Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Facebookvirus / Masterbootsektor-Virus--> entfernen (https://www.trojaner-board.de/104444-facebookvirus-masterbootsektor-virus-entfernen.html)

SEnES 24.10.2011 11:02
Facebookvirus / Masterbootsektor-Virus--> entfernen
 
Hallo,
ich habe ein riesen Problem mit einem Facebookvirus.
ich habe versucht mittels der Syste-Wiederherstellungs-CD den Rechner in den Werkszustand zu setzen, - gelingt aber nciht, weil sich das Virus automatisch wieder selber feststetzt
einen möglichen Weg diesen zu bekämpfen fand ich bei TrojanaBoard in einen Thread:

http://www.trojaner-board.de/103610-...oo-tdss-d.html

dieser motivierte mich hier anzumelden da sein Problem gelöst werden konnte da ich die identischen Symptome habe.

ich habe einen Packard Bell- Rechner

Problem:

--> nach klicken auf einen Facebook link at sich ein Virus auf meinem Rechner installiert. Dieser bringt immer zu unterschiedlichsten Zeitpunkten den kompletten Rechner für 5 sekunden zum Stillstand. Danach funktioniert das Internet nicht mehr. Zudem werden ich auf andere Internetseiten weitergeleitet als angeklickt.

Antivirus zeigt bei jedem Start 3 mal den gleichen Virus an:

-->Die Datei 'Masterbootsektor HD0'
enthielt einen Virus oder unerwünschtes Programm 'BOO/TDss.M' [virus].
Durchgeführte Aktion(en):
Enthält Code des Bootsektorvirus BOO/TDss.M.<--
dann klicke ich auf ENTFERNEN, aber nichts passiert das System wird kontrolliert und die Meldung kommt erneut beim nächsten Start des Laptos.

Nun ist meine Hoffnung hier einen Weg zu finden der mich bei meinem Problem unterstüzt.

bereits ausgeführe Checkliste :
im Anhang

cosinus 24.10.2011 11:26
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


SEnES 27.10.2011 19:14
Entschuldige Bitte, dass ich erst so spät antworte, aber mir fehlte einfach die Zeit und mein Internet stürtzte ständig ab.

NUn die beiden logs
Malwarebytes:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8011

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

24.10.2011 19:16:58
mbam-log-2011-10-24 (19-16-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 278496
Laufzeit: 1 Stunde(n), 10 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Windows\Temp\yylfer\setup.exe (Trojan.Agent) -> No action taken.
_________________________________________________________________

und der Eset Log:

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c4dcc33751c0e747976b8ba189e5d6b3
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-27 05:57:40
# local_time=2011-10-27 07:57:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 1467375 1467375 0 0
# compatibility_mode=5892 16776573 100 100 610 157264460 0 0
# compatibility_mode=8192 67108863 100 0 255086 255086 0 0
# scanned=131073
# found=5
# cleaned=0
# scan_time=6528
C:\Users\Rene\Downloads\trojan-killer-2109-setup.exe.part a variant of Win32/1AntiVirus application (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MFCK7VF\32467[1].pdf JS/Exploit.Pdfka.PEV trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MFCK7VF\forum[1].htm JS/Kryptik.CZ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MGJWVPV\264c3[1].pdf JS/Exploit.Pdfka.PEV trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MGJWVPV\main[1].htm JS/Kryptik.CZ trojan (unable to clean) 00000000000000000000000000000000 I

cosinus 27.10.2011 19:35
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
SRV - File not found [Auto | Stopped] --  -- (Norton Internet Security)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=1011&m=easynote_tj65
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=1011&m=easynote_tj65
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=1011&m=easynote_tj65
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=1011&m=easynote_tj65
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Files
C:\Users\Rene\Downloads\trojan-killer-2109-setup.exe.part
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

SEnES 28.10.2011 07:12
OTL-Scan :

All processes killed
========== OTL ==========
Service Norton Internet Security stopped successfully!
Service Norton Internet Security deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
========== FILES ==========
C:\Users\Rene\Downloads\trojan-killer-2109-setup.exe.part moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YBJNSII4 folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RMNTMFOY folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3JQPTYY folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\INZHGJM9 folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F7D6P095 folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EC2RPE0R folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E2YXGXC0 folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A29EF5U0 folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4MHU7OEZ folder moved successfully.
Folder move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4B9KUS0N scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MGJWVPV scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MFCK7VF scheduled to be moved on reboot.
Folder move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Rene
->Temp folder emptied: 27907256 bytes
->Temporary Internet Files folder emptied: 75582730 bytes
->Java cache emptied: 3460640 bytes
->FireFox cache emptied: 301474199 bytes
->Flash cache emptied: 3063 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 107261905 bytes
RecycleBin emptied: 64934 bytes

Total Files Cleaned = 492,00 mb

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 10282011_080318

Files\Folders moved on Reboot...
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4B9KUS0N folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MGJWVPV folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MFCK7VF folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YBJNSII4 folder moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 folder moved successfully.

Registry entries deleted on Reboot...


--> jetzt Piept Antivir wieder nur noch 2 mal beim Start. Aber die Masterboot sektor Virus-Warnung von Antivire bleibt.
lg Senes

