6056 KeyIso - ok
17:05:22.0676 6056 KL1 (47f4320cff5bd3de472bb300a32a879e) C:\Windows\system32\DRIVERS\kl1.sys
17:05:22.0696 6056 KL1 - ok
17:05:22.0716 6056 kl2 (0e29fe31bd4c72412ad99253e71b25c1) C:\Windows\system32\DRIVERS\kl2.sys
17:05:22.0726 6056 kl2 - ok
17:05:22.0796 6056 KLIF (0fa77171e66d1f6887b02e9f9afe3523) C:\Windows\system32\DRIVERS\klif.sys
17:05:22.0806 6056 KLIF - ok
17:05:22.0816 6056 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\Windows\system32\DRIVERS\klim6.sys
17:05:22.0826 6056 KLIM6 - ok
17:05:22.0836 6056 klmouflt (3de1771c135328420315e21dde229bba) C:\Windows\system32\DRIVERS\klmouflt.sys
17:05:22.0836 6056 klmouflt - ok
17:05:22.0886 6056 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
17:05:22.0906 6056 KSecDD - ok
17:05:22.0926 6056 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
17:05:22.0936 6056 KSecPkg - ok
17:05:22.0996 6056 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
17:05:23.0026 6056 KtmRm - ok
17:05:23.0066 6056 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
17:05:23.0096 6056 LanmanServer - ok
17:05:23.0136 6056 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
17:05:23.0156 6056 LanmanWorkstation - ok
17:05:23.0186 6056 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
17:05:23.0216 6056 lltdio - ok
17:05:23.0246 6056 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
17:05:23.0276 6056 lltdsvc - ok
17:05:23.0286 6056 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
17:05:23.0316 6056 lmhosts - ok
17:05:23.0336 6056 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
17:05:23.0346 6056 LSI_FC - ok
17:05:23.0356 6056 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
17:05:23.0366 6056 LSI_SAS - ok
17:05:23.0376 6056 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
17:05:23.0386 6056 LSI_SAS2 - ok
17:05:23.0386 6056 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
17:05:23.0396 6056 LSI_SCSI - ok
17:05:23.0406 6056 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
17:05:23.0426 6056 luafv - ok
17:05:23.0486 6056 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
17:05:23.0506 6056 MBAMProtector - ok
17:05:23.0646 6056 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:05:23.0686 6056 MBAMService - ok
17:05:23.0726 6056 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
17:05:23.0736 6056 Mcx2Svc - ok
17:05:23.0746 6056 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
17:05:23.0756 6056 megasas - ok
17:05:23.0776 6056 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
17:05:23.0786 6056 MegaSR - ok
17:05:23.0806 6056 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
17:05:23.0836 6056 MMCSS - ok
17:05:23.0856 6056 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
17:05:23.0876 6056 Modem - ok
17:05:23.0886 6056 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
17:05:23.0906 6056 monitor - ok
17:05:23.0926 6056 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
17:05:23.0936 6056 mouclass - ok
17:05:23.0986 6056 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
17:05:24.0006 6056 mouhid - ok
17:05:24.0026 6056 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
17:05:24.0066 6056 mountmgr - ok
17:05:24.0156 6056 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:05:24.0166 6056 MozillaMaintenance - ok
17:05:24.0226 6056 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
17:05:24.0236 6056 mpio - ok
17:05:24.0246 6056 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
17:05:24.0276 6056 mpsdrv - ok
17:05:24.0326 6056 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
17:05:24.0366 6056 MpsSvc - ok
17:05:24.0376 6056 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
17:05:24.0396 6056 MRxDAV - ok
17:05:24.0426 6056 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:05:24.0446 6056 mrxsmb - ok
17:05:24.0476 6056 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:05:24.0516 6056 mrxsmb10 - ok
17:05:24.0526 6056 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:05:24.0556 6056 mrxsmb20 - ok
17:05:24.0576 6056 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
17:05:24.0586 6056 msahci - ok
17:05:24.0596 6056 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
17:05:24.0616 6056 msdsm - ok
17:05:24.0646 6056 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
17:05:24.0666 6056 MSDTC - ok
17:05:24.0686 6056 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
17:05:24.0706 6056 Msfs - ok
17:05:24.0716 6056 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
17:05:24.0736 6056 mshidkmdf - ok
17:05:24.0746 6056 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
17:05:24.0756 6056 msisadrv - ok
17:05:24.0796 6056 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
17:05:24.0826 6056 MSiSCSI - ok
17:05:24.0836 6056 msiserver - ok
17:05:24.0856 6056 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
17:05:24.0876 6056 MSKSSRV - ok
17:05:24.0886 6056 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
17:05:24.0926 6056 MSPCLOCK - ok
17:05:24.0936 6056 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
17:05:24.0956 6056 MSPQM - ok
17:05:24.0976 6056 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
17:05:24.0986 6056 MsRPC - ok
17:05:24.0996 6056 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
17:05:25.0006 6056 mssmbios - ok
17:05:25.0016 6056 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
17:05:25.0036 6056 MSTEE - ok
17:05:25.0046 6056 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
17:05:25.0056 6056 MTConfig - ok
17:05:25.0066 6056 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
17:05:25.0076 6056 Mup - ok
17:05:25.0126 6056 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
17:05:25.0156 6056 napagent - ok
17:05:25.0186 6056 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
17:05:25.0226 6056 NativeWifiP - ok
17:05:25.0266 6056 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
17:05:25.0286 6056 NDIS - ok
17:05:25.0306 6056 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
17:05:25.0336 6056 NdisCap - ok
17:05:25.0356 6056 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
17:05:25.0376 6056 NdisTapi - ok
17:05:25.0386 6056 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
17:05:25.0416 6056 Ndisuio - ok
17:05:25.0426 6056 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
17:05:25.0446 6056 NdisWan - ok
17:05:25.0466 6056 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
17:05:25.0486 6056 NDProxy - ok
17:05:25.0496 6056 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
17:05:25.0526 6056 NetBIOS - ok
17:05:25.0536 6056 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
17:05:25.0556 6056 NetBT - ok
17:05:25.0596 6056 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:05:25.0606 6056 Netlogon - ok
17:05:25.0666 6056 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
17:05:25.0696 6056 Netman - ok
17:05:25.0726 6056 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
17:05:25.0766 6056 netprofm - ok
17:05:25.0826 6056 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:05:25.0836 6056 NetTcpPortSharing - ok
17:05:25.0886 6056 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
17:05:25.0916 6056 nfrd960 - ok
17:05:25.0956 6056 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
17:05:26.0016 6056 NlaSvc - ok
17:05:26.0016 6056 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
17:05:26.0036 6056 Npfs - ok