cosinus 28.10.2011 10:36
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

SEnES 28.10.2011 16:50
17:47:00.0873 5048 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
17:47:01.0351 5048 ============================================================
17:47:01.0351 5048 Current date / time: 2011/10/28 17:47:01.0351
17:47:01.0351 5048 SystemInfo:
17:47:01.0351 5048
17:47:01.0351 5048 OS Version: 6.0.6002 ServicePack: 2.0
17:47:01.0351 5048 Product type: Workstation
17:47:01.0351 5048 ComputerName: SENES-PC
17:47:01.0352 5048 UserName: Rene
17:47:01.0352 5048 Windows directory: C:\Windows
17:47:01.0352 5048 System windows directory: C:\Windows
17:47:01.0352 5048 Processor architecture: Intel x86
17:47:01.0352 5048 Number of processors: 2
17:47:01.0352 5048 Page size: 0x1000
17:47:01.0352 5048 Boot type: Normal boot
17:47:01.0352 5048 ============================================================
17:47:02.0125 5048 Initialize success
17:47:50.0169 5816 ============================================================
17:47:50.0170 5816 Scan started
17:47:50.0170 5816 Mode: Manual; SigCheck; TDLFS;
17:47:50.0170 5816 ============================================================
17:47:51.0338 5816 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:47:51.0504 5816 ACPI - ok
17:47:51.0636 5816 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
17:47:51.0664 5816 adp94xx - ok
17:47:51.0744 5816 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
17:47:51.0764 5816 adpahci - ok
17:47:51.0827 5816 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
17:47:51.0837 5816 adpu160m - ok
17:47:51.0871 5816 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
17:47:51.0881 5816 adpu320 - ok
17:47:52.0248 5816 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
17:47:52.0308 5816 AFD - ok
17:47:52.0386 5816 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
17:47:52.0404 5816 agp440 - ok
17:47:52.0457 5816 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:47:52.0475 5816 aic78xx - ok
17:47:52.0539 5816 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
17:47:52.0549 5816 aliide - ok
17:47:52.0591 5816 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
17:47:52.0603 5816 amdagp - ok
17:47:52.0663 5816 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
17:47:52.0673 5816 amdide - ok
17:47:52.0718 5816 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
17:47:52.0818 5816 AmdK7 - ok
17:47:52.0881 5816 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
17:47:52.0905 5816 AmdK8 - ok
17:47:53.0047 5816 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
17:47:53.0065 5816 arc - ok
17:47:53.0098 5816 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
17:47:53.0107 5816 arcsas - ok
17:47:53.0201 5816 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
17:47:53.0241 5816 AsyncMac - ok
17:47:53.0292 5816 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
17:47:53.0305 5816 atapi - ok
17:47:53.0408 5816 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
17:47:53.0472 5816 avgntflt - ok
17:47:53.0510 5816 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys
17:47:53.0527 5816 avipbb - ok
17:47:53.0535 5816 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
17:47:53.0547 5816 avkmgr - ok
17:47:53.0642 5816 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
17:47:53.0673 5816 b57nd60x - ok
17:47:53.0754 5816 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
17:47:53.0779 5816 Beep - ok
17:47:53.0893 5816 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
17:47:53.0923 5816 blbdrive - ok
17:47:53.0986 5816 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
17:47:54.0028 5816 bowser - ok
17:47:54.0109 5816 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
17:47:54.0129 5816 BrFiltLo - ok
17:47:54.0179 5816 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
17:47:54.0214 5816 BrFiltUp - ok
17:47:54.0311 5816 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:47:54.0461 5816 Brserid - ok
17:47:54.0541 5816 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:47:54.0632 5816 BrSerWdm - ok
17:47:54.0655 5816 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:47:54.0705 5816 BrUsbMdm - ok
17:47:54.0736 5816 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
17:47:54.0780 5816 BrUsbSer - ok
17:47:54.0901 5816 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
17:47:54.0949 5816 BTHMODEM - ok
17:47:54.0986 5816 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
17:47:55.0016 5816 cdfs - ok
17:47:55.0089 5816 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
17:47:55.0107 5816 cdrom - ok
17:47:55.0188 5816 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
17:47:55.0226 5816 circlass - ok
17:47:55.0265 5816 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
17:47:55.0280 5816 CLFS - ok
17:47:55.0376 5816 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
17:47:55.0399 5816 CmBatt - ok
17:47:55.0426 5816 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
17:47:55.0434 5816 cmdide - ok
17:47:55.0498 5816 CnxtHdAudService (01b80273c019f0f25f27fa2e80a85578) C:\Windows\system32\drivers\CHDRT32.sys
17:47:55.0524 5816 CnxtHdAudService - ok
17:47:55.0609 5816 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
17:47:55.0621 5816 Compbatt - ok
17:47:55.0631 5816 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
17:47:55.0644 5816 crcdisk - ok
17:47:55.0662 5816 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
17:47:55.0690 5816 Crusoe - ok
17:47:55.0749 5816 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
17:47:55.0798 5816 DfsC - ok
17:47:55.0923 5816 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
17:47:55.0943 5816 disk - ok
17:47:55.0999 5816 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
17:47:56.0011 5816 DKbFltr - ok
17:47:56.0085 5816 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
17:47:56.0107 5816 drmkaud - ok
17:47:56.0144 5816 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
17:47:56.0180 5816 DXGKrnl - ok
17:47:56.0261 5816 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:47:56.0291 5816 E1G60 - ok
17:47:56.0361 5816 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
17:47:56.0376 5816 Ecache - ok
17:47:56.0407 5816 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
17:47:56.0422 5816 elxstor - ok
17:47:56.0504 5816 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
17:47:56.0526 5816 ErrDev - ok
17:47:56.0563 5816 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
17:47:56.0589 5816 exfat - ok
17:47:56.0622 5816 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
17:47:56.0641 5816 fastfat - ok
17:47:56.0696 5816 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
17:47:56.0720 5816 fdc - ok
17:47:56.0762 5816 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
17:47:56.0772 5816 FileInfo - ok
17:47:56.0802 5816 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
17:47:56.0825 5816 Filetrace - ok
17:47:56.0878 5816 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
17:47:56.0930 5816 flpydisk - ok
17:47:57.0016 5816 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
17:47:57.0028 5816 FltMgr - ok
17:47:57.0066 5816 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
17:47:57.0084 5816 Fs_Rec - ok
17:47:57.0102 5816 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
17:47:57.0111 5816 gagp30kx - ok
17:47:57.0224 5816 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
17:47:57.0268 5816 HdAudAddService - ok
17:47:57.0309 5816 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:47:57.0336 5816 HDAudBus - ok
17:47:57.0412 5816 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
17:47:57.0454 5816 HidBth - ok
17:47:57.0484 5816 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
17:47:57.0535 5816 HidIr - ok
17:47:57.0560 5816 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
17:47:57.0583 5816 HidUsb - ok
17:47:57.0601 5816 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
17:47:57.0610 5816 HpCISSs - ok
17:47:57.0682 5816 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:47:57.0724 5816 HSFHWAZL - ok
17:47:57.0766 5816 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:47:57.0806 5816 HSF_DPV - ok
17:47:57.0890 5816 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
17:47:57.0940 5816 HTTP - ok
17:47:58.0051 5816 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
17:47:58.0064 5816 i2omp - ok
17:47:58.0143 5816 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
17:47:58.0161 5816 i8042prt - ok
17:47:58.0194 5816 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
17:47:58.0208 5816 iaStor - ok
17:47:58.0227 5816 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
17:47:58.0239 5816 iaStorV - ok
17:47:58.0312 5816 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:47:58.0320 5816 iirsp - ok
17:47:58.0351 5816 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
17:47:58.0359 5816 intelide - ok
17:47:58.0379 5816 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
17:47:58.0408 5816 intelppm - ok
17:47:58.0473 5816 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:47:58.0497 5816 IpFilterDriver - ok
17:47:58.0506 5816 IpInIp - ok
17:47:58.0529 5816 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
17:47:58.0570 5816 IPMIDRV - ok
17:47:58.0595 5816 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
17:47:58.0636 5816 IPNAT - ok
17:47:58.0714 5816 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
17:47:58.0740 5816 irda - ok
17:47:58.0766 5816 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
17:47:58.0789 5816 IRENUM - ok
17:47:58.0807 5816 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
17:47:58.0816 5816 isapnp - ok
17:47:58.0848 5816 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
17:47:58.0859 5816 iScsiPrt - ok
17:47:58.0916 5816 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:47:58.0924 5816 iteatapi - ok
17:47:58.0954 5816 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:47:58.0962 5816 iteraid - ok
17:47:59.0049 5816 k57nd60x (eac21e8014c7e6ee341afffb7e2bbd54) C:\Windows\system32\DRIVERS\k57nd60x.sys
17:47:59.0094 5816 k57nd60x - ok
17:47:59.0155 5816 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:47:59.0169 5816 kbdclass - ok
17:47:59.0193 5816 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
17:47:59.0217 5816 kbdhid - ok
17:47:59.0244 5816 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
17:47:59.0275 5816 KSecDD - ok
17:47:59.0307 5816 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
17:47:59.0331 5816 lltdio - ok
17:47:59.0396 5816 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
17:47:59.0405 5816 LSI_FC - ok
17:47:59.0419 5816 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
17:47:59.0428 5816 LSI_SAS - ok
17:47:59.0447 5816 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
17:47:59.0459 5816 LSI_SCSI - ok
17:47:59.0584 5816 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
17:47:59.0620 5816 luafv - ok
17:47:59.0714 5816 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\drivers\massfilter.sys
17:47:59.0750 5816 massfilter - ok
17:47:59.0807 5816 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
17:47:59.0816 5816 MBAMProtector - ok
17:47:59.0894 5816 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
17:47:59.0903 5816 megasas - ok
17:47:59.0959 5816 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
17:47:59.0975 5816 MegaSR - ok
17:47:59.0993 5816 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
17:48:00.0017 5816 Modem - ok
17:48:00.0101 5816 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
17:48:00.0123 5816 monitor - ok
17:48:00.0144 5816 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
17:48:00.0157 5816 mouclass - ok
17:48:00.0176 5816 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
17:48:00.0200 5816 mouhid - ok
17:48:00.0218 5816 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
17:48:00.0227 5816 MountMgr - ok
17:48:00.0304 5816 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
17:48:00.0314 5816 mpio - ok
17:48:00.0331 5816 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
17:48:00.0360 5816 mpsdrv - ok
17:48:00.0397 5816 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:48:00.0412 5816 Mraid35x - ok
17:48:00.0476 5816 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
17:48:00.0503 5816 MRxDAV - ok
17:48:00.0536 5816 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:48:00.0565 5816 mrxsmb - ok
17:48:00.0589 5816 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:48:00.0604 5816 mrxsmb10 - ok
17:48:00.0670 5816 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:48:00.0682 5816 mrxsmb20 - ok
17:48:00.0723 5816 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
17:48:00.0735 5816 msahci - ok
17:48:00.0763 5816 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
17:48:00.0772 5816 msdsm - ok
17:48:00.0856 5816 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
17:48:00.0883 5816 Msfs - ok
17:48:00.0906 5816 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
17:48:00.0922 5816 msisadrv - ok
17:48:00.0945 5816 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
17:48:00.0975 5816 MSKSSRV - ok
17:48:00.0994 5816 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
17:48:01.0033 5816 MSPCLOCK - ok
17:48:01.0100 5816 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
17:48:01.0140 5816 MSPQM - ok
17:48:01.0190 5816 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
17:48:01.0205 5816 MsRPC - ok
17:48:01.0267 5816 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
17:48:01.0278 5816 mssmbios - ok
17:48:01.0317 5816 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
17:48:01.0340 5816 MSTEE - ok
17:48:01.0366 5816 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
17:48:01.0381 5816 Mup - ok
17:48:01.0460 5816 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
17:48:01.0474 5816 NativeWifiP - ok
17:48:01.0510 5816 NAVENG - ok
17:48:01.0517 5816 NAVEX15 - ok
17:48:01.0585 5816 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
17:48:01.0604 5816 NDIS - ok
17:48:01.0667 5816 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
17:48:01.0685 5816 NdisTapi - ok
17:48:01.0709 5816 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
17:48:01.0732 5816 Ndisuio - ok
17:48:01.0797 5816 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:48:01.0835 5816 NdisWan - ok
17:48:01.0889 5816 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
17:48:01.0908 5816 NDProxy - ok
17:48:01.0982 5816 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
17:48:02.0005 5816 NetBIOS - ok
17:48:02.0040 5816 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
17:48:02.0070 5816 netbt - ok
17:48:02.0222 5816 NETw5v32 (ae642d069681a826d5f16e4f6ad158f3) C:\Windows\system32\DRIVERS\NETw5v32.sys
17:48:02.0377 5816 NETw5v32 - ok
17:48:02.0449 5816 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:48:02.0464 5816 nfrd960 - ok
17:48:02.0527 5816 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
17:48:02.0550 5816 Npfs - ok
17:48:02.0567 5816 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
17:48:02.0604 5816 NSCIRDA - ok
17:48:02.0626 5816 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
17:48:02.0668 5816 nsiproxy - ok
17:48:02.0765 5816 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
17:48:02.0799 5816 Ntfs - ok
17:48:02.0896 5816 NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
17:48:02.0907 5816 NTIDrvr - ok
17:48:02.0929 5816 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:48:02.0971 5816 ntrigdigi - ok
17:48:02.0992 5816 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
17:48:03.0015 5816 Null - ok
17:48:03.0092 5816 NVHDA (603b0c9bb86f7b3efb88a482c6663ec4) C:\Windows\system32\drivers\nvhda32v.sys
17:48:03.0105 5816 NVHDA - ok
17:48:03.0319 5816 nvlddmkm (3a3eb304b9bd9f4f6b3b745972f2c1e5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:48:03.0682 5816 nvlddmkm - ok
17:48:03.0748 5816 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
17:48:03.0758 5816 nvraid - ok
17:48:03.0789 5816 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
17:48:03.0799 5816 nvstor - ok
17:48:03.0847 5816 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
17:48:03.0857 5816 nv_agp - ok
17:48:03.0902 5816 NwlnkFlt - ok
17:48:03.0912 5816 NwlnkFwd - ok
17:48:03.0988 5816 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
17:48:04.0012 5816 ohci1394 - ok
17:48:04.0051 5816 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
17:48:04.0103 5816 Parport - ok
17:48:04.0172 5816 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
17:48:04.0182 5816 partmgr - ok
17:48:04.0210 5816 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
17:48:04.0252 5816 Parvdm - ok
17:48:04.0276 5816 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
17:48:04.0288 5816 pci - ok
17:48:04.0306 5816 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
17:48:04.0314 5816 pciide - ok
17:48:04.0391 5816 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
17:48:04.0402 5816 pcmcia - ok
17:48:04.0450 5816 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:48:04.0512 5816 PEAUTH - ok
17:48:04.0609 5816 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
17:48:04.0633 5816 PptpMiniport - ok
17:48:04.0663 5816 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
17:48:04.0686 5816 Processor - ok
17:48:04.0729 5816 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
17:48:04.0750 5816 PSched - ok
17:48:04.0822 5816 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
17:48:04.0829 5816 PxHelp20 - ok
17:48:04.0874 5816 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
17:48:04.0909 5816 ql2300 - ok
17:48:04.0987 5816 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:48:04.0998 5816 ql40xx - ok
17:48:05.0048 5816 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
17:48:05.0086 5816 QWAVEdrv - ok
17:48:05.0146 5816 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
17:48:05.0195 5816 RasAcd - ok
17:48:05.0218 5816 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:48:05.0242 5816 Rasl2tp - ok
17:48:05.0260 5816 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
17:48:05.0279 5816 RasPppoe - ok
17:48:05.0288 5816 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
17:48:05.0300 5816 RasSstp - ok
17:48:05.0323 5816 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
17:48:05.0343 5816 rdbss - ok
17:48:05.0413 5816 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:48:05.0436 5816 RDPCDD - ok
17:48:05.0456 5816 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
17:48:05.0481 5816 rdpdr - ok
17:48:05.0489 5816 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
17:48:05.0523 5816 RDPENCDD - ok
17:48:05.0565 5816 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
17:48:05.0585 5816 RDPWD - ok
17:48:05.0662 5816 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
17:48:05.0686 5816 rspndr - ok
17:48:05.0706 5816 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:48:05.0715 5816 sbp2port - ok
17:48:05.0743 5816 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
17:48:05.0767 5816 sdbus - ok
17:48:05.0790 5816 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:48:05.0848 5816 secdrv - ok
17:48:05.0869 5816 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
17:48:05.0911 5816 Serenum - ok
17:48:05.0985 5816 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
17:48:06.0040 5816 Serial - ok
17:48:06.0055 5816 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
17:48:06.0079 5816 sermouse - ok
17:48:06.0101 5816 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
17:48:06.0119 5816 sffdisk - ok
17:48:06.0129 5816 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
17:48:06.0169 5816 sffp_mmc - ok
17:48:06.0232 5816 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
17:48:06.0256 5816 sffp_sd - ok
17:48:06.0275 5816 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:48:06.0334 5816 sfloppy - ok
17:48:06.0363 5816 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
17:48:06.0372 5816 sisagp - ok
17:48:06.0385 5816 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
17:48:06.0394 5816 SiSRaid2 - ok
17:48:06.0462 5816 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
17:48:06.0471 5816 SiSRaid4 - ok
17:48:06.0510 5816 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
17:48:06.0528 5816 Smb - ok
17:48:06.0550 5816 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
17:48:06.0563 5816 spldr - ok
17:48:06.0575 5816 SRTSP - ok
17:48:06.0585 5816 SRTSPX - ok
17:48:06.0618 5816 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
17:48:06.0651 5816 srv - ok
17:48:06.0705 5816 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
17:48:06.0720 5816 srv2 - ok
17:48:06.0762 5816 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
17:48:06.0784 5816 srvnet - ok
17:48:06.0859 5816 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
17:48:06.0875 5816 ssmdrv - ok
17:48:06.0910 5816 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
17:48:06.0923 5816 swenum - ok
17:48:07.0006 5816 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:48:07.0014 5816 Symc8xx - ok
17:48:07.0046 5816 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:48:07.0055 5816 Sym_hi - ok
17:48:07.0078 5816 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:48:07.0087 5816 Sym_u3 - ok
17:48:07.0177 5816 SynTP (5c3e900f41426a372de60675afc8aa07) C:\Windows\system32\DRIVERS\SynTP.sys
17:48:07.0193 5816 SynTP - ok
17:48:07.0257 5816 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
17:48:07.0288 5816 Tcpip - ok
17:48:07.0380 5816 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
17:48:07.0407 5816 Tcpip6 - ok
17:48:07.0490 5816 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
17:48:07.0503 5816 tcpipreg - ok
17:48:07.0542 5816 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
17:48:07.0566 5816 TDPIPE - ok
17:48:07.0582 5816 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
17:48:07.0627 5816 TDTCP - ok
17:48:07.0654 5816 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
17:48:07.0678 5816 tdx - ok
17:48:07.0744 5816 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
17:48:07.0760 5816 TermDD - ok
17:48:07.0813 5816 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:48:07.0837 5816 tssecsrv - ok
17:48:07.0869 5816 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
17:48:07.0902 5816 tunmp - ok
17:48:07.0980 5816 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
17:48:07.0999 5816 tunnel - ok
17:48:08.0033 5816 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
17:48:08.0042 5816 uagp35 - ok
17:48:08.0065 5816 UBHelper (d79c0b9bb011218b93705cbf77fa3e5e) C:\Windows\system32\drivers\UBHelper.sys
17:48:08.0075 5816 UBHelper - ok
17:48:08.0141 5816 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
17:48:08.0163 5816 udfs - ok
17:48:08.0254 5816 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
17:48:08.0263 5816 uliagpkx - ok
17:48:08.0327 5816 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
17:48:08.0339 5816 uliahci - ok
17:48:08.0358 5816 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
17:48:08.0368 5816 UlSata - ok
17:48:08.0389 5816 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
17:48:08.0398 5816 ulsata2 - ok
17:48:08.0423 5816 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
17:48:08.0446 5816 umbus - ok
17:48:08.0469 5816 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
17:48:08.0487 5816 usbccgp - ok
17:48:08.0537 5816 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:48:08.0578 5816 usbcir - ok
17:48:08.0620 5816 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
17:48:08.0638 5816 usbehci - ok
17:48:08.0666 5816 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
17:48:08.0699 5816 usbhub - ok
17:48:08.0778 5816 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
17:48:08.0819 5816 usbohci - ok
17:48:08.0849 5816 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
17:48:08.0888 5816 usbprint - ok
17:48:08.0942 5816 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:48:08.0978 5816 USBSTOR - ok
17:48:09.0072 5816 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
17:48:09.0104 5816 usbuhci - ok
17:48:09.0126 5816 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
17:48:09.0168 5816 usbvideo - ok
17:48:09.0242 5816 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
17:48:09.0266 5816 vga - ok
17:48:09.0280 5816 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
17:48:09.0303 5816 VgaSave - ok
17:48:09.0320 5816 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
17:48:09.0329 5816 viaagp - ok
17:48:09.0342 5816 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
17:48:09.0365 5816 ViaC7 - ok
17:48:09.0379 5816 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
17:48:09.0387 5816 viaide - ok
17:48:09.0456 5816 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
17:48:09.0465 5816 volmgr - ok
17:48:09.0519 5816 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
17:48:09.0535 5816 volmgrx - ok
17:48:09.0568 5816 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
17:48:09.0581 5816 volsnap - ok
17:48:09.0659 5816 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
17:48:09.0669 5816 vsmraid - ok
17:48:09.0698 5816 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:48:09.0750 5816 WacomPen - ok
17:48:09.0774 5816 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:48:09.0792 5816 Wanarp - ok
17:48:09.0801 5816 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:48:09.0820 5816 Wanarpv6 - ok
17:48:09.0889 5816 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
17:48:09.0897 5816 Wd - ok
17:48:09.0924 5816 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
17:48:09.0947 5816 Wdf01000 - ok
17:48:10.0060 5816 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:48:10.0095 5816 winachsf - ok
17:48:10.0196 5816 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:48:10.0228 5816 WmiAcpi - ok
17:48:10.0269 5816 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
17:48:10.0307 5816 ws2ifsl - ok
17:48:10.0402 5816 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:48:10.0436 5816 WUDFRd - ok
17:48:10.0488 5816 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
17:48:10.0513 5816 ZTEusbmdm6k - ok
17:48:10.0580 5816 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
17:48:10.0591 5816 ZTEusbnmea - ok
17:48:10.0618 5816 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
17:48:10.0632 5816 ZTEusbser6k - ok
17:48:10.0708 5816 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} (556b5cfe8d21b256add7f87d7f4b4123) c:\Program Files\CyberLink\PowerDVD8\000.fcl
17:48:10.0719 5816 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
17:48:10.0737 5816 MBR (0x1B8) (2a38a2f9deea228d8e1783700ed15448) \Device\Harddisk0\DR0
17:48:10.0737 5816 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
17:48:10.0737 5816 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
17:48:10.0764 5816 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:48:10.0764 5816 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:48:10.0801 5816 Boot (0x1200) (a9aec487a2a2dfa7f11f5185993e5dec) \Device\Harddisk0\DR0\Partition0
17:48:10.0802 5816 \Device\Harddisk0\DR0\Partition0 - ok
17:48:10.0802 5816 ============================================================
17:48:10.0802 5816 Scan finished
17:48:10.0802 5816 ============================================================
17:48:10.0817 5160 Detected object count: 2
17:48:10.0818 5160 Actual detected object count: 2
17:48:59.0621 5160 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
17:48:59.0621 5160 \Device\Harddisk0\DR0 - ok
17:48:59.0622 5160 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure
17:48:59.0626 5160 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:48:59.0626 5160 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