17:05:26.0056 6056 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
17:05:26.0076 6056 nsi - ok
17:05:26.0076 6056 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
17:05:26.0096 6056 nsiproxy - ok
17:05:26.0186 6056 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
17:05:26.0216 6056 Ntfs - ok
17:05:26.0226 6056 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
17:05:26.0246 6056 Null - ok
17:05:26.0276 6056 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
17:05:26.0286 6056 nvraid - ok
17:05:26.0316 6056 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
17:05:26.0326 6056 nvstor - ok
17:05:26.0346 6056 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
17:05:26.0356 6056 nv_agp - ok
17:05:26.0496 6056 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:05:26.0516 6056 odserv - ok
17:05:26.0526 6056 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
17:05:26.0556 6056 ohci1394 - ok
17:05:26.0606 6056 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:05:26.0646 6056 ose - ok
17:05:26.0686 6056 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
17:05:26.0736 6056 p2pimsvc - ok
17:05:26.0776 6056 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
17:05:26.0816 6056 p2psvc - ok
17:05:26.0846 6056 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
17:05:26.0856 6056 Parport - ok
17:05:26.0886 6056 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
17:05:26.0896 6056 partmgr - ok
17:05:26.0906 6056 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
17:05:26.0916 6056 Parvdm - ok
17:05:26.0926 6056 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
17:05:26.0946 6056 PcaSvc - ok
17:05:26.0956 6056 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
17:05:26.0966 6056 pci - ok
17:05:26.0966 6056 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
17:05:26.0976 6056 pciide - ok
17:05:27.0006 6056 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
17:05:27.0026 6056 pcmcia - ok
17:05:27.0026 6056 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
17:05:27.0036 6056 pcw - ok
17:05:27.0066 6056 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
17:05:27.0106 6056 PEAUTH - ok
17:05:27.0186 6056 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
17:05:27.0226 6056 PeerDistSvc - ok
17:05:27.0346 6056 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
17:05:27.0406 6056 pla - ok
17:05:27.0556 6056 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
17:05:27.0616 6056 PlugPlay - ok
17:05:27.0626 6056 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
17:05:27.0656 6056 PNRPAutoReg - ok
17:05:27.0706 6056 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
17:05:27.0736 6056 PNRPsvc - ok
17:05:27.0786 6056 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
17:05:27.0846 6056 PolicyAgent - ok
17:05:27.0866 6056 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
17:05:27.0896 6056 Power - ok
17:05:27.0956 6056 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
17:05:28.0046 6056 PptpMiniport - ok
17:05:28.0066 6056 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
17:05:28.0096 6056 Processor - ok
17:05:28.0126 6056 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
17:05:28.0176 6056 ProfSvc - ok
17:05:28.0206 6056 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:05:28.0226 6056 ProtectedStorage - ok
17:05:28.0256 6056 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
17:05:28.0286 6056 Psched - ok
17:05:28.0356 6056 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
17:05:28.0396 6056 ql2300 - ok
17:05:28.0526 6056 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
17:05:28.0556 6056 ql40xx - ok
17:05:28.0586 6056 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
17:05:28.0636 6056 QWAVE - ok
17:05:28.0636 6056 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
17:05:28.0666 6056 QWAVEdrv - ok
17:05:28.0666 6056 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
17:05:28.0696 6056 RasAcd - ok
17:05:28.0736 6056 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:05:28.0756 6056 RasAgileVpn - ok
17:05:28.0776 6056 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
17:05:28.0806 6056 RasAuto - ok
17:05:28.0836 6056 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:05:28.0876 6056 Rasl2tp - ok
17:05:28.0906 6056 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
17:05:28.0956 6056 RasMan - ok
17:05:28.0976 6056 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
17:05:28.0996 6056 RasPppoe - ok
17:05:29.0016 6056 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
17:05:29.0046 6056 RasSstp - ok
17:05:29.0066 6056 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
17:05:29.0106 6056 rdbss - ok
17:05:29.0106 6056 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
17:05:29.0116 6056 rdpbus - ok
17:05:29.0136 6056 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:05:29.0166 6056 RDPCDD - ok
17:05:29.0196 6056 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
17:05:29.0226 6056 RDPDR - ok
17:05:29.0246 6056 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
17:05:29.0276 6056 RDPENCDD - ok
17:05:29.0286 6056 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
17:05:29.0316 6056 RDPREFMP - ok
17:05:29.0356 6056 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
17:05:29.0406 6056 RDPWD - ok
17:05:29.0506 6056 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
17:05:29.0536 6056 rdyboost - ok
17:05:29.0566 6056 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
17:05:29.0586 6056 RemoteAccess - ok
17:05:29.0616 6056 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
17:05:29.0636 6056 RemoteRegistry - ok
17:05:29.0646 6056 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
17:05:29.0666 6056 RpcEptMapper - ok
17:05:29.0696 6056 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
17:05:29.0716 6056 RpcLocator - ok
17:05:29.0746 6056 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
17:05:29.0766 6056 RpcSs - ok
17:05:29.0786 6056 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
17:05:29.0816 6056 rspndr - ok
17:05:29.0866 6056 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys
17:05:29.0896 6056 RTL8167 - ok
17:05:29.0956 6056 s1039bus (d0eedc88876b20d42157cdcca3e647f3) C:\Windows\system32\DRIVERS\s1039bus.sys
17:05:29.0966 6056 s1039bus - ok
17:05:29.0996 6056 s1039mdfl (7b35091a7bb597c86262c589b0b57d06) C:\Windows\system32\DRIVERS\s1039mdfl.sys
17:05:30.0006 6056 s1039mdfl - ok
17:05:30.0056 6056 s1039mdm (4cb1ab13c9813cbf3e4c6406f8043ec2) C:\Windows\system32\DRIVERS\s1039mdm.sys
17:05:30.0066 6056 s1039mdm - ok
17:05:30.0086 6056 s1039mgmt (2649ca09585a7531126dcc116ad1f88c) C:\Windows\system32\DRIVERS\s1039mgmt.sys
17:05:30.0096 6056 s1039mgmt - ok
17:05:30.0136 6056 s1039nd5 (6d3f549efd6daedd7d12f3de2175053f) C:\Windows\system32\DRIVERS\s1039nd5.sys
17:05:30.0146 6056 s1039nd5 - ok
17:05:30.0196 6056 s1039obex (305e3e3aca0037af2e2c1b50a383c91b) C:\Windows\system32\DRIVERS\s1039obex.sys
17:05:30.0206 6056 s1039obex - ok
17:05:30.0256 6056 s1039unic (7dd02a58277c84c043442561589914f4) C:\Windows\system32\DRIVERS\s1039unic.sys
17:05:30.0266 6056 s1039unic - ok
17:05:30.0296 6056 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
17:05:30.0316 6056 s3cap - ok
17:05:30.0356 6056 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:05:30.0366 6056 SamSs - ok
17:05:30.0406 6056 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
17:05:30.0416 6056 sbp2port - ok
17:05:30.0456 6056 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
17:05:30.0476 6056 SCardSvr - ok
17:05:30.0486 6056 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
17:05:30.0516 6056 scfilter - ok
17:05:30.0566 6056 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
17:05:30.0616 6056 Schedule - ok
17:05:30.0636 6056 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
17:05:30.0656 6056 SCPolicySvc - ok
17:05:30.0676 6056 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
17:05:30.0716 6056 SDRSVC - ok
17:05:30.0736 6056 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:05:30.0766 6056 secdrv - ok
17:05:30.0776 6056 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
17:05:30.0796 6056 seclogon - ok
17:05:30.0816 6056 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
17:05:30.0846 6056 SENS - ok
17:05:30.0866 6056 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
17:05:30.0896 6056 SensrSvc - ok
17:05:30.0916 6056 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
17:05:30.0926 6056 Serenum - ok
17:05:30.0936 6056 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
17:05:30.0956 6056 Serial - ok
17:05:30.0976 6056 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
17:05:30.0996 6056 sermouse - ok
17:05:31.0036 6056 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
17:05:31.0066 6056 SessionEnv - ok
17:05:31.0076 6056 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
17:05:31.0086 6056 sffdisk - ok
17:05:31.0096 6056 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
17:05:31.0106 6056 sffp_mmc - ok
17:05:31.0116 6056 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
17:05:31.0136 6056 sffp_sd - ok
17:05:31.0146 6056 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
17:05:31.0156 6056 sfloppy - ok
17:05:31.0196 6056 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
17:05:31.0236 6056 SharedAccess - ok
17:05:31.0276 6056 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
17:05:31.0316 6056 ShellHWDetection - ok
17:05:31.0316 6056 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
17:05:31.0326 6056 sisagp - ok
17:05:31.0356 6056 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
17:05:31.0366 6056 SiSRaid2 - ok
17:05:31.0376 6056 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
17:05:31.0396 6056 SiSRaid4 - ok
17:05:31.0416 6056 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
17:05:31.0436 6056 Smb - ok
17:05:31.0496 6056 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\Windows\system32\DRIVERS\snapman.sys
17:05:31.0496 6056 snapman - ok
17:05:31.0526 6056 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
17:05:31.0536 6056 SNMPTRAP - ok
17:05:31.0776 6056 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
17:05:31.0786 6056 Sony PC Companion - ok
17:05:31.0836 6056 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
17:05:31.0846 6056 spldr - ok
17:05:31.0866 6056 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
17:05:31.0886 6056 Spooler - ok
17:05:32.0066 6056 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
17:05:32.0106 6056 sppsvc - ok
17:05:32.0196 6056 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
17:05:32.0226 6056 sppuinotify - ok
17:05:32.0296 6056 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
17:05:32.0366 6056 srv - ok
17:05:32.0406 6056 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
17:05:32.0416 6056 srv2 - ok
17:05:32.0436 6056 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
17:05:32.0446 6056 srvnet - ok
17:05:32.0476 6056 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
17:05:32.0516 6056 SSDPSRV - ok
17:05:32.0556 6056 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
17:05:32.0566 6056 SSPORT ( UnsignedFile.Multi.Generic ) - warning
17:05:32.0566 6056 SSPORT - detected UnsignedFile.Multi.Generic (1)
17:05:32.0576 6056 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
17:05:32.0596 6056 SstpSvc - ok
17:05:32.0616 6056 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
17:05:32.0626 6056 stexstor - ok
17:05:32.0686 6056 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
17:05:32.0716 6056 StiSvc - ok
17:05:32.0736 6056 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
17:05:32.0746 6056 storflt - ok
17:05:32.0776 6056 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
17:05:32.0806 6056 StorSvc - ok
17:05:32.0816 6056 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
17:05:32.0826 6056 storvsc - ok
17:05:32.0846 6056 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
17:05:32.0856 6056 swenum - ok
17:05:32.0896 6056 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
17:05:32.0936 6056 swprv - ok
17:05:33.0016 6056 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
17:05:33.0046 6056 SysMain - ok
17:05:33.0056 6056 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
17:05:33.0086 6056 TabletInputService - ok
17:05:33.0106 6056 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
17:05:33.0136 6056 TapiSrv - ok
17:05:33.0156 6056 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
17:05:33.0196 6056 TBS - ok
17:05:33.0316 6056 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
17:05:33.0346 6056 Tcpip - ok
17:05:33.0366 6056 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
17:05:33.0386 6056 TCPIP6 - ok
17:05:33.0416 6056 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
17:05:33.0436 6056 tcpipreg - ok
17:05:33.0456 6056 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
17:05:33.0496 6056 TDPIPE - ok
17:05:33.0576 6056 tdrpman (603d59923828c6c213b84b14cbf32083) C:\Windows\system32\DRIVERS\tdrpman.sys
17:05:33.0596 6056 tdrpman - ok
17:05:33.0636 6056 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
17:05:33.0646 6056 TDTCP - ok
17:05:33.0656 6056 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
17:05:33.0676 6056 tdx - ok
17:05:33.0686 6056 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
17:05:33.0696 6056 TermDD - ok
17:05:33.0756 6056 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
17:05:33.0786 6056 TermService - ok
17:05:33.0806 6056 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
17:05:33.0826 6056 Themes - ok
17:05:33.0856 6056 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
17:05:33.0876 6056 THREADORDER - ok
17:05:33.0916 6056 tifsfilter (a59f3bbe6bd3c20f8ffb0b62cff54cc6) C:\Windows\system32\DRIVERS\tifsfilt.sys
17:05:33.0926 6056 tifsfilter - ok
17:05:33.0956 6056 timounter (e30af40ba4e54a6f4c2674b96e727605) C:\Windows\system32\DRIVERS\timntr.sys
17:05:33.0976 6056 timounter - ok
17:05:33.0996 6056 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
17:05:34.0036 6056 TrkWks - ok
17:05:34.0096 6056 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
17:05:34.0116 6056 TrustedInstaller - ok
17:05:34.0426 6056 TryAndDecideService (7c9159a4647ac97cfa106bfb38789fb8) C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
17:05:34.0436 6056 TryAndDecideService - ok
17:05:34.0476 6056 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:05:34.0496 6056 tssecsrv - ok
17:05:34.0506 6056 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
17:05:34.0536 6056 TsUsbFlt - ok
17:05:34.0546 6056 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
17:05:34.0556 6056 TsUsbGD - ok
17:05:34.0586 6056 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
17:05:34.0626 6056 tunnel - ok