cosinus 28.10.2011 20:05
Eigentlich solltest du NICHTS entfernen. War aber in diesem Fall richtig. Bitte die Hinweise auch ernst nehmen, der TDSS-Killer bemängelt auch oft legitime Einträge und dann kommen nachfragen warum dies und das nicht funktioniert weil man die die Hinweise nicht ernst genommen hat!!

Starte Windows neu und mach bitte ein neues Log mit dem TDSS-Killer.

SEnES 29.10.2011 08:56
entschuldige bitte mein Fehlverhalten, ich war der Meinung NICHT auf delete oder dergleichen geklickt zu haben...:headbang: es liegt natürlich in meinem Interesse deinen Weisungen zu Folgen, also nehme ich diese sehr ernst!

hier nun der neue Scan :

09:50:35.0745 4956 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
09:50:36.0069 4956 ============================================================
09:50:36.0069 4956 Current date / time: 2011/10/29 09:50:36.0069
09:50:36.0069 4956 SystemInfo:
09:50:36.0069 4956
09:50:36.0069 4956 OS Version: 6.0.6002 ServicePack: 2.0
09:50:36.0069 4956 Product type: Workstation
09:50:36.0069 4956 ComputerName: SENES-PC
09:50:36.0069 4956 UserName: Rene
09:50:36.0069 4956 Windows directory: C:\Windows
09:50:36.0069 4956 System windows directory: C:\Windows
09:50:36.0069 4956 Processor architecture: Intel x86
09:50:36.0069 4956 Number of processors: 2
09:50:36.0069 4956 Page size: 0x1000
09:50:36.0069 4956 Boot type: Normal boot
09:50:36.0069 4956 ============================================================
09:50:36.0674 4956 Initialize success
09:51:23.0599 5124 ============================================================
09:51:23.0599 5124 Scan started
09:51:23.0599 5124 Mode: Manual; SigCheck; TDLFS;
09:51:23.0599 5124 ============================================================
09:51:24.0184 5124 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
09:51:24.0284 5124 ACPI - ok
09:51:24.0340 5124 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
09:51:24.0372 5124 adp94xx - ok
09:51:24.0438 5124 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
09:51:24.0459 5124 adpahci - ok
09:51:24.0487 5124 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
09:51:24.0504 5124 adpu160m - ok
09:51:24.0519 5124 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
09:51:24.0531 5124 adpu320 - ok
09:51:24.0663 5124 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
09:51:24.0733 5124 AFD - ok
09:51:24.0813 5124 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
09:51:24.0835 5124 agp440 - ok
09:51:24.0871 5124 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
09:51:24.0888 5124 aic78xx - ok
09:51:24.0909 5124 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
09:51:24.0919 5124 aliide - ok
09:51:24.0940 5124 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
09:51:24.0955 5124 amdagp - ok
09:51:24.0978 5124 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
09:51:24.0993 5124 amdide - ok
09:51:25.0056 5124 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
09:51:25.0134 5124 AmdK7 - ok
09:51:25.0218 5124 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
09:51:25.0263 5124 AmdK8 - ok
09:51:25.0382 5124 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
09:51:25.0400 5124 arc - ok
09:51:25.0435 5124 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
09:51:25.0454 5124 arcsas - ok
09:51:25.0483 5124 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
09:51:25.0524 5124 AsyncMac - ok
09:51:25.0585 5124 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
09:51:25.0600 5124 atapi - ok
09:51:25.0645 5124 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
09:51:25.0694 5124 avgntflt - ok
09:51:25.0714 5124 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys
09:51:25.0733 5124 avipbb - ok
09:51:25.0757 5124 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
09:51:25.0770 5124 avkmgr - ok
09:51:25.0857 5124 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
09:51:25.0902 5124 b57nd60x - ok
09:51:25.0947 5124 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
09:51:25.0972 5124 Beep - ok
09:51:26.0053 5124 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
09:51:26.0083 5124 blbdrive - ok
09:51:26.0114 5124 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
09:51:26.0133 5124 bowser - ok
09:51:26.0169 5124 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
09:51:26.0204 5124 BrFiltLo - ok
09:51:26.0272 5124 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
09:51:26.0294 5124 BrFiltUp - ok
09:51:26.0315 5124 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
09:51:26.0359 5124 Brserid - ok
09:51:26.0378 5124 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
09:51:26.0426 5124 BrSerWdm - ok
09:51:26.0448 5124 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
09:51:26.0497 5124 BrUsbMdm - ok
09:51:26.0518 5124 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
09:51:26.0564 5124 BrUsbSer - ok
09:51:26.0650 5124 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
09:51:26.0696 5124 BTHMODEM - ok
09:51:26.0746 5124 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
09:51:26.0789 5124 cdfs - ok
09:51:26.0871 5124 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
09:51:26.0907 5124 cdrom - ok
09:51:26.0959 5124 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
09:51:26.0989 5124 circlass - ok
09:51:27.0047 5124 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
09:51:27.0072 5124 CLFS - ok
09:51:27.0168 5124 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
09:51:27.0196 5124 CmBatt - ok
09:51:27.0230 5124 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
09:51:27.0247 5124 cmdide - ok
09:51:27.0302 5124 CnxtHdAudService (01b80273c019f0f25f27fa2e80a85578) C:\Windows\system32\drivers\CHDRT32.sys
09:51:27.0362 5124 CnxtHdAudService - ok
09:51:27.0435 5124 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
09:51:27.0450 5124 Compbatt - ok
09:51:27.0468 5124 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
09:51:27.0485 5124 crcdisk - ok
09:51:27.0511 5124 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
09:51:27.0541 5124 Crusoe - ok
09:51:27.0590 5124 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
09:51:27.0613 5124 DfsC - ok
09:51:27.0727 5124 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
09:51:27.0744 5124 disk - ok
09:51:27.0792 5124 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
09:51:27.0819 5124 DKbFltr - ok
09:51:27.0889 5124 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
09:51:27.0909 5124 drmkaud - ok
09:51:27.0958 5124 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
09:51:27.0984 5124 DXGKrnl - ok
09:51:28.0076 5124 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
09:51:28.0101 5124 E1G60 - ok
09:51:28.0165 5124 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
09:51:28.0186 5124 Ecache - ok
09:51:28.0223 5124 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
09:51:28.0246 5124 elxstor - ok
09:51:28.0341 5124 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
09:51:28.0370 5124 ErrDev - ok
09:51:28.0423 5124 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
09:51:28.0461 5124 exfat - ok
09:51:28.0526 5124 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
09:51:28.0552 5124 fastfat - ok
09:51:28.0578 5124 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
09:51:28.0602 5124 fdc - ok
09:51:28.0622 5124 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
09:51:28.0632 5124 FileInfo - ok
09:51:28.0651 5124 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
09:51:28.0681 5124 Filetrace - ok
09:51:28.0760 5124 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
09:51:28.0800 5124 flpydisk - ok
09:51:28.0845 5124 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
09:51:28.0858 5124 FltMgr - ok
09:51:28.0948 5124 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
09:51:28.0980 5124 Fs_Rec - ok
09:51:29.0006 5124 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
09:51:29.0016 5124 gagp30kx - ok
09:51:29.0140 5124 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
09:51:29.0193 5124 HdAudAddService - ok
09:51:29.0257 5124 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
09:51:29.0299 5124 HDAudBus - ok
09:51:29.0382 5124 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
09:51:29.0445 5124 HidBth - ok
09:51:29.0477 5124 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
09:51:29.0524 5124 HidIr - ok
09:51:29.0552 5124 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
09:51:29.0572 5124 HidUsb - ok
09:51:29.0639 5124 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
09:51:29.0654 5124 HpCISSs - ok
09:51:29.0698 5124 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:51:29.0751 5124 HSFHWAZL - ok
09:51:29.0836 5124 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:51:29.0894 5124 HSF_DPV - ok
09:51:29.0983 5124 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
09:51:30.0029 5124 HTTP - ok
09:51:30.0066 5124 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
09:51:30.0132 5124 i2omp - ok
09:51:30.0214 5124 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
09:51:30.0239 5124 i8042prt - ok
09:51:30.0287 5124 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
09:51:30.0301 5124 iaStor - ok
09:51:30.0342 5124 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
09:51:30.0364 5124 iaStorV - ok
09:51:30.0449 5124 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
09:51:30.0463 5124 iirsp - ok
09:51:30.0499 5124 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
09:51:30.0513 5124 intelide - ok
09:51:30.0538 5124 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
09:51:30.0563 5124 intelppm - ok
09:51:30.0633 5124 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:51:30.0670 5124 IpFilterDriver - ok
09:51:30.0686 5124 IpInIp - ok
09:51:30.0711 5124 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
09:51:30.0741 5124 IPMIDRV - ok
09:51:30.0765 5124 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
09:51:30.0811 5124 IPNAT - ok
09:51:30.0885 5124 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
09:51:30.0927 5124 irda - ok
09:51:30.0948 5124 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
09:51:30.0976 5124 IRENUM - ok
09:51:31.0000 5124 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
09:51:31.0015 5124 isapnp - ok
09:51:31.0052 5124 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
09:51:31.0065 5124 iScsiPrt - ok
09:51:31.0131 5124 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
09:51:31.0145 5124 iteatapi - ok
09:51:31.0158 5124 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
09:51:31.0168 5124 iteraid - ok
09:51:31.0230 5124 k57nd60x (eac21e8014c7e6ee341afffb7e2bbd54) C:\Windows\system32\DRIVERS\k57nd60x.sys
09:51:31.0278 5124 k57nd60x - ok
09:51:31.0329 5124 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
09:51:31.0344 5124 kbdclass - ok
09:51:31.0364 5124 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
09:51:31.0390 5124 kbdhid - ok
09:51:31.0437 5124 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
09:51:31.0471 5124 KSecDD - ok
09:51:31.0556 5124 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
09:51:31.0581 5124 lltdio - ok
09:51:31.0611 5124 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
09:51:31.0627 5124 LSI_FC - ok
09:51:31.0645 5124 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
09:51:31.0665 5124 LSI_SAS - ok
09:51:31.0685 5124 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
09:51:31.0702 5124 LSI_SCSI - ok
09:51:31.0755 5124 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
09:51:31.0814 5124 luafv - ok
09:51:31.0906 5124 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\drivers\massfilter.sys
09:51:31.0938 5124 massfilter - ok
09:51:32.0000 5124 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
09:51:32.0014 5124 MBAMProtector - ok
09:51:32.0098 5124 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
09:51:32.0108 5124 megasas - ok
09:51:32.0174 5124 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
09:51:32.0199 5124 MegaSR - ok
09:51:32.0231 5124 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
09:51:32.0275 5124 Modem - ok
09:51:32.0371 5124 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
09:51:32.0397 5124 monitor - ok
09:51:32.0414 5124 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
09:51:32.0429 5124 mouclass - ok
09:51:32.0446 5124 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
09:51:32.0473 5124 mouhid - ok
09:51:32.0500 5124 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
09:51:32.0510 5124 MountMgr - ok
09:51:32.0597 5124 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
09:51:32.0616 5124 mpio - ok
09:51:32.0635 5124 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
09:51:32.0660 5124 mpsdrv - ok
09:51:32.0701 5124 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
09:51:32.0719 5124 Mraid35x - ok
09:51:32.0746 5124 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
09:51:32.0783 5124 MRxDAV - ok
09:51:32.0851 5124 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:51:32.0870 5124 mrxsmb - ok
09:51:32.0893 5124 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:51:32.0933 5124 mrxsmb10 - ok
09:51:32.0949 5124 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:51:32.0978 5124 mrxsmb20 - ok
09:51:33.0060 5124 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
09:51:33.0075 5124 msahci - ok
09:51:33.0100 5124 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
09:51:33.0111 5124 msdsm - ok
09:51:33.0151 5124 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
09:51:33.0183 5124 Msfs - ok
09:51:33.0263 5124 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
09:51:33.0277 5124 msisadrv - ok
09:51:33.0304 5124 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
09:51:33.0333 5124 MSKSSRV - ok
09:51:33.0353 5124 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
09:51:33.0380 5124 MSPCLOCK - ok
09:51:33.0404 5124 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
09:51:33.0433 5124 MSPQM - ok
09:51:33.0505 5124 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
09:51:33.0519 5124 MsRPC - ok
09:51:33.0560 5124 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
09:51:33.0570 5124 mssmbios - ok
09:51:33.0632 5124 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
09:51:33.0670 5124 MSTEE - ok
09:51:33.0726 5124 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
09:51:33.0742 5124 Mup - ok
09:51:33.0841 5124 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
09:51:33.0856 5124 NativeWifiP - ok
09:51:33.0881 5124 NAVENG - ok
09:51:33.0888 5124 NAVEX15 - ok