17:05:34.0636 6056 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
17:05:34.0646 6056 uagp35 - ok
17:05:34.0666 6056 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
17:05:34.0716 6056 udfs - ok
17:05:34.0806 6056 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
17:05:34.0846 6056 UI0Detect - ok
17:05:34.0866 6056 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
17:05:34.0876 6056 uliagpkx - ok
17:05:34.0886 6056 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
17:05:34.0896 6056 umbus - ok
17:05:34.0906 6056 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
17:05:34.0926 6056 UmPass - ok
17:05:34.0966 6056 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
17:05:34.0986 6056 UmRdpService - ok
17:05:35.0016 6056 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
17:05:35.0056 6056 upnphost - ok
17:05:35.0086 6056 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
17:05:35.0106 6056 usbccgp - ok
17:05:35.0116 6056 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
17:05:35.0136 6056 usbcir - ok
17:05:35.0156 6056 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
17:05:35.0166 6056 usbehci - ok
17:05:35.0196 6056 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
17:05:35.0216 6056 usbhub - ok
17:05:35.0226 6056 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
17:05:35.0236 6056 usbohci - ok
17:05:35.0256 6056 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
17:05:35.0276 6056 usbprint - ok
17:05:35.0306 6056 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:05:35.0336 6056 USBSTOR - ok
17:05:35.0356 6056 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
17:05:35.0376 6056 usbuhci - ok
17:05:35.0396 6056 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
17:05:35.0426 6056 UxSms - ok
17:05:35.0456 6056 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
17:05:35.0466 6056 VaultSvc - ok
17:05:35.0486 6056 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
17:05:35.0496 6056 vdrvroot - ok
17:05:35.0536 6056 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
17:05:35.0576 6056 vds - ok
17:05:35.0586 6056 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
17:05:35.0606 6056 vga - ok
17:05:35.0626 6056 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
17:05:35.0646 6056 VgaSave - ok
17:05:35.0656 6056 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
17:05:35.0666 6056 vhdmp - ok
17:05:35.0686 6056 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
17:05:35.0696 6056 viaagp - ok
17:05:35.0696 6056 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
17:05:35.0716 6056 ViaC7 - ok
17:05:35.0716 6056 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
17:05:35.0726 6056 viaide - ok
17:05:35.0766 6056 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
17:05:35.0776 6056 vmbus - ok
17:05:35.0786 6056 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
17:05:35.0806 6056 VMBusHID - ok
17:05:35.0816 6056 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
17:05:35.0826 6056 volmgr - ok
17:05:35.0846 6056 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
17:05:35.0856 6056 volmgrx - ok
17:05:35.0876 6056 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
17:05:35.0886 6056 volsnap - ok
17:05:35.0936 6056 vpcbus (33e74df34753fcaab06f6f2bdc8cabf5) C:\Windows\system32\DRIVERS\vpchbus.sys
17:05:35.0956 6056 vpcbus - ok
17:05:35.0976 6056 vpcnfltr (5f04362ceb5fb5901037e9d9eadd3760) C:\Windows\system32\DRIVERS\vpcnfltr.sys
17:05:35.0986 6056 vpcnfltr - ok
17:05:36.0006 6056 vpcusb (625088d6ee9ede977fd03cf18d1cd5c5) C:\Windows\system32\DRIVERS\vpcusb.sys
17:05:36.0026 6056 vpcusb - ok
17:05:36.0056 6056 vpcuxd (f49c0d1f8dae860ee47e5f34ac0f6008) C:\Windows\system32\DRIVERS\vpcuxd.sys
17:05:36.0066 6056 vpcuxd - ok
17:05:36.0106 6056 vpcvmm (5ed378d91e32134f3c0b3810860ffd71) C:\Windows\system32\drivers\vpcvmm.sys
17:05:36.0116 6056 vpcvmm - ok
17:05:36.0176 6056 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
17:05:36.0216 6056 vsmraid - ok
17:05:36.0306 6056 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
17:05:36.0346 6056 VSS - ok
17:05:36.0356 6056 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
17:05:36.0386 6056 vwifibus - ok
17:05:36.0406 6056 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
17:05:36.0436 6056 W32Time - ok
17:05:36.0446 6056 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
17:05:36.0476 6056 WacomPen - ok
17:05:36.0486 6056 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
17:05:36.0516 6056 WANARP - ok
17:05:36.0516 6056 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
17:05:36.0536 6056 Wanarpv6 - ok
17:05:36.0606 6056 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
17:05:36.0656 6056 wbengine - ok
17:05:36.0686 6056 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
17:05:36.0706 6056 WbioSrvc - ok
17:05:36.0726 6056 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
17:05:36.0746 6056 wcncsvc - ok
17:05:36.0756 6056 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
17:05:36.0796 6056 WcsPlugInService - ok
17:05:36.0836 6056 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
17:05:36.0866 6056 Wd - ok
17:05:36.0906 6056 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
17:05:36.0926 6056 Wdf01000 - ok
17:05:36.0936 6056 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
17:05:37.0006 6056 WdiServiceHost - ok
17:05:37.0006 6056 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
17:05:37.0036 6056 WdiSystemHost - ok
17:05:37.0056 6056 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
17:05:37.0086 6056 WebClient - ok
17:05:37.0106 6056 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
17:05:37.0126 6056 Wecsvc - ok
17:05:37.0136 6056 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
17:05:37.0156 6056 wercplsupport - ok
17:05:37.0176 6056 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
17:05:37.0196 6056 WerSvc - ok
17:05:37.0226 6056 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
17:05:37.0246 6056 WfpLwf - ok
17:05:37.0266 6056 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
17:05:37.0276 6056 WIMMount - ok
17:05:37.0396 6056 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
17:05:37.0476 6056 WinDefend - ok
17:05:37.0486 6056 WinHttpAutoProxySvc - ok
17:05:37.0526 6056 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
17:05:37.0556 6056 Winmgmt - ok
17:05:37.0646 6056 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
17:05:37.0686 6056 WinRM - ok
17:05:37.0786 6056 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
17:05:37.0846 6056 WinUsb - ok
17:05:37.0926 6056 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
17:05:37.0986 6056 Wlansvc - ok
17:05:37.0996 6056 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:05:38.0006 6056 WmiAcpi - ok
17:05:38.0056 6056 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
17:05:38.0076 6056 wmiApSrv - ok
17:05:38.0196 6056 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
17:05:38.0226 6056 WMPNetworkSvc - ok
17:05:38.0246 6056 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
17:05:38.0276 6056 WPCSvc - ok
17:05:38.0296 6056 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
17:05:38.0316 6056 WPDBusEnum - ok
17:05:38.0366 6056 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
17:05:38.0396 6056 ws2ifsl - ok
17:05:38.0416 6056 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
17:05:38.0436 6056 wscsvc - ok
17:05:38.0436 6056 WSearch - ok
17:05:38.0576 6056 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
17:05:38.0606 6056 wuauserv - ok
17:05:38.0706 6056 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
17:05:38.0736 6056 WudfPf - ok
17:05:38.0766 6056 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:05:38.0796 6056 WUDFRd - ok
17:05:38.0826 6056 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
17:05:38.0846 6056 wudfsvc - ok
17:05:38.0876 6056 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
17:05:38.0896 6056 WwanSvc - ok
17:05:38.0926 6056 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:05:39.0226 6056 \Device\Harddisk0\DR0 - ok
17:05:39.0226 6056 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
17:05:39.0286 6056 \Device\Harddisk1\DR1 - ok
17:05:39.0286 6056 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
17:05:39.0826 6056 \Device\Harddisk2\DR2 - ok
17:05:39.0826 6056 Boot (0x1200) (5a1682464ffc92c36dea0e3b7809d2f6) \Device\Harddisk0\DR0\Partition0
17:05:39.0826 6056 \Device\Harddisk0\DR0\Partition0 - ok
17:05:39.0846 6056 Boot (0x1200) (a5106112735d12246b470af96a0b04c2) \Device\Harddisk0\DR0\Partition1
17:05:39.0846 6056 \Device\Harddisk0\DR0\Partition1 - ok
17:05:39.0856 6056 Boot (0x1200) (a40262ee67653eecd6558470b067b71f) \Device\Harddisk1\DR1\Partition0
17:05:39.0856 6056 \Device\Harddisk1\DR1\Partition0 - ok
17:05:39.0856 6056 Boot (0x1200) (1b37b24f8c287ada12226d547ae4ccce) \Device\Harddisk1\DR1\Partition1
17:05:39.0856 6056 \Device\Harddisk1\DR1\Partition1 - ok
17:05:39.0866 6056 Boot (0x1200) (ddde293d8e4e2b992bdb4a282a95f89d) \Device\Harddisk2\DR2\Partition0
17:05:39.0866 6056 \Device\Harddisk2\DR2\Partition0 - ok
17:05:39.0866 6056 ============================================================
17:05:39.0866 6056 Scan finished
17:05:39.0866 6056 ============================================================
17:05:39.0876 4448 Detected object count: 1
17:05:39.0876 4448 Actual detected object count: 1
17:06:55.0726 4448 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
17:06:55.0726 4448 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
Gruß Ingo Geändert von cosinus (08.08.2012 um 18:14 Uhr) Grund: CODE-Tags |
|
08.08.2012, 18:13
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | my start incredibar lässt sich nicht entfernen Poste bitte alle folgenden Logs in CODE-Tags! Die Stränge werden sonst unnötig lang und tw. sind Logs verfälscht wenn sie nicht in CODE-Tags stehen!
__________________Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
09.08.2012, 18:43
| #19 |
| | my start incredibar lässt sich nicht entfernen Hallo hier der Log: Code:
ATTFilter ComboFix 12-08-09.01 - IG 09.08.2012 19:29:22.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3327.2430 [GMT 2:00]
ausgeführt von:: d:\ig\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\IG\4.0
c:\windows\unin0407.exe
E:\setup.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-09 bis 2012-08-09 ))))))))))))))))))))))))))))))
.
.
2012-08-09 17:34 . 2012-08-09 17:34 -------- d-----w- c:\users\IG\AppData\Local\temp
2012-08-09 17:34 . 2012-08-09 17:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-07 16:32 . 2012-08-07 16:32 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CA90247-FA50-4948-A23F-4E174CC881AF}\offreg.dll
2012-08-07 14:59 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CA90247-FA50-4948-A23F-4E174CC881AF}\mpengine.dll
2012-07-31 14:40 . 2012-07-31 14:40 -------- d-----w- c:\program files\ESET
2012-07-30 15:18 . 2012-07-30 15:18 -------- d-----w- c:\users\IG\AppData\Roaming\Apple Computer
2012-07-29 17:08 . 2012-07-29 17:08 -------- d-----w- c:\users\IG\AppData\Roaming\Malwarebytes
2012-07-29 17:08 . 2012-07-29 17:08 -------- d-----w- c:\programdata\Malwarebytes
2012-07-29 16:51 . 2012-07-29 16:51 -------- d-----w- c:\program files\FilesFrog Update Checker
2012-07-29 16:47 . 2012-07-29 16:47 -------- d-----w- c:\users\IG\AppData\Local\Apple Computer
2012-07-29 16:44 . 2012-07-29 16:44 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2012-07-29 16:44 . 2012-07-29 16:44 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2012-07-29 16:44 . 2012-07-29 16:44 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2012-07-29 16:44 . 2012-07-29 16:44 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2012-07-29 16:44 . 2012-07-29 16:44 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2012-07-29 16:44 . 2012-07-29 16:44 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2012-07-29 16:44 . 2012-07-29 16:44 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2012-07-29 16:44 . 2012-07-29 16:44 -------- d-----w- c:\program files\QuickTime
2012-07-29 16:44 . 2012-07-29 16:44 -------- d-----w- c:\programdata\Apple Computer
2012-07-29 16:42 . 2012-07-29 16:42 -------- d-----w- c:\program files\Common Files\Apple
2012-07-29 16:42 . 2012-07-29 16:42 -------- d-----w- c:\users\IG\AppData\Local\Apple
2012-07-29 16:42 . 2012-07-29 16:42 -------- d-----w- c:\programdata\Apple
2012-07-29 16:42 . 2012-07-29 16:42 -------- d-----w- c:\program files\Apple Software Update
2012-07-11 11:05 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 17:27 . 2012-04-03 06:21 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-03 17:27 . 2011-10-20 09:37 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 22:19 . 2012-06-19 16:26 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 16:26 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 16:25 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 16:25 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-19 16:26 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-19 16:26 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-19 16:25 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-19 16:25 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-19 16:25 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2011-10-20 10:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-24 17:37 . 2011-10-20 09:36 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SDP"="c:\program files\FilesFrog Update Checker\update_checker.exe" [2012-05-31 200784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 98304]
"t4pli"="c:\program files\G DATA Power PDF 2006\t4pli.exe" [2005-07-12 613376]
"PowerPDF 2006 printing agent"="c:\program files\G DATA Power PDF 2006\pp6agent.exe" [2005-11-30 65536]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-05-07 344736]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe" [2003-11-27 733184]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-08-31 2622232]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-08-31 907040]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-08-31 140568]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
USB 2.0 Peripheral Switch Utility.lnk - c:\program files\US221A_US421A\USB 2.0 Peripheral Switch\USwitch.exe [2012-3-28 126976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AsrCDDrv;AsrCDDrv;c:\windows\system32\Drivers\AsrCDDrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 vpcuxd;USB-Virtualisierungsstubdienst;c:\windows\system32\DRIVERS\vpcuxd.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 17:27]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
IE: Hinzufügen zu Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\IG\AppData\Roaming\Mozilla\Firefox\Profiles\mi3ljv83.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
.