09:51:33.0956 5124 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
09:51:33.0978 5124 NDIS - ok
09:51:34.0026 5124 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
09:51:34.0046 5124 NdisTapi - ok
09:51:34.0079 5124 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
09:51:34.0104 5124 Ndisuio - ok
09:51:34.0168 5124 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
09:51:34.0199 5124 NdisWan - ok
09:51:34.0241 5124 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
09:51:34.0262 5124 NDProxy - ok
09:51:34.0320 5124 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
09:51:34.0367 5124 NetBIOS - ok
09:51:34.0433 5124 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
09:51:34.0493 5124 netbt - ok
09:51:34.0645 5124 NETw5v32 (ae642d069681a826d5f16e4f6ad158f3) C:\Windows\system32\DRIVERS\NETw5v32.sys
09:51:34.0936 5124 NETw5v32 - ok
09:51:35.0020 5124 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
09:51:35.0034 5124 nfrd960 - ok
09:51:35.0076 5124 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
09:51:35.0110 5124 Npfs - ok
09:51:35.0228 5124 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
09:51:35.0302 5124 NSCIRDA - ok
09:51:35.0352 5124 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
09:51:35.0423 5124 nsiproxy - ok
09:51:35.0525 5124 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
09:51:35.0597 5124 Ntfs - ok
09:51:35.0678 5124 NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
09:51:35.0695 5124 NTIDrvr - ok
09:51:35.0744 5124 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
09:51:35.0794 5124 ntrigdigi - ok
09:51:35.0852 5124 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
09:51:35.0880 5124 Null - ok
09:51:35.0963 5124 NVHDA (603b0c9bb86f7b3efb88a482c6663ec4) C:\Windows\system32\drivers\nvhda32v.sys
09:51:35.0994 5124 NVHDA - ok
09:51:36.0349 5124 nvlddmkm (3a3eb304b9bd9f4f6b3b745972f2c1e5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:51:36.0787 5124 nvlddmkm - ok
09:51:36.0863 5124 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
09:51:36.0874 5124 nvraid - ok
09:51:36.0905 5124 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
09:51:36.0919 5124 nvstor - ok
09:51:36.0951 5124 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
09:51:36.0963 5124 nv_agp - ok
09:51:37.0037 5124 NwlnkFlt - ok
09:51:37.0052 5124 NwlnkFwd - ok
09:51:37.0114 5124 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
09:51:37.0146 5124 ohci1394 - ok
09:51:37.0259 5124 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
09:51:37.0321 5124 Parport - ok
09:51:37.0354 5124 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
09:51:37.0373 5124 partmgr - ok
09:51:37.0439 5124 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
09:51:37.0495 5124 Parvdm - ok
09:51:37.0528 5124 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
09:51:37.0541 5124 pci - ok
09:51:37.0565 5124 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
09:51:37.0579 5124 pciide - ok
09:51:37.0651 5124 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
09:51:37.0671 5124 pcmcia - ok
09:51:37.0721 5124 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
09:51:37.0796 5124 PEAUTH - ok
09:51:37.0902 5124 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
09:51:37.0931 5124 PptpMiniport - ok
09:51:37.0967 5124 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
09:51:37.0991 5124 Processor - ok
09:51:38.0044 5124 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
09:51:38.0069 5124 PSched - ok
09:51:38.0124 5124 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
09:51:38.0139 5124 PxHelp20 - ok
09:51:38.0211 5124 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
09:51:38.0305 5124 ql2300 - ok
09:51:38.0413 5124 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
09:51:38.0430 5124 ql40xx - ok
09:51:38.0463 5124 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
09:51:38.0476 5124 QWAVEdrv - ok
09:51:38.0506 5124 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
09:51:38.0531 5124 RasAcd - ok
09:51:38.0555 5124 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:51:38.0599 5124 Rasl2tp - ok
09:51:38.0665 5124 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
09:51:38.0718 5124 RasPppoe - ok
09:51:38.0739 5124 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
09:51:38.0822 5124 RasSstp - ok
09:51:38.0849 5124 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
09:51:38.0878 5124 rdbss - ok
09:51:38.0905 5124 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:51:38.0931 5124 RDPCDD - ok
09:51:38.0962 5124 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
09:51:38.0988 5124 rdpdr - ok
09:51:39.0052 5124 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
09:51:39.0079 5124 RDPENCDD - ok
09:51:39.0114 5124 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
09:51:39.0140 5124 RDPWD - ok
09:51:39.0188 5124 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
09:51:39.0217 5124 rspndr - ok
09:51:39.0243 5124 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
09:51:39.0259 5124 sbp2port - ok
09:51:39.0336 5124 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
09:51:39.0370 5124 sdbus - ok
09:51:39.0405 5124 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
09:51:39.0546 5124 secdrv - ok
09:51:39.0584 5124 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
09:51:39.0630 5124 Serenum - ok
09:51:39.0700 5124 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
09:51:39.0752 5124 Serial - ok
09:51:39.0771 5124 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
09:51:39.0817 5124 sermouse - ok
09:51:39.0872 5124 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
09:51:39.0917 5124 sffdisk - ok
09:51:39.0955 5124 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
09:51:39.0985 5124 sffp_mmc - ok
09:51:40.0058 5124 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
09:51:40.0085 5124 sffp_sd - ok
09:51:40.0112 5124 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
09:51:40.0175 5124 sfloppy - ok
09:51:40.0211 5124 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
09:51:40.0226 5124 sisagp - ok
09:51:40.0256 5124 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
09:51:40.0272 5124 SiSRaid2 - ok
09:51:40.0355 5124 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
09:51:40.0371 5124 SiSRaid4 - ok
09:51:40.0425 5124 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
09:51:40.0450 5124 Smb - ok
09:51:40.0499 5124 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
09:51:40.0534 5124 spldr - ok
09:51:40.0556 5124 SRTSP - ok
09:51:40.0577 5124 SRTSPX - ok
09:51:40.0622 5124 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
09:51:40.0645 5124 srv - ok
09:51:40.0713 5124 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
09:51:40.0734 5124 srv2 - ok
09:51:40.0767 5124 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
09:51:40.0786 5124 srvnet - ok
09:51:40.0819 5124 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
09:51:40.0857 5124 ssmdrv - ok
09:51:40.0936 5124 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
09:51:40.0951 5124 swenum - ok
09:51:40.0999 5124 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
09:51:41.0058 5124 Symc8xx - ok
09:51:41.0128 5124 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
09:51:41.0137 5124 Sym_hi - ok
09:51:41.0282 5124 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
09:51:41.0319 5124 Sym_u3 - ok
09:51:41.0414 5124 SynTP (5c3e900f41426a372de60675afc8aa07) C:\Windows\system32\DRIVERS\SynTP.sys
09:51:41.0438 5124 SynTP - ok
09:51:41.0504 5124 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
09:51:41.0548 5124 Tcpip - ok
09:51:41.0646 5124 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
09:51:41.0676 5124 Tcpip6 - ok
09:51:41.0761 5124 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
09:51:41.0774 5124 tcpipreg - ok
09:51:41.0802 5124 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
09:51:41.0829 5124 TDPIPE - ok
09:51:41.0897 5124 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
09:51:41.0926 5124 TDTCP - ok
09:51:42.0047 5124 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
09:51:42.0071 5124 tdx - ok
09:51:42.0103 5124 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
09:51:42.0131 5124 TermDD - ok
09:51:42.0217 5124 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:51:42.0260 5124 tssecsrv - ok
09:51:42.0384 5124 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
09:51:42.0449 5124 tunmp - ok
09:51:42.0479 5124 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
09:51:42.0545 5124 tunnel - ok
09:51:42.0626 5124 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
09:51:42.0645 5124 uagp35 - ok
09:51:42.0680 5124 UBHelper (d79c0b9bb011218b93705cbf77fa3e5e) C:\Windows\system32\drivers\UBHelper.sys
09:51:42.0693 5124 UBHelper - ok
09:51:42.0722 5124 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
09:51:42.0745 5124 udfs - ok
09:51:42.0880 5124 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
09:51:42.0897 5124 uliagpkx - ok
09:51:42.0942 5124 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
09:51:42.0962 5124 uliahci - ok
09:51:42.0984 5124 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
09:51:42.0995 5124 UlSata - ok
09:51:43.0070 5124 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
09:51:43.0088 5124 ulsata2 - ok
09:51:43.0116 5124 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
09:51:43.0144 5124 umbus - ok
09:51:43.0173 5124 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
09:51:43.0209 5124 usbccgp - ok
09:51:43.0274 5124 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
09:51:43.0342 5124 usbcir - ok
09:51:43.0413 5124 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
09:51:43.0551 5124 usbehci - ok
09:51:43.0626 5124 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
09:51:43.0673 5124 usbhub - ok
09:51:43.0715 5124 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
09:51:43.0772 5124 usbohci - ok
09:51:43.0842 5124 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
09:51:43.0882 5124 usbprint - ok
09:51:43.0935 5124 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:51:43.0955 5124 USBSTOR - ok
09:51:44.0021 5124 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
09:51:44.0055 5124 usbuhci - ok
09:51:44.0086 5124 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
09:51:44.0117 5124 usbvideo - ok
09:51:44.0149 5124 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
09:51:44.0189 5124 vga - ok
09:51:44.0284 5124 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
09:51:44.0309 5124 VgaSave - ok
09:51:44.0335 5124 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
09:51:44.0370 5124 viaagp - ok
09:51:44.0401 5124 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
09:51:44.0522 5124 ViaC7 - ok
09:51:44.0594 5124 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
09:51:44.0604 5124 viaide - ok
09:51:44.0626 5124 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
09:51:44.0642 5124 volmgr - ok
09:51:44.0679 5124 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
09:51:44.0695 5124 volmgrx - ok
09:51:44.0772 5124 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
09:51:44.0799 5124 volsnap - ok
09:51:44.0841 5124 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
09:51:44.0852 5124 vsmraid - ok
09:51:44.0957 5124 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
09:51:45.0006 5124 WacomPen - ok
09:51:45.0055 5124 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:51:45.0075 5124 Wanarp - ok
09:51:45.0130 5124 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
09:51:45.0150 5124 Wanarpv6 - ok
09:51:45.0193 5124 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
09:51:45.0202 5124 Wd - ok
09:51:45.0228 5124 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
09:51:45.0286 5124 Wdf01000 - ok
09:51:45.0409 5124 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:51:45.0465 5124 winachsf - ok
09:51:45.0578 5124 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
09:51:45.0610 5124 WmiAcpi - ok
09:51:45.0662 5124 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
09:51:45.0689 5124 ws2ifsl - ok
09:51:45.0729 5124 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:51:45.0758 5124 WUDFRd - ok
09:51:45.0848 5124 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
09:51:45.0859 5124 ZTEusbmdm6k - ok
09:51:45.0884 5124 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
09:51:45.0908 5124 ZTEusbnmea - ok
09:51:45.0933 5124 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
09:51:45.0950 5124 ZTEusbser6k - ok
09:51:46.0023 5124 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} (556b5cfe8d21b256add7f87d7f4b4123) c:\Program Files\CyberLink\PowerDVD8\000.fcl
09:51:46.0033 5124 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
09:51:46.0052 5124 MBR (0x1B8) (beedf9b7f43a72a91456f7131afc11b2) \Device\Harddisk0\DR0
09:51:46.0223 5124 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:51:46.0223 5124 \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:51:46.0230 5124 Boot (0x1200) (a9aec487a2a2dfa7f11f5185993e5dec) \Device\Harddisk0\DR0\Partition0
09:51:46.0231 5124 \Device\Harddisk0\DR0\Partition0 - ok
09:51:46.0234 5124 ============================================================
09:51:46.0234 5124 Scan finished
09:51:46.0234 5124 ============================================================
09:51:46.0247 5116 Detected object count: 1
09:51:46.0247 5116 Actual detected object count: 1
09:53:37.0012 5116 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:53:37.0012 5116 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

cosinus 29.10.2011 16:00
Zitat:
09:53:37.0012 5116 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:53:37.0012 5116 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Das darfst du fixen, Freigabe erteilt! :)

SEnES 29.10.2011 19:20
okay ich steh grad auf dem schlauch. Fixen heißt löschen oder in quarantäne verschieben?

wars es dann soweit alles ???
also Antivire gibt keine blöden Töne mehr von sich das schon mal top! :daumenhoc dafür herzlichen Dank vorweg!!!

cosinus 29.10.2011 23:17
Na, mit dem TDSS-Killer! Fixen oder "curen" wie die das nennen :D

SEnES 30.10.2011 12:58
Okay meine Verwirrung wurde leider nicht ganz geklärt, weil ich nur:
SKIP
DELETE oder
COPY TO QUARANTENE habe...?!

cosinus 30.10.2011 18:23
Dann natürlich DELETE ;)

SEnES 31.10.2011 12:10
Alles klar Vielen vielen Dank =) bin super glücklich kannst du mir vielleicht noch ein AntivirenProgramm empfehlen für die Zukunft?

mfg
Senes

cosinus 31.10.2011 13:32
Wie kommst du darauf, dass wir durch sind?