.
------- Dateityp-Verknüpfung -------
.
.scr=AutoCADLTScriptFile
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Sony PC Companion - c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
AddRemove-AutoCAD LT 2000 - Deutsch Deinstaller - c:\windows\unin0407.exe
AddRemove-Volo View Express - c:\windows\unin0407.exe
.
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7601 Disk: WDC_WD16 rev.01.0 -> Harddisk0\DR0 -> \Device\00000059
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(812)
c:\windows\system32\relog_ap.DLL
.
Zeit der Fertigstellung: 2012-08-09 19:36:18
ComboFix-quarantined-files.txt 2012-08-09 17:36
.
Vor Suchlauf: 6 Verzeichnis(se), 129.369.870.336 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 129.127.862.272 Bytes frei
.
- - End Of File - - EE18E0C5C99D10603F815C53B04E1BFC
Schöne Grüße Ingo |
|
10.08.2012, 21:05
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | my start incredibar lässt sich nicht entfernen Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.08.2012, 07:57
| #21 |
| | my start incredibar lässt sich nicht entfernen So, hier die Scan`s: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-13 08:06:04
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\0000005a WDC_WD16 rev.01.0
Running: nuofoiof.exe; Driver: C:\Users\IG\AppData\Local\Temp\pxldrpoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x9162A992]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x9162C3FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x9162C674]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x9162C8E6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x9162B2AA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x9162BA52]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x9162BE4E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x9162B4C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x9162BD34]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x9162A582]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x9162BC08]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x9162A72A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x9162BF6E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x9162AF32]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x9162B030]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x9162BC9E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x9162D596]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x9162E716]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x9162B694]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x9162D688]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x9162DD62]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x9162BEE4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x9162B336]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x9162BDC4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x9162ABDC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x9162DAFC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x9162C004]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x9162AAD0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x9162CB30]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x9162E09C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x9162D98E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x9162C368]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x9162C22E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x9162D330]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x9162E5B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x9162B79C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x9162B14C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x9162CBD2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x9162D790]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x9162E1EC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x9162E2DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x9162E418]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x9162D4BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x9162AD7C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x9162ACD2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x9162DF40]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x9162AE68]
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82C553C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C8ED52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 82C95D8C 4 Bytes [92, A9, 62, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 82C95DB4 8 Bytes [FA, C3, 62, 91, 74, C6, 62, ...] {CLI ; RET ; BOUND EDX, [ECX-0x6e9d398c]}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1143 82C95DF8 4 Bytes [E6, C8, 62, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 116F 82C95E24 4 Bytes [AA, B2, 62, 91] {STOSB ; MOV DL, 0x62; XCHG ECX, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1193 82C95E48 4 Bytes [52, BA, 62, 91]
.text ...
.text C:\Windows\system32\DRIVERS\atipmdag.sys section is writeable [0x92A39000, 0x2E7C78, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] C:\Windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] USER32.dll!NotifyWinEvent + 6AE 7719D66C 4 Bytes [70, 11, 46, 6C] {JO 0x13; INC ESI; INSB }
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] C:\Windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] USER32.dll!NotifyWinEvent + 6AE 7719D66C 4 Bytes [70, 11, 46, 6C] {JO 0x13; INC ESI; INSB }
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 003D0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 003D02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 003D0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 003D0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 003D0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 003D0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 003D0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 003D0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 76C90D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 76C90DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 003D0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 76C90E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 76C90E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 76C90EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] 76C90F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00EA0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00EA0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00EA00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00EA0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00EA01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 003D0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 003D0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00EA0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00EA02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00EA0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00EA0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00EA0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00EA0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetModuleHandleA] 00EA04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 003D0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 777D05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 777D0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 777D0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00EA07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00EA0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00EA08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00EA0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00EA09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00EA0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00EA0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 777D08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] 00EA0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00EA0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 00EA0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 777D0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 777D0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 003E00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00EB0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00EB04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00EB0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 003E0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 003E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00EB05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00EB0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 00EB06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 00EB0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00EB0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00EB07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00EB0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00EB08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00EB0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00EB09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00EB0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 003E0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 003E0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!HeapFree] 003E0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleW] 00EC0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 003E0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00EC09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 00EC0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 00EC0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 00EC0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 00EC0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 00EC0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 00EC0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 006404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00640550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 006405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00EF0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00EF0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 777D0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 777D0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 777D0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 777D0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlFreeHeap] 777D0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlAllocateHeap] 777D0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!HeapFree] 777D02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] 76C904E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76C905C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] 76C90470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 76C90320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] 76C90390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 76C900F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameW] 76C901D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleHandleW] 76C902B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameA] 76C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!CreateThread] 777D01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleHandleA] 76C90240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryExA] 76C90400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 76C900F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 76C902B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 76C90320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76C905C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00230240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 002302B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00230320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00230390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00230A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00230B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00230B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00230BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 76C90D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 76C90DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 00230C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 76C90E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 76C90E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 76C90EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] 76C90F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01920010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 01920080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 019200F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 01920160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 019201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00230CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00230D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01920240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 019202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 01920320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 01920390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 01920400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 01920470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetModuleHandleA] 019204E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00230F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 777D05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 777D0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 777D0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 019207F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 01920860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 019208D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 01920940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 019209B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 01920A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 01920A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 777D08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] 01920B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01920B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 01920BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 777D0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 777D0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 002400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 01930470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 019304E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01930550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00240160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 00240240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 019305C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01930630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 019306A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01930710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01930780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 019307F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 01930860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 019308D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 01930940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 019309B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01930A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 00240A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 00240A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!HeapFree] 00240BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleW] 01940940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 00240C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 019409B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01940A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 01940A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 01940B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 01940B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01940BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 01940C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 002604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00260550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 002605C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 01970010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 01970080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 777D0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 777D0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlFreeHeap] 777D0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlAllocateHeap] 777D0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!HeapFree] 777D02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 76C904E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76C905C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 76C90470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 76C90320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 76C90390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 76C900F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 76C901D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 76C902B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 76C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateThread] 777D01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 76C90240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryExA] 76C90400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 76C900F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 76C902B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 76C90320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76C905C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\iphlpapi.DLL [ntdll.dll!RtlFreeHeap] 777D0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[2604] @ C:\Windows\system32\iphlpapi.DLL [ntdll.dll!RtlAllocateHeap] 777D0010
---- Devices - GMER 1.0.15 ----
Device \Driver\ACPI_HAL \Device\00000051 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 08:24:36 on 13.08.2012 OS: Windows 7 Service Pack 1 (Build 7601), 32-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Kaspersky Lab ZAO" - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "plotman.cpl" - "Autodesk, Inc." - C:\Windows\system32\plotman.cpl "styleman.cpl" - "Autodesk, Inc." - C:\Windows\system32\styleman.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Acronis Snapshots Manager" (snapman) - "Acronis" - C:\Windows\System32\DRIVERS\snapman.sys "Acronis True Image Backup Archive Explorer" (timounter) - "Acronis" - C:\Windows\System32\DRIVERS\timntr.sys "Acronis True Image FS Filter" (tifsfilter) - "Acronis" - C:\Windows\System32\DRIVERS\tifsfilt.sys "Acronis Try&Decide and Restore Points filter" (tdrpman) - "Acronis" - C:\Windows\System32\DRIVERS\tdrpman.sys "AsrCDDrv" (AsrCDDrv) - ? - C:\Windows\system32\Drivers\AsrCDDrv.sys (File not found) "catchme" (catchme) - ? - C:\Users\IG\AppData\Local\Temp\catchme.sys (File not found) "pxldrpoc" (pxldrpoc) - ? - C:\Users\IG\AppData\Local\Temp\pxldrpoc.sys (Hidden registry entry, rootkit activity | File not found) "SSPORT" (SSPORT) - "Samsung Electronics" - C:\Windows\system32\Drivers\SSPORT.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - C:\Program Files\Acronis\TrueImageHome\tishell.dll {C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Extension" - "Acronis" - C:\Program Files\Acronis\TrueImageHome\tishell.dll {CDB89701-262F-11D1-AB9C-00C0F00683EB} "Corel Media Find Folder" - ? - (File not found | COM-object registry key not found) {854AF161-1AE1-11D1-AB9B-00C0F00683EB} "Corel Media Folder" - ? - (File not found | COM-object registry key not found) {E856F161-1AE5-11d1-AB9B-00C0F00683EB} "Corel Media Folder" - ? - (File not found | COM-object registry key not found) {F8152501-455F-11D1-B1E6-444553540000} "Corel Media Folder Copy Hook Handler" - ? - (File not found | COM-object registry key not found) {0A082D00-EC93-11D0-B1E6-80580BC10627} "Corel Media Folder Root Menu Handler" - ? - (File not found | COM-object registry key not found) {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll {0FBF99C1-4127-11D1-B1E6-C17E96D9180A} "Folder To Corel Media Folder Menu Handler" - ? - (File not found | COM-object registry key not found) {8E524B0D-04F0-11D1-B74A-00A0C90646A4} "IconFactTemp.NSIconHandlerFactory" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\OFFICE11\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {A2AC368A-F883-11D0-B745-00A0C90646A4} "NSFiltManDll.FiltManCom" - ? - (File not found | COM-object registry key not found) {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\OFFICE11\OLKFSTUB.DLL {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {B63FCD5A-2396-11D1-B762-00A0C90646A4} "{B63FCD5A-2396-11D1-B762-00A0C90646A4}" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {4248FE82-7FCB-46AC-B270-339F08212110} "&Virtuelle Tastatur" - "Kaspersky Lab ZAO" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll {CCF151D8-D089-449F-A5A4-D9909053F20F} "Li&nks untersuchen" - "Kaspersky Lab ZAO" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {E33CF602-D945-461A-83F0-819F76A199F8} "FilterBHO Class" - "Kaspersky Lab ZAO" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} "IEVkbdBHO Class" - "Kaspersky Lab ZAO" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Authentication packages" - "Acronis" - C:\Windows\system32\relog_ap.