Starte bitte Windows neu und mach ein neues TDSS-Killer-Log.

SEnES 31.10.2011 18:25
neuer LOG:
18:23:35.0195 4796 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
18:23:36.0176 4796 ============================================================
18:23:36.0176 4796 Current date / time: 2011/10/31 18:23:36.0176
18:23:36.0176 4796 SystemInfo:
18:23:36.0176 4796
18:23:36.0176 4796 OS Version: 6.0.6002 ServicePack: 2.0
18:23:36.0176 4796 Product type: Workstation
18:23:36.0176 4796 ComputerName: SENES-PC
18:23:36.0177 4796 UserName: Rene
18:23:36.0177 4796 Windows directory: C:\Windows
18:23:36.0177 4796 System windows directory: C:\Windows
18:23:36.0177 4796 Processor architecture: Intel x86
18:23:36.0177 4796 Number of processors: 2
18:23:36.0177 4796 Page size: 0x1000
18:23:36.0177 4796 Boot type: Normal boot
18:23:36.0177 4796 ============================================================
18:23:36.0612 4796 Initialize success
18:23:41.0002 4860 ============================================================
18:23:41.0002 4860 Scan started
18:23:41.0002 4860 Mode: Manual; SigCheck; TDLFS;
18:23:41.0002 4860 ============================================================
18:23:42.0601 4860 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:23:42.0714 4860 ACPI - ok
18:23:43.0712 4860 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
18:23:43.0742 4860 adp94xx - ok
18:23:44.0302 4860 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
18:23:44.0316 4860 adpahci - ok
18:23:45.0216 4860 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
18:23:45.0245 4860 adpu160m - ok
18:23:45.0727 4860 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
18:23:45.0739 4860 adpu320 - ok
18:23:46.0629 4860 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:23:46.0647 4860 AFD - ok
18:23:47.0930 4860 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:23:47.0939 4860 agp440 - ok
18:23:48.0177 4860 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:23:48.0193 4860 aic78xx - ok
18:23:48.0284 4860 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:23:48.0295 4860 aliide - ok
18:23:48.0366 4860 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:23:48.0383 4860 amdagp - ok
18:23:48.0414 4860 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:23:48.0429 4860 amdide - ok
18:23:48.0497 4860 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:23:48.0523 4860 AmdK7 - ok
18:23:48.0721 4860 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
18:23:48.0768 4860 AmdK8 - ok
18:23:48.0944 4860 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:23:48.0957 4860 arc - ok
18:23:49.0044 4860 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:23:49.0055 4860 arcsas - ok
18:23:49.0202 4860 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:23:49.0234 4860 AsyncMac - ok
18:23:49.0284 4860 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:23:49.0301 4860 atapi - ok
18:23:49.0530 4860 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
18:23:49.0627 4860 avgntflt - ok
18:23:49.0900 4860 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys
18:23:49.0926 4860 avipbb - ok
18:23:50.0257 4860 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
18:23:50.0285 4860 avkmgr - ok
18:23:50.0433 4860 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:23:50.0476 4860 b57nd60x - ok
18:23:50.0633 4860 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:23:50.0677 4860 Beep - ok
18:23:50.0896 4860 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
18:23:50.0940 4860 blbdrive - ok
18:23:51.0046 4860 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:23:51.0068 4860 bowser - ok
18:23:51.0173 4860 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:23:51.0197 4860 BrFiltLo - ok
18:23:51.0423 4860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:23:51.0450 4860 BrFiltUp - ok
18:23:51.0573 4860 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:23:51.0656 4860 Brserid - ok
18:23:51.0938 4860 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:23:52.0008 4860 BrSerWdm - ok
18:23:52.0413 4860 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:23:52.0488 4860 BrUsbMdm - ok
18:23:52.0781 4860 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:23:52.0836 4860 BrUsbSer - ok
18:23:52.0927 4860 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:23:52.0997 4860 BTHMODEM - ok
18:23:53.0183 4860 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:23:53.0227 4860 cdfs - ok
18:23:53.0357 4860 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:23:53.0398 4860 cdrom - ok
18:23:53.0613 4860 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
18:23:53.0655 4860 circlass - ok
18:23:53.0859 4860 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:23:53.0887 4860 CLFS - ok
18:23:54.0043 4860 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:23:54.0080 4860 CmBatt - ok
18:23:54.0125 4860 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
18:23:54.0145 4860 cmdide - ok
18:23:54.0257 4860 CnxtHdAudService (01b80273c019f0f25f27fa2e80a85578) C:\Windows\system32\drivers\CHDRT32.sys
18:23:54.0309 4860 CnxtHdAudService - ok
18:23:54.0405 4860 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:23:54.0440 4860 Compbatt - ok
18:23:54.0468 4860 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
18:23:54.0542 4860 crcdisk - ok
18:23:54.0567 4860 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
18:23:54.0617 4860 Crusoe - ok
18:23:54.0686 4860 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:23:54.0727 4860 DfsC - ok
18:23:55.0306 4860 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:23:55.0317 4860 disk - ok
18:23:55.0433 4860 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
18:23:55.0448 4860 DKbFltr - ok
18:23:55.0595 4860 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:23:55.0615 4860 drmkaud - ok
18:23:55.0824 4860 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:23:55.0986 4860 DXGKrnl - ok
18:23:56.0139 4860 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:23:56.0164 4860 E1G60 - ok
18:23:56.0320 4860 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:23:56.0333 4860 Ecache - ok
18:23:56.0462 4860 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
18:23:56.0519 4860 elxstor - ok
18:23:56.0646 4860 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
18:23:56.0674 4860 ErrDev - ok
18:23:56.0770 4860 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:23:56.0801 4860 exfat - ok
18:23:56.0901 4860 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:23:56.0927 4860 fastfat - ok
18:23:56.0997 4860 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
18:23:57.0021 4860 fdc - ok
18:23:57.0061 4860 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:23:57.0071 4860 FileInfo - ok
18:23:57.0153 4860 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:23:57.0177 4860 Filetrace - ok
18:23:57.0329 4860 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:23:57.0357 4860 flpydisk - ok
18:23:57.0579 4860 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:23:57.0595 4860 FltMgr - ok
18:23:58.0013 4860 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:23:58.0068 4860 Fs_Rec - ok
18:23:58.0299 4860 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
18:23:58.0309 4860 gagp30kx - ok
18:23:58.0677 4860 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:23:58.0728 4860 HdAudAddService - ok
18:23:59.0043 4860 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:23:59.0094 4860 HDAudBus - ok
18:23:59.0357 4860 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:23:59.0419 4860 HidBth - ok
18:23:59.0612 4860 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:23:59.0658 4860 HidIr - ok
18:23:59.0838 4860 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:23:59.0866 4860 HidUsb - ok
18:23:59.0982 4860 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
18:23:59.0997 4860 HpCISSs - ok
18:24:00.0142 4860 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:24:00.0169 4860 HSFHWAZL - ok
18:24:00.0426 4860 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:24:00.0641 4860 HSF_DPV - ok
18:24:01.0153 4860 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:24:01.0238 4860 HTTP - ok
18:24:01.0390 4860 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
18:24:01.0407 4860 i2omp - ok
18:24:01.0466 4860 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:24:01.0486 4860 i8042prt - ok
18:24:01.0723 4860 iaStor (71ecc07bc7c5e24c3dd01d8a29a24054) C:\Windows\system32\DRIVERS\iaStor.sys
18:24:01.0758 4860 iaStor - ok
18:24:01.0945 4860 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
18:24:01.0971 4860 iaStorV - ok
18:24:02.0124 4860 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:24:02.0137 4860 iirsp - ok
18:24:02.0191 4860 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:24:02.0200 4860 intelide - ok
18:24:02.0257 4860 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:24:02.0283 4860 intelppm - ok
18:24:02.0444 4860 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:24:02.0535 4860 IpFilterDriver - ok
18:24:02.0726 4860 IpInIp - ok
18:24:02.0875 4860 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
18:24:02.0905 4860 IPMIDRV - ok
18:24:03.0102 4860 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:24:03.0153 4860 IPNAT - ok
18:24:03.0382 4860 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
18:24:03.0452 4860 irda - ok
18:24:03.0580 4860 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:24:03.0607 4860 IRENUM - ok
18:24:03.0632 4860 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
18:24:03.0648 4860 isapnp - ok
18:24:03.0723 4860 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:24:03.0737 4860 iScsiPrt - ok
18:24:03.0819 4860 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:24:03.0835 4860 iteatapi - ok
18:24:03.0902 4860 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:24:03.0917 4860 iteraid - ok
18:24:04.0127 4860 k57nd60x (eac21e8014c7e6ee341afffb7e2bbd54) C:\Windows\system32\DRIVERS\k57nd60x.sys
18:24:04.0190 4860 k57nd60x - ok
18:24:04.0349 4860 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:24:04.0362 4860 kbdclass - ok
18:24:04.0461 4860 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
18:24:04.0501 4860 kbdhid - ok
18:24:04.0695 4860 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
18:24:04.0730 4860 KSecDD - ok
18:24:04.0980 4860 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:24:05.0027 4860 lltdio - ok
18:24:05.0306 4860 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
18:24:05.0325 4860 LSI_FC - ok
18:24:05.0505 4860 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
18:24:05.0522 4860 LSI_SAS - ok
18:24:05.0567 4860 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
18:24:05.0593 4860 LSI_SCSI - ok
18:24:05.0752 4860 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:24:05.0794 4860 luafv - ok
18:24:05.0899 4860 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\drivers\massfilter.sys
18:24:05.0917 4860 massfilter - ok
18:24:06.0016 4860 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
18:24:06.0032 4860 MBAMProtector - ok
18:24:06.0167 4860 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
18:24:06.0183 4860 megasas - ok
18:24:06.0327 4860 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
18:24:06.0353 4860 MegaSR - ok
18:24:06.0461 4860 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:24:06.0504 4860 Modem - ok
18:24:06.0602 4860 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:24:06.0644 4860 monitor - ok
18:24:06.0756 4860 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:24:06.0777 4860 mouclass - ok
18:24:06.0996 4860 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:24:07.0036 4860 mouhid - ok
18:24:07.0253 4860 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:24:07.0269 4860 MountMgr - ok
18:24:07.0372 4860 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
18:24:07.0391 4860 mpio - ok
18:24:07.0521 4860 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:24:07.0553 4860 mpsdrv - ok
18:24:07.0658 4860 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:24:07.0673 4860 Mraid35x - ok
18:24:07.0777 4860 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:24:07.0801 4860 MRxDAV - ok
18:24:07.0992 4860 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:24:08.0024 4860 mrxsmb - ok
18:24:08.0179 4860 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:24:08.0210 4860 mrxsmb10 - ok
18:24:08.0237 4860 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:24:08.0254 4860 mrxsmb20 - ok
18:24:08.0346 4860 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
18:24:08.0361 4860 msahci - ok
18:24:08.0397 4860 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
18:24:08.0409 4860 msdsm - ok
18:24:08.0438 4860 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:24:08.0465 4860 Msfs - ok
18:24:08.0684 4860 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:24:08.0785 4860 msisadrv - ok
18:24:08.0830 4860 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:24:08.0863 4860 MSKSSRV - ok
18:24:09.0082 4860 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:24:09.0125 4860 MSPCLOCK - ok
18:24:09.0383 4860 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:24:09.0426 4860 MSPQM - ok
18:24:09.0546 4860 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:24:09.0576 4860 MsRPC - ok
18:24:09.0657 4860 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:24:09.0672 4860 mssmbios - ok
18:24:09.0752 4860 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:24:09.0793 4860 MSTEE - ok
18:24:09.0961 4860 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:24:09.0986 4860 Mup - ok
18:24:10.0265 4860 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:24:10.0292 4860 NativeWifiP - ok
18:24:10.0360 4860 NAVENG - ok
18:24:10.0370 4860 NAVEX15 - ok
18:24:10.0465 4860 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:24:10.0503 4860 NDIS - ok
18:24:10.0719 4860 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:24:10.0753 4860 NdisTapi - ok
18:24:10.0970 4860 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:24:11.0010 4860 Ndisuio - ok
18:24:11.0121 4860 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:24:11.0154 4860 NdisWan - ok
18:24:11.0469 4860 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:24:11.0524 4860 NDProxy - ok
18:24:11.0605 4860 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:24:11.0646 4860 NetBIOS - ok
18:24:11.0753 4860 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:24:11.0788 4860 netbt - ok
18:24:12.0331 4860 NETw5v32 (ae642d069681a826d5f16e4f6ad158f3) C:\Windows\system32\DRIVERS\NETw5v32.sys
18:24:12.0556 4860 NETw5v32 - ok
18:24:12.0630 4860 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:24:12.0652 4860 nfrd960 - ok
18:24:12.0717 4860 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:24:12.0753 4860 Npfs - ok
18:24:12.0798 4860 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
18:24:12.0850 4860 NSCIRDA - ok
18:24:12.0938 4860 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:24:12.0981 4860 nsiproxy - ok
18:24:13.0079 4860 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:24:13.0138 4860 Ntfs - ok
18:24:13.0206 4860 NTIDrvr (6dcaa65f49ef3b97a5cffc0cb5de1c2f) C:\Windows\system32\drivers\NTIDrvr.sys
18:24:13.0219 4860 NTIDrvr - ok
18:24:13.0253 4860 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:24:13.0311 4860 ntrigdigi - ok
18:24:13.0349 4860 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:24:13.0384 4860 Null - ok
18:24:13.0459 4860 NVHDA (603b0c9bb86f7b3efb88a482c6663ec4) C:\Windows\system32\drivers\nvhda32v.sys
18:24:13.0474 4860 NVHDA - ok
18:24:13.0774 4860 nvlddmkm (3a3eb304b9bd9f4f6b3b745972f2c1e5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:24:14.0198 4860 nvlddmkm - ok
18:24:14.0326 4860 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
18:24:14.0341 4860 nvraid - ok
18:24:14.0472 4860 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
18:24:14.0493 4860 nvstor - ok
18:24:14.0615 4860 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
18:24:14.0633 4860 nv_agp - ok
18:24:14.0726 4860 NwlnkFlt - ok
18:24:14.0744 4860 NwlnkFwd - ok
18:24:14.0804 4860 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
18:24:14.0844 4860 ohci1394 - ok
18:24:14.0952 4860 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:24:15.0028 4860 Parport - ok
18:24:15.0262 4860 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:24:15.0287 4860 partmgr - ok
18:24:15.0492 4860 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:24:15.0562 4860 Parvdm - ok
18:24:15.0837 4860 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:24:15.0866 4860 pci - ok
18:24:16.0014 4860 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
18:24:16.0030 4860 pciide - ok
18:24:16.0130 4860 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
18:24:16.0161 4860 pcmcia - ok
18:24:16.0351 4860 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:24:16.0450 4860 PEAUTH - ok
18:24:16.0665 4860 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:24:16.0697 4860 PptpMiniport - ok
18:24:16.0912 4860 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
18:24:16.0954 4860 Processor - ok
18:24:17.0087 4860 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:24:17.0119 4860 PSched - ok
18:24:17.0148 4860 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
18:24:17.0165 4860 PxHelp20 - ok
18:24:17.0313 4860 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
18:24:17.0361 4860 ql2300 - ok
18:24:17.0468 4860 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:24:17.0492 4860 ql40xx - ok
18:24:17.0684 4860 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:24:17.0706 4860 QWAVEdrv - ok
18:24:17.0947 4860 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:24:17.0990 4860 RasAcd - ok
18:24:18.0263 4860 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:24:18.0309 4860 Rasl2tp - ok
18:24:18.0576 4860 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:24:18.0601 4860 RasPppoe - ok
18:24:18.0833 4860 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:24:18.0855 4860 RasSstp - ok
18:24:19.0138 4860 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:24:19.0180 4860 rdbss - ok
18:24:19.0458 4860 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:24:19.0504 4860 RDPCDD - ok
18:24:19.0642 4860 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
18:24:19.0688 4860 rdpdr - ok
18:24:19.0891 4860 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:24:19.0934 4860 RDPENCDD - ok
18:24:20.0211 4860 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:24:20.0255 4860 RDPWD - ok
18:24:20.0485 4860 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:24:20.0517 4860 rspndr - ok
18:24:20.0674 4860 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:24:20.0687 4860 sbp2port - ok
18:24:20.0807 4860 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
18:24:20.0839 4860 sdbus - ok
18:24:20.0879 4860 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:24:20.0938 4860 secdrv - ok
18:24:21.0216 4860 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:24:21.0260 4860 Serenum - ok
18:24:21.0575 4860 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:24:21.0617 4860 Serial - ok
18:24:21.0878 4860 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:24:21.0907 4860 sermouse - ok
18:24:22.0034 4860 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
18:24:22.0053 4860 sffdisk - ok
18:24:22.0449 4860 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
18:24:22.0479 4860 sffp_mmc - ok
18:24:22.0759 4860 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
18:24:22.0783 4860 sffp_sd - ok
18:24:22.0922 4860 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:24:22.0979 4860 sfloppy - ok
18:24:23.0013 4860 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
18:24:23.0028 4860 sisagp - ok
18:24:23.0140 4860 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
18:24:23.0151 4860 SiSRaid2 - ok
18:24:23.0376 4860 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
18:24:23.0386 4860 SiSRaid4 - ok
18:24:23.0590 4860 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:24:23.0616 4860 Smb - ok
18:24:23.0901 4860 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:24:23.0915 4860 spldr - ok
18:24:24.0092 4860 SRTSP - ok
18:24:24.0111 4860 SRTSPX - ok
18:24:24.0179 4860 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:24:24.0239 4860 srv - ok
18:24:24.0410 4860 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:24:24.0447 4860 srv2 - ok
18:24:24.0563 4860 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:24:24.0585 4860 srvnet - ok
18:24:24.0682 4860 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
18:24:24.0700 4860 ssmdrv - ok
18:24:24.0762 4860 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:24:24.0783 4860 swenum - ok
18:24:24.0987 4860 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:24:25.0008 4860 Symc8xx - ok
18:24:25.0113 4860 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:24:25.0125 4860 Sym_hi - ok
18:24:25.0245 4860 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:24:25.0261 4860 Sym_u3 - ok
18:24:25.0455 4860 SynTP (5c3e900f41426a372de60675afc8aa07) C:\Windows\system32\DRIVERS\SynTP.sys
18:24:25.0475 4860 SynTP - ok
18:24:25.0828 4860 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
18:24:25.0884 4860 Tcpip - ok
18:24:26.0195 4860 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
18:24:26.0260 4860 Tcpip6 - ok
18:24:26.0524 4860 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:24:26.0540 4860 tcpipreg - ok
18:24:26.0755 4860 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:24:26.0796 4860 TDPIPE - ok
18:24:27.0004 4860 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:24:27.0048 4860 TDTCP - ok
18:24:27.0312 4860 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:24:27.0346 4860 tdx - ok
18:24:27.0600 4860 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:24:27.0625 4860 TermDD - ok
18:24:27.0931 4860 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:24:27.0972 4860 tssecsrv - ok
18:24:28.0058 4860 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:24:28.0090 4860 tunmp - ok
18:24:28.0260 4860 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
18:24:28.0292 4860 tunnel - ok
18:24:28.0525 4860 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
18:24:28.0541 4860 uagp35 - ok
18:24:28.0677 4860 UBHelper (d79c0b9bb011218b93705cbf77fa3e5e) C:\Windows\system32\drivers\UBHelper.sys
18:24:28.0693 4860 UBHelper - ok
18:24:28.0764 4860 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:24:28.0799 4860 udfs - ok
18:24:28.0932 4860 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
18:24:28.0951 4860 uliagpkx - ok
18:24:29.0252 4860 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
18:24:29.0288 4860 uliahci - ok
18:24:29.0504 4860 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:24:29.0521 4860 UlSata - ok
18:24:29.0710 4860 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:24:29.0736 4860 ulsata2 - ok
18:24:29.0990 4860 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:24:30.0032 4860 umbus - ok
18:24:30.0309 4860 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:24:30.0336 4860 usbccgp - ok
18:24:30.0560 4860 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:24:30.0612 4860 usbcir - ok
18:24:30.0698 4860 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:24:30.0723 4860 usbehci - ok
18:24:30.0766 4860 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:24:30.0803 4860 usbhub - ok
18:24:30.0890 4860 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:24:30.0936 4860 usbohci - ok
18:24:31.0006 4860 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:24:31.0032 4860 usbprint - ok
18:24:31.0098 4860 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:24:31.0117 4860 USBSTOR - ok
18:24:31.0262 4860 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:24:31.0281 4860 usbuhci - ok
18:24:31.0433 4860 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:24:31.0459 4860 usbvideo - ok
18:24:31.0830 4860 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:24:31.0865 4860 vga - ok
18:24:32.0024 4860 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:24:32.0057 4860 VgaSave - ok
18:24:32.0227 4860 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
18:24:32.0240 4860 viaagp - ok
18:24:32.0428 4860 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
18:24:32.0480 4860 ViaC7 - ok
18:24:32.0734 4860 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
18:24:32.0752 4860 viaide - ok
18:24:32.0969 4860 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:24:32.0992 4860 volmgr - ok
18:24:33.0265 4860 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:24:33.0299 4860 volmgrx - ok
18:24:33.0430 4860 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:24:33.0466 4860 volsnap - ok
18:24:33.0688 4860 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
18:24:33.0722 4860 vsmraid - ok
18:24:33.0937 4860 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:24:33.0996 4860 WacomPen - ok
18:24:34.0154 4860 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:24:34.0191 4860 Wanarp - ok
18:24:34.0228 4860 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:24:34.0253 4860 Wanarpv6 - ok
18:24:34.0457 4860 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
18:24:34.0474 4860 Wd - ok
18:24:34.0749 4860 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:24:34.0791 4860 Wdf01000 - ok
18:24:35.0052 4860 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:24:35.0107 4860 winachsf - ok
18:24:35.0250 4860 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:24:35.0274 4860 WmiAcpi - ok
18:24:35.0527 4860 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:24:35.0570 4860 ws2ifsl - ok
18:24:35.0669 4860 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:24:35.0705 4860 WUDFRd - ok
18:24:35.0824 4860 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
18:24:35.0845 4860 ZTEusbmdm6k - ok
18:24:35.0881 4860 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
18:24:35.0901 4860 ZTEusbnmea - ok
18:24:35.0998 4860 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
18:24:36.0018 4860 ZTEusbser6k - ok
18:24:36.0123 4860 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} (556b5cfe8d21b256add7f87d7f4b4123) c:\Program Files\CyberLink\PowerDVD8\000.fcl
18:24:36.0136 4860 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
18:24:36.0170 4860 MBR (0x1B8) (beedf9b7f43a72a91456f7131afc11b2) \Device\Harddisk0\DR0
18:24:36.0708 4860 \Device\Harddisk0\DR0 - ok
18:24:36.0746 4860 Boot (0x1200) (a9aec487a2a2dfa7f11f5185993e5dec) \Device\Harddisk0\DR0\Partition0
18:24:36.0763 4860 \Device\Harddisk0\DR0\Partition0 - ok
18:24:36.0764 4860 ============================================================
18:24:36.0764 4860 Scan finished
18:24:36.0764 4860 ============================================================
18:24:36.0785 4620 Detected object count: 0
18:24:36.0785 4620 Actual detected object count: 0