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\IG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "USB 2.0 Peripheral Switch Utility.lnk" - ? - C:\Program Files\US221A_US421A\USB 2.0 Peripheral Switch\USwitch.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "SDP" - "Somoto" - C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Acronis Scheduler2 Service" - "Acronis" - "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" "AcronisTimounterMonitor" - "Acronis" - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "AVP" - "Kaspersky Lab ZAO" - "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" "CorelDRAW Graphics Suite 11b" - "Corel Corporation" - C:\Program Files\Corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=110411 serial=dr12wrx-0548229-ppr lang=DE "PowerPDF 2006 printing agent" - ? - "C:\Program Files\G DATA Power PDF 2006\pp6agent.exe" "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "t4pli" - ? - C:\Program Files\G DATA Power PDF 2006\t4pli.exe (File found, but it contains no detailed information) "TrueImageMonitor.exe" - "Acronis" - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll "SST3C Langmon" - ? - C:\Windows\system32\sst3cl3.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe "Acronis Try And Decide Service" (TryAndDecideService) - ? - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe (File found, but it contains no detailed information) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Kaspersky Anti-Virus Service" (AVP) - "Kaspersky Lab ZAO" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Sony PC Companion" (Sony PC Companion) - "Avanquest Software" - C:\Program Files\Sony\Sony PC Companion\PCCService.exe [Winlogon] -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "klogon" - "Kaspersky Lab ZAO" - C:\Windows\system32\klogon.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-13 08:28:28
-----------------------------
08:28:28.813 OS Version: Windows 6.1.7601 Service Pack 1
08:28:28.813 Number of processors: 2 586 0x603
08:28:28.813 ComputerName: IG-PC UserName: IG
08:28:30.514 Initialize success
08:29:37.336 AVAST engine defs: 12081201
08:29:55.354 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005a
08:29:55.369 Disk 0 Vendor: WDC_WD16 01.0 Size: 152627MB BusType: 11
08:29:55.369 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000005b
08:29:55.369 Disk 1 Vendor: SAMSUNG_ 1AJ1 Size: 476940MB BusType: 11
08:29:55.416 Disk 0 MBR read successfully
08:29:55.416 Disk 0 MBR scan
08:29:55.416 Disk 0 Windows 7 default MBR code
08:29:55.416 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:29:55.432 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152525 MB offset 206848
08:29:55.447 Disk 0 scanning sectors +312578048
08:29:55.541 Disk 0 scanning C:\Windows\system32\drivers
08:30:11.219 Service scanning
08:30:17.350 Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
08:30:17.927 Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
08:30:18.021 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
08:30:18.036 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
08:30:27.350 Modules scanning
08:30:33.855 Disk 0 trace - called modules:
08:30:33.870 ntkrnlpa.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys halmacpi.dll amdsata.sys
08:30:33.870 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85e5f030]
08:30:33.870 3 CLASSPNP.SYS[8cb7959e] -> nt!IofCallDriver -> [0x864304d8]
08:30:33.886 5 amdxata.sys[8c0017b6] -> nt!IofCallDriver -> \Device\0000005a[0x8642c030]
08:30:35.243 AVAST engine scan C:\Windows
08:30:38.270 AVAST engine scan C:\Windows\system32
08:32:38.062 AVAST engine scan C:\Windows\system32\drivers
08:32:47.656 AVAST engine scan C:\Users\IG
08:35:05.046 AVAST engine scan C:\ProgramData
08:39:24.256 Scan finished successfully
08:48:44.156 Disk 0 MBR has been saved successfully to "D:\IG\Desktop\MBR.dat"
08:48:44.172 The log file has been saved successfully to "D:\IG\Desktop\aswMBR.txt"
Schöne Grüße Ingo |
|
13.08.2012, 17:33
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | my start incredibar lässt sich nicht entfernen Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.08.2012, 09:19
| #23 |
| | my start incredibar lässt sich nicht entfernen Hier die Scann`s: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.15.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 IG :: IG-PC [Administrator] 15.08.2012 08:04:53 mbam-log-2012-08-15 (08-04-53).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 293517 Laufzeit: 33 Minute(n), 20 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 08/15/2012 at 09:53 AM
Application Version : 5.5.1012
Core Rules Database Version : 9059
Trace Rules Database Version: 6871
Scan type : Complete Scan
Total Scan Time : 00:51:07
Operating System Information
Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 744
Memory threats detected : 0
Registry items scanned : 35507
Registry threats detected : 0
File items scanned : 109697
File threats detected : 221
Adware.Tracking Cookie
.revsci.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.imagesrv.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.imagesrv.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.imagesrv.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a4.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a4.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a4.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads.crakmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ads2.zeusclicks.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.cdn.zeusclicks.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.cdn.zeusclicks.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.cdn.zeusclicks.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.enoratraffic.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a2.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a2.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a2.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ad4.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ad4.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ad4.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.geobanner.adultfriendfinder.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.geobanner.adultfriendfinder.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.geobanner.adultfriendfinder.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a5.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a5.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a5.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads2.contentabc.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads2.contentabc.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads2.contentabc.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.syndication.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.syndication.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.syndication.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads.rambomedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads.rambomedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ads.rambomedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a3.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a3.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a3.mediagra.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.custom.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.custom.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.custom.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ads.crakmedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
adserver.adworxs.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.syndication.traffichaus.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.syndication.traffichaus.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.syndication.traffichaus.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
api.zanox.ws [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
tracking.metalyzer.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.cunda.122.2o7.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\IG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MI3LJV83.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-Bancos
C:\PROGRAM FILES\G DATA POWER PDF 2006\UPDFEXCEL.DLL
C:\PROGRAM FILES\G DATA POWER PDF 2006\UPDFWORD.DLL
Ingo |
|
15.08.2012, 19:45
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | my start incredibar lässt sich nicht entfernenCode:
ATTFilter Trojan.Agent/Gen-Bancos
C:\PROGRAM FILES\G DATA POWER PDF 2006\UPDFEXCEL.DLL
C:\PROGRAM FILES\G DATA POWER PDF 2006\UPDFWORD.DLL
Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.08.2012, 06:53
| #25 |
| | my start incredibar lässt sich nicht entfernen Erstmal tausend Dank für Deine tolle Hilfe!  Werde mich auf alle Fälle erkenntlich zeigen!Wegen der Cookies werde ich mir mal MVPS Hosts File ansehen! Der Rechner läuft wieder ganz normal, bis auf die Meldung von Kaspersky: Code:
ATTFilter Gefunden (3)
30.07.2012 17:38:39 Gefunden legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen HiddenObject.Multi.Generic C:\ProgramData\Kaspersky Lab\AVP11\Bases\Cache\kavbase_00000004.lck_000000dc Mittel
16.08.2012 07:38:35 Gefunden legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen HiddenObject.Multi.Generic C:\ProgramData\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\general\bases\apu\emu\emu-0607g.krg Mittel
16.08.2012 07:38:35 Gefunden legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen HiddenObject.Multi.Generic C:\ProgramData\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\general\bases\apu\emu\emu-0607g.xml Mittel
Die ganzen Programme die ich wegen meinem Problem installiert habe kann ich ja wieder deinstallieren oder? Nochmals vielen Dank Ingo |
|
16.08.2012, 10:36
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | my start incredibar lässt sich nicht entfernen Was machst Kaspersky denn da, der findet Sachen in seinem eigenen Ordner!  Ignoriere diese Meldungen Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.08.2012, 06:47
| #27 |
| | my start incredibar lässt sich nicht entfernen Danke Arne, für Deine Hilfe. Ich werde mich an Deine Ratschläge halten. Ein kleines Dankeschön ist unterwegs. Schöne Grüße Ingo |
|
| Themen zu my start incredibar lässt sich nicht entfernen |
| administrator, aktion, anti-malware, autostart, bösartige, dateien, entferne, entfernen, explorer, gen, hoffe, liebe, lässt sich nicht entfernen, malwarebytes, minute, player, pup.bundleinstaller.bi, recycle.bin, registrierung, scan, seite, service, speicher, start, startseite, test, troja, version |
Linear-Darstellung