cosinus 31.10.2011 18:43
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

SEnES 31.10.2011 20:09
Combofix Logfile:
Code:
ComboFix 11-10-30.04 - Rene 31.10.2011  19:56:35.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.3066.1776 [GMT 1:00]
ausgeführt von:: c:\users\Rene\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-09-28 bis 2011-10-31  ))))))))))))))))))))))))))))))
.
.
2011-10-31 19:01 . 2011-10-31 19:01        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-10-31 17:16 . 2011-10-31 17:16        56200        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{8D98F3DC-2211-492E-BFBB-7774F64BED99}\offreg.dll
2011-10-30 16:19 . 2009-11-17 14:20        126976        ----a-w-        c:\windows\system32\GPEapSim.dll
2011-10-30 16:13 . 2009-10-29 18:28        9216        ----a-w-        c:\windows\system32\drivers\massfilter.sys
2011-10-30 16:13 . 2009-10-29 18:28        105088        ----a-w-        c:\windows\system32\drivers\ZTEusbser6k.sys
2011-10-30 16:13 . 2009-10-29 18:28        105088        ----a-w-        c:\windows\system32\drivers\ZTEusbnmea.sys
2011-10-30 16:13 . 2009-10-29 18:28        105088        ----a-w-        c:\windows\system32\drivers\ZTEusbmdm6k.sys
2011-10-30 16:13 . 2009-05-25 15:40        13824        ----a-w-        c:\windows\system32\drivers\ZTEusbccid.sys
2011-10-30 16:13 . 2011-10-30 16:20        --------        d-----w-        c:\program files\Mobile Partner Manager
2011-10-29 13:10 . 2011-03-12 21:55        876032        ----a-w-        c:\windows\system32\XpsPrint.dll
2011-10-29 07:43 . 2011-10-29 07:43        --------        d-----w-        c:\program files\Windows Portable Devices
2011-10-29 07:38 . 2009-09-10 02:00        92672        ----a-w-        c:\windows\system32\UIAnimation.dll
2011-10-29 07:38 . 2009-09-10 02:01        3023360        ----a-w-        c:\windows\system32\UIRibbon.dll
2011-10-29 07:38 . 2009-09-10 02:00        1164800        ----a-w-        c:\windows\system32\UIRibbonRes.dll
2011-10-29 07:38 . 2009-09-25 01:33        369664        ----a-w-        c:\windows\system32\WMPhoto.dll
2011-10-29 07:38 . 2009-09-25 02:10        974848        ----a-w-        c:\windows\system32\WindowsCodecs.dll
2011-10-29 07:38 . 2009-09-25 02:07        189440        ----a-w-        c:\windows\system32\WindowsCodecsExt.dll
2011-10-29 07:38 . 2009-09-25 02:04        321024        ----a-w-        c:\windows\system32\PhotoMetadataHandler.dll
2011-10-29 07:38 . 2009-09-25 01:33        195584        ----a-w-        c:\windows\system32\dxdiagn.dll
2011-10-29 07:38 . 2009-09-25 01:32        252928        ----a-w-        c:\windows\system32\dxdiag.exe
2011-10-29 07:38 . 2009-09-25 01:31        519680        ----a-w-        c:\windows\system32\d3d11.dll
2011-10-28 16:18 . 2011-07-29 16:01        293376        ----a-w-        c:\windows\system32\psisdecd.dll
2011-10-28 16:17 . 2011-07-11 13:25        2048        ----a-w-        c:\windows\system32\tzres.dll
2011-10-28 16:13 . 2011-08-25 16:15        555520        ----a-w-        c:\windows\system32\UIAutomationCore.dll
2011-10-28 16:13 . 2011-08-25 16:14        563712        ----a-w-        c:\windows\system32\oleaut32.dll
2011-10-28 16:13 . 2011-08-25 16:14        238080        ----a-w-        c:\windows\system32\oleacc.dll
2011-10-28 16:13 . 2011-08-25 13:31        4096        ----a-w-        c:\windows\system32\oleaccrc.dll
2011-10-28 16:12 . 2011-06-20 08:54        3602832        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2011-10-28 16:12 . 2011-06-20 08:54        3550096        ----a-w-        c:\windows\system32\ntoskrnl.exe
2011-10-28 16:12 . 2011-06-17 20:13        905104        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2011-10-28 16:12 . 2010-05-04 19:13        231424        ----a-w-        c:\windows\system32\msshsq.dll
2011-10-28 15:46 . 2011-10-07 03:48        6668624        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{8D98F3DC-2211-492E-BFBB-7774F64BED99}\mpengine.dll
2011-10-28 06:03 . 2011-10-28 06:03        --------        d-----w-        C:\_OTL
2011-10-24 17:17 . 2011-10-24 17:17        --------        d-----w-        c:\program files\ESET
2011-10-24 15:16 . 2011-10-24 15:16        --------        d-----w-        c:\users\Public\CyberLink
2011-10-24 10:34 . 2011-10-24 10:35        --------        d-----w-        c:\windows\system32\ca-ES
2011-10-24 10:34 . 2011-10-24 10:35        --------        d-----w-        c:\windows\system32\eu-ES
2011-10-24 10:34 . 2011-10-24 10:35        --------        d-----w-        c:\windows\system32\vi-VN
2011-10-24 09:58 . 2011-10-24 09:58        --------        d-----w-        c:\windows\system32\EventProviders
2011-10-21 13:38 . 2011-10-21 13:38        --------        d-----w-        c:\program files\7-Zip
2011-10-21 12:31 . 2009-04-11 06:28        324608        ----a-w-        c:\windows\system32\sdohlp.dll
2011-10-21 12:30 . 2009-04-11 06:28        217088        ----a-w-        c:\windows\system32\WerFault.exe
2011-10-21 12:29 . 2009-04-11 06:28        83968        ----a-w-        c:\windows\system32\wbem\wmiutils.dll
2011-10-21 12:29 . 2009-04-11 06:28        744448        ----a-w-        c:\windows\system32\wbem\wbemcore.dll
2011-10-21 12:29 . 2009-04-11 06:28        30208        ----a-w-        c:\windows\system32\wbem\wbemprox.dll
2011-10-21 12:29 . 2009-04-11 06:28        265728        ----a-w-        c:\windows\system32\wbem\repdrvfs.dll
2011-10-21 12:29 . 2009-04-11 06:28        189440        ----a-w-        c:\windows\system32\wbem\mofd.dll
2011-10-21 12:29 . 2009-04-11 06:28        614912        ----a-w-        c:\windows\system32\wbem\fastprox.dll
2011-10-21 12:29 . 2009-04-11 06:28        265728        ----a-w-        c:\windows\system32\wbem\esscli.dll
2011-10-21 12:29 . 2009-04-11 06:28        705536        ----a-w-        c:\windows\system32\SmiEngine.dll
2011-10-21 12:29 . 2009-04-11 06:28        218624        ----a-w-        c:\windows\system32\wdscore.dll
2011-10-21 12:29 . 2009-04-11 06:27        130560        ----a-w-        c:\windows\system32\PkgMgr.exe
2011-10-21 12:29 . 2009-04-11 06:28        247808        ----a-w-        c:\windows\system32\drvstore.dll
2011-10-19 11:50 . 2011-10-19 11:50        --------        d-----w-        c:\programdata\Malwarebytes
2011-10-19 11:50 . 2011-10-19 11:50        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2011-10-19 11:50 . 2011-08-31 15:00        22216        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-10-12 17:43 . 2010-09-06 16:20        125952        ----a-w-        c:\windows\system32\srvsvc.dll
2011-10-12 17:43 . 2010-09-06 16:19        17920        ----a-w-        c:\windows\system32\netevent.dll
2011-10-12 17:42 . 2009-08-24 11:36        377344        ----a-w-        c:\windows\system32\winhttp.dll
2011-10-12 17:19 . 2011-10-12 17:19        --------        d-----w-        c:\users\Default\AppData\Local\Microsoft Help
2011-10-10 16:43 . 2011-09-18 06:39        134344        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2011-10-10 16:43 . 2011-09-15 21:55        36000        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2011-10-10 16:43 . 2011-09-15 21:55        74640        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2011-10-10 16:32 . 2011-10-10 16:32        --------        d-----w-        c:\programdata\Avira
2011-10-10 16:32 . 2011-10-10 16:32        --------        d-----w-        c:\program files\Avira
2011-10-10 15:51 . 2009-11-08 08:55        99176        ----a-w-        c:\windows\system32\PresentationHostProxy.dll
2011-10-10 15:51 . 2009-11-08 08:55        49472        ----a-w-        c:\windows\system32\netfxperf.dll
2011-10-10 15:51 . 2009-11-08 08:55        297808        ----a-w-        c:\windows\system32\mscoree.dll
2011-10-10 15:51 . 2009-11-08 08:55        295264        ----a-w-        c:\windows\system32\PresentationHost.exe
2011-10-10 15:51 . 2009-11-08 08:55        1130824        ----a-w-        c:\windows\system32\dfshim.dll
2011-10-10 15:40 . 2011-10-10 15:40        --------        d-----w-        c:\windows\Sun
2011-10-10 15:34 . 2011-10-10 15:34        414368        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 15:31 . 2011-03-03 15:40        28672        ----a-w-        c:\windows\system32\Apphlpdm.dll
2011-10-10 15:31 . 2011-03-03 13:35        4240384        ----a-w-        c:\windows\system32\GameUXLegacyGDFs.dll
2011-10-10 08:17 . 2010-02-12 10:48        293376        ----a-w-        c:\windows\system32\browserchoice.exe
2011-10-10 07:55 . 2010-02-20 23:06        24064        ----a-w-        c:\windows\system32\nshhttp.dll
2011-10-10 07:55 . 2010-02-20 23:05        30720        ----a-w-        c:\windows\system32\httpapi.dll
2011-10-10 07:55 . 2010-02-20 20:53        411648        ----a-w-        c:\windows\system32\drivers\http.sys
2011-10-07 14:10 . 2010-06-18 17:31        36864        ----a-w-        c:\windows\system32\rtutils.dll
2011-10-07 14:10 . 2010-08-31 15:44        531968        ----a-w-        c:\windows\system32\comctl32.dll
2011-10-07 14:10 . 2011-04-29 15:59        276992        ----a-w-        c:\windows\system32\schannel.dll
2011-10-07 14:10 . 2009-09-10 14:58        1418752        ----a-w-        c:\program files\Windows Media Player\setup_wm.exe
2011-10-07 14:10 . 2009-09-10 14:58        310784        ----a-w-        c:\windows\system32\unregmp2.exe
2011-10-07 14:05 . 2011-02-22 13:23        69632        ----a-w-        c:\windows\system32\drivers\bowser.sys
2011-10-07 14:04 . 2011-02-18 14:03        305152        ----a-w-        c:\windows\system32\drivers\srv.sys
2011-10-07 14:03 . 2010-04-05 17:02        317952        ----a-w-        c:\windows\system32\MP4SDECD.DLL
2011-10-07 14:03 . 2009-04-23 12:14        623616        ----a-w-        c:\windows\system32\localspl.dll
2011-10-07 14:03 . 2010-08-31 15:46        954752        ----a-w-        c:\windows\system32\mfc40.dll
2011-10-07 14:03 . 2010-08-31 15:46        954288        ----a-w-        c:\windows\system32\mfc40u.dll
2011-10-07 13:56 . 2011-05-02 17:16        739328        ----a-w-        c:\windows\system32\inetcomm.dll
2011-10-07 13:56 . 2010-10-18 13:37        81920        ----a-w-        c:\windows\system32\consent.exe
2011-10-07 13:56 . 2010-06-11 16:15        1248768        ----a-w-        c:\windows\system32\msxml3.dll
2011-10-07 13:56 . 2009-07-15 12:39        313344        ----a-w-        c:\windows\system32\wmpdxm.dll
2011-10-07 13:56 . 2009-07-15 10:21        43520        ----a-w-        c:\windows\system32\msdxm.tlb
2011-10-07 13:56 . 2009-07-15 10:21        18432        ----a-w-        c:\windows\system32\amcompat.tlb
2011-10-07 13:55 . 2010-01-25 12:00        471552        ----a-w-        c:\windows\system32\secproc_isv.dll
2011-10-07 13:55 . 2010-01-25 12:00        471552        ----a-w-        c:\windows\system32\secproc.dll
2011-10-07 13:55 . 2010-01-25 08:21        526336        ----a-w-        c:\windows\system32\RMActivate_isv.exe
2011-10-07 13:55 . 2010-01-25 08:21        518144        ----a-w-        c:\windows\system32\RMActivate.exe
2011-10-07 13:55 . 2010-01-25 12:00        152576        ----a-w-        c:\windows\system32\secproc_ssp_isv.dll
2011-10-07 13:55 . 2010-01-25 12:00        152064        ----a-w-        c:\windows\system32\secproc_ssp.dll
2011-10-07 13:55 . 2010-01-25 11:58        332288        ----a-w-        c:\windows\system32\msdrm.dll
2011-10-07 13:55 . 2010-01-25 08:21        346624        ----a-w-        c:\windows\system32\RMActivate_ssp_isv.exe
2011-10-07 13:55 . 2010-01-25 08:21        347136        ----a-w-        c:\windows\system32\RMActivate_ssp.exe
2011-10-07 13:46 . 2011-05-24 17:14        222080        ------w-        c:\windows\system32\MpSigStub.exe
2011-10-07 12:59 . 2011-10-28 06:03        --------        d-----w-        c:\program files\Ask.com
2011-10-07 12:54 . 2009-12-23 11:33        172032        ----a-w-        c:\windows\system32\wintrust.dll
2011-10-07 12:54 . 2010-01-13 17:34        98304        ----a-w-        c:\windows\system32\cabview.dll
2011-10-07 12:47 . 2011-10-07 12:47        --------        d-----w-        c:\program files\Common Files\Java
2011-10-07 12:47 . 2011-10-07 12:47        --------        d-----w-        c:\programdata\Ask
2011-10-07 12:47 . 2011-10-03 03:06        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2011-10-07 12:46 . 2011-10-24 15:32        --------        d-----w-        c:\program files\Java
2011-10-07 12:38 . 2009-08-07 02:24        44768        ----a-w-        c:\windows\system32\wups2.dll
2011-10-07 12:38 . 2009-08-07 02:24        53472        ----a-w-        c:\windows\system32\wuauclt.exe
2011-10-07 12:38 . 2009-08-07 02:23        1929952        ----a-w-        c:\windows\system32\wuaueng.dll
2011-10-07 12:38 . 2009-08-07 01:45        2421760        ----a-w-        c:\windows\system32\wucltux.dll
2011-10-07 12:37 . 2009-08-07 02:24        35552        ----a-w-        c:\windows\system32\wups.dll
2011-10-07 12:37 . 2009-08-07 02:23        575704        ----a-w-        c:\windows\system32\wuapi.dll
2011-10-07 12:37 . 2009-08-07 01:44        87552        ----a-w-        c:\windows\system32\wudriver.dll
2011-10-07 12:37 . 2009-08-06 17:23        171608        ----a-w-        c:\windows\system32\wuwebv.dll
2011-10-07 12:37 . 2009-08-06 16:44        33792        ----a-w-        c:\windows\system32\wuapp.exe
2011-10-07 01:33 . 2011-10-07 01:33        --------        d-----w-        c:\windows\system32\oem
2011-10-07 01:24 . 2007-12-03 23:11        207368        ----a-w-        c:\windows\UNINST32.EXE
2011-10-07 01:24 . 2006-11-03 05:29        21264        ----a-w-        c:\windows\system32\drivers\DKbFltr.sys
2011-10-07 01:24 . 2008-12-29 17:51        3715072        ----a-w-        c:\windows\system32\drivers\NETw5v32.sys
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\th-TH\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\uk-UA\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\tr-TR\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\sv-SE\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        5120        ----a-w-        c:\windows\system32\drivers\zh-TW\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        5120        ----a-w-        c:\windows\system32\drivers\zh-HK\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        4608        ----a-w-        c:\windows\system32\drivers\zh-CN\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\ro-RO\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\pt-PT\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\pt-BR\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\pl-PL\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\sr-Latn-CS\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\sl-SI\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\sk-SK\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\ru-RU\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        9216        ----a-w-        c:\windows\system32\drivers\nl-NL\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\it-IT\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\nb-NO\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\hu-HU\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        7680        ----a-w-        c:\windows\system32\drivers\lv-LV\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        7680        ----a-w-        c:\windows\system32\drivers\lt-LT\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        5632        ----a-w-        c:\windows\system32\drivers\ko-KR\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        9216        ----a-w-        c:\windows\system32\drivers\el-GR\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\hr-HR\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\da-DK\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\bg-BG\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        7680        ----a-w-        c:\windows\system32\drivers\fi-FI\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        7680        ----a-w-        c:\windows\system32\drivers\et-EE\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        7680        ----a-w-        c:\windows\system32\drivers\cs-CZ\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        7168        ----a-w-        c:\windows\system32\drivers\he-IL\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\fr-FR\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\es-ES\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8704        ----a-w-        c:\windows\system32\drivers\de-DE\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        8192        ----a-w-        c:\windows\system32\drivers\en-US\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        7168        ----a-w-        c:\windows\system32\drivers\ar-SA\bthport.sys.mui
2011-10-07 01:30 . 2011-10-07 01:30        6144        ----a-w-        c:\windows\system32\drivers\ja-JP\bthport.sys.mui
2011-10-06 16:08 . 2009-03-25 17:53        16        ----a-w-        c:\windows\SetLang.bat
2011-09-29 07:09 . 2011-10-10 09:40        134104        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"SmpcSys"="c:\program files\Packard Bell\SetupMyPC\SmpSys.exe" [2009-03-18 1160736]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-06 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-10-06 30192]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2008-11-06 474168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-22 13785632]
"VideoWebCamera"="c:\program files\VideoWebCamera\VideoWebCamera.exe" [2009-04-02 1552497]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-02-19 866824]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2009-05-26 254720]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-10-17 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-03-06 75048]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe" [2009-06-23 440864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-05 258512]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"UIExec"="c:\program files\Mobile Partner Manager\UIExec.exe" [2009-12-02 132096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-06 135664]
R2 UI Assistant Service;UI Assistant Service;c:\program files\Mobile Partner Manager\AssistantServices.exe [2009-12-02 246272]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-10-06 30192]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-06 135664]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-10-29 9216]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2011/10/06 18:04];c:\program files\CyberLink\PowerDVD8\000.fcl [2009-03-06 12:48 87536]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-05 86224]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe [2009-06-23 707104]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2009-05-26 62208]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-09-04 223232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-12-29 3715072]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-05-01 64032]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 68714036
*Deregistered* - 68714036
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2011-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-06 16:57]
.
2011-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-06 16:57]
.
2011-10-31 c:\windows\Tasks\Packard Bell Customer Registration Reminder - Rene.job
- c:\program files\Packard Bell\Packard Bell Customer Registration\PBCReg.exe [2009-03-30 12:23]
.
.
------- Zusätzlicher Suchlauf -------
.
mStart Page =
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\yufyf7et.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-PLFSetI - c:\program files\PLFSetI.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-10-31 20:01
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4444)
c:\program files\Packard Bell\Packard Bell PowerSave Solution\SysHook.dll
c:\program files\Nero\Nero8\Nero BackItUp\NBShell.dll
c:\program files\7-Zip\7-zip.dll
.
Zeit der Fertigstellung: 2011-10-31  20:03:54
ComboFix-quarantined-files.txt  2011-10-31 19:03
.
Vor Suchlauf: 7 Verzeichnis(se), 254.613.966.848 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 254.598.393.856 Bytes frei
.
- - End Of File - - 93CE2FD36FACE18C2E95FBC2D2CE0088
--- --- ---

cosinus 31.10.2011 22:13
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

SEnES 01.11.2011 11:07
OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 10:36:35 on 01.11.2011

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 7.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Packard Bell Customer Registration Reminder - Rene.job" - "Acer Incorporated" - C:\Program Files\Packard Bell\Packard Bell Customer Registration\PBCReg.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl
"PhysX.cpl" - "NVIDIA Corporation" - C:\Windows\system32\PhysX.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\Rene\AppData\Local\Temp\catchme.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"NAVENG" (NAVENG) - ? - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS  (File not found)
"NAVEX15" (NAVEX15) - ? - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS  (File not found)
"NTIDrvr" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\system32\drivers\NTIDrvr.sys
"Power Control [2011/10/06 18:04:15]" ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) - ? - c:\Program Files\CyberLink\PowerDVD8\000.fcl
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"SRTSP" (SRTSP) - ? - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS  (File not found)
"SRTSPX" (SRTSPX) - ? - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS  (File not found)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -  (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"SmpcSys" - "Acer Incorporated" - C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acer ePower Management" - "Acer Incorporated" - C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ApnUpdater" - "Ask" - "C:\Program Files\Ask.com\Updater\Updater.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"BackupManagerTray" - "NewTech Infosystems, Inc." - "C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -k
"BDRegion" - "cyberlink" - c:\Program Files\Cyberlink\Shared Files\brs.exe
"cAudioFilterAgent" - "Conexant Systems, Inc." - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"LManager" - "Dritek System Inc." - C:\Program Files\Launch Manager\LManager.exe
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
"PDVD8LanguageShortcut" - ? - "c:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
"RemoteControl8" - "CyberLink Corp." - "c:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"UIExec" - ? - "C:\Program Files\Mobile Partner Manager\UIExec.exe"  (File found, but it contains no detailed information)
"VideoWebCamera" - "Suyin" - "C:\Program Files\VideoWebCamera\VideoWebCamera.exe" -a

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
"Adobe Active File Monitor V6" (AdobeActiveFileMonitor6.0) - ? - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe  (File found, but it contains no detailed information)
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
"NTI IScheduleSvc" (NTI IScheduleSvc) - "NewTech Infosystems, Inc." - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\Windows\system32\IoctlSvc.exe
"UI Assistant Service" (UI Assistant Service) - ? - C:\Program Files\Mobile Partner Manager\AssistantServices.exe  (File found, but it contains no detailed information)

[Winlogon]
-----( HKCU\Control Panel\Desktop )-----
"SCRNSAVE.EXE" - "Acer" - C:\Windows\System32\PackardBell.scr

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

SEnES 01.11.2011 11:08
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-01 10:48:28
-----------------------------
10:48:28.725 OS Version: Windows 6.0.6002 Service Pack 2
10:48:28.725 Number of processors: 2 586 0x170A
10:48:28.727 ComputerName: SENES-PC UserName: Rene
10:48:30.823 Initialize success
10:53:20.788 AVAST engine defs: 11110100
10:56:27.023 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:56:27.026 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
10:56:27.052 Disk 0 MBR read successfully
10:56:27.056 Disk 0 MBR scan
10:56:27.063 Disk 0 unknown MBR code
10:56:27.069 Disk 0 scanning sectors +625139712
10:56:27.165 Disk 0 scanning C:\Windows\system32\drivers
10:56:37.467 Service scanning
10:56:38.813 Modules scanning
10:56:46.931 Disk 0 trace - called modules:
10:56:46.962 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:56:46.966 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86916380]
10:56:46.970 3 CLASSPNP.SYS[8ada78b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8590a028]
10:56:48.421 AVAST engine scan C:\Windows
10:56:56.032 AVAST engine scan C:\Windows\system32
10:59:08.562 AVAST engine scan C:\Windows\system32\drivers
10:59:19.951 AVAST engine scan C:\Users\Rene
11:03:36.668 AVAST engine scan C:\ProgramData
11:05:47.829 Scan finished successfully
11:06:33.862 Disk 0 MBR has been saved successfully to "C:\Users\Rene\Desktop\MBR.dat"
11:06:33.871 The log file has been saved successfully to "C:\Users\Rene\Desktop\aswMBR.txt"

SEnES 01.11.2011 11:08
GMER Logfile:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-11-01 10:23:07
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB3O
Running: y1fpo198.exe; Driver: C:\Users\Rene\AppData\Local\Temp\fgloypow.sys


---- System - GMER 1.0.15 ----

SSDT            8D2C074E                                                                                                                                        ZwCreateSection
SSDT            8D2C0758                                                                                                                                        ZwRequestWaitReplyPort
SSDT            8D2C0753                                                                                                                                        ZwSetContextThread
SSDT            8D2C075D                                                                                                                                        ZwSetSecurityObject
SSDT            8D2C0762                                                                                                                                        ZwSystemDebugControl
SSDT            8D2C06EF                                                                                                                                        ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text          ntkrnlpa.exe!KeSetEvent + 215                                                                                                                  826E4998 4 Bytes  [4E, 07, 2C, 8D] {DEC ESI; POP ES; SUB AL, 0x8d}
.text          ntkrnlpa.exe!KeSetEvent + 539                                                                                                                  826E4CBC 4 Bytes  [58, 07, 2C, 8D] {POP EAX; POP ES; SUB AL, 0x8d}
.text          ntkrnlpa.exe!KeSetEvent + 56D                                                                                                                  826E4CF0 4 Bytes  [53, 07, 2C, 8D] {PUSH EBX; POP ES; SUB AL, 0x8d}
.text          ntkrnlpa.exe!KeSetEvent + 5D1                                                                                                                  826E4D54 4 Bytes  [5D, 07, 2C, 8D] {POP EBP; POP ES; SUB AL, 0x8d}
.text          ntkrnlpa.exe!KeSetEvent + 619                                                                                                                  826E4D9C 4 Bytes  [62, 07, 2C, 8D] {BOUND EAX, [EDI]; SUB AL, 0x8d}
.text          ...                                                                                                                                           
.text          c:\Program Files\CyberLink\PowerDVD8\000.fcl                                                                                                    section is writeable [0x9D763000, 0x2892, 0xE8000020]
.vmp2          c:\Program Files\CyberLink\PowerDVD8\000.fcl                                                                                                    entry point in ".vmp2" section [0x9D786050]

---- User IAT/EAT - GMER 1.0.15 ----

IAT            C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe[1300] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ExitWindowsEx]  [00A31210] C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\Pehook.dll (Backup Manager Module/NewTech Infosystems, Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                                        Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                                        Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \FileSystem\fastfat \Fat                                                                                                                        fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
--- --- ---

cosinus 01.11.2011 13:06
Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.

Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar.

Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.
Anschließend Windows neu starten und ein neues Log mit aswMBR machen.

SEnES 01.11.2011 13:36
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-01 13:35:22
-----------------------------
13:35:22.050 OS Version: Windows 6.0.6002 Service Pack 2
13:35:22.050 Number of processors: 2 586 0x170A
13:35:22.052 ComputerName: SENES-PC UserName: Rene
13:35:24.108 Initialize success
13:35:29.816 AVAST engine defs: 11110100
13:35:35.186 Verifying
13:35:45.204 Disk 0 Windows 600 MBR fixed successfully
13:36:06.463 Disk 0 MBR has been saved successfully to "C:\Users\Rene\Desktop\MBR.dat"
13:36:06.464 The log file has been saved successfully to "C:\Users\Rene\Desktop\aswMBR2.txt"

cosinus 01.11.2011 14:05
Ich wollte nicht das Fixlog sehen, sondern ein neu erstelltest Log nachdem der MBR gefixt wurde!

SEnES 01.11.2011 15:34
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-01 15:24:16
-----------------------------
15:24:16.718 OS Version: Windows 6.0.6002 Service Pack 2
15:24:16.719 Number of processors: 2 586 0x170A
15:24:16.720 ComputerName: SENES-PC UserName: Rene
15:24:18.714 Initialize success
15:24:24.660 AVAST engine defs: 11110100
15:24:26.532 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:24:26.535 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
15:24:26.582 Disk 0 MBR read successfully
15:24:26.585 Disk 0 MBR scan
15:24:26.613 Disk 0 Windows VISTA default MBR code
15:24:26.618 Disk 0 scanning sectors +625139712
15:24:26.769 Disk 0 scanning C:\Windows\system32\drivers
15:24:41.548 Service scanning
15:24:42.962 Modules scanning
15:24:49.390 Disk 0 trace - called modules:
15:24:49.396
15:24:50.980 AVAST engine scan C:\Windows
15:24:58.602 AVAST engine scan C:\Windows\system32
15:27:17.431 AVAST engine scan C:\Windows\system32\drivers
15:27:29.242 AVAST engine scan C:\Users\Rene
15:31:51.028 AVAST engine scan C:\ProgramData
15:34:07.476 Scan finished successfully
15:34:20.282 Disk 0 MBR has been saved successfully to "C:\Users\Rene\Desktop\MBR.dat"
15:34:20.288 The log file has been saved successfully to "C:\Users\Rene\Desktop\aswMBR3.txt"

cosinus 01.11.2011 15:48
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


SEnES 02.11.2011 12:28
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 11/02/2011 at 11:38 AM

Application Version : 5.0.1134

Core Rules Database Version : 7885
Trace Rules Database Version: 5697

Scan type : Complete Scan
Total Scan Time : 01:01:09

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 749
Memory threats detected : 0
Registry items scanned : 36929
Registry threats detected : 0
File items scanned : 136020
File threats detected : 526

Adware.Tracking Cookie
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@serving-sys[1].txt [ Cookie:rene@serving-sys.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@ads.pointroll[2].txt [ Cookie:rene@ads.pointroll.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@ad2.adfarm1.adition[2].txt [ Cookie:rene@ad2.adfarm1.adition.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@www.cpcadnet[1].txt [ Cookie:rene@www.cpcadnet.com/track/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@doubleclick[1].txt [ Cookie:rene@doubleclick.net/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@ad.zanox[1].txt [ Cookie:rene@ad.zanox.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@ad3.adfarm1.adition[1].txt [ Cookie:rene@ad3.adfarm1.adition.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@ad.yieldmanager[2].txt [ Cookie:rene@ad.yieldmanager.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@bizzclick[1].txt [ Cookie:rene@bizzclick.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@zanox[2].txt [ Cookie:rene@zanox.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@statse.webtrendslive[1].txt [ Cookie:rene@statse.webtrendslive.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@accounts.google[2].txt [ Cookie:rene@accounts.google.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@advertise[1].txt [ Cookie:rene@advertise.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@tracking.mlsat02[1].txt [ Cookie:rene@tracking.mlsat02.de/tmobile/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@pointroll[2].txt [ Cookie:rene@pointroll.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@tto2.traffictrack[2].txt [ Cookie:rene@tto2.traffictrack.de/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@adtech[1].txt [ Cookie:rene@adtech.de/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@cpcadnet[2].txt [ Cookie:rene@cpcadnet.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@content.yieldmanager[1].txt [ Cookie:rene@content.yieldmanager.com/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@www.googleadservices[1].txt [ Cookie:rene@www.googleadservices.com/pagead/conversion/1052825818/ ]
C:\USERS\RENE\AppData\Roaming\Microsoft\Windows\Cookies\Low\rene@questionmarket[2].txt [ Cookie:rene@questionmarket.com/ ]
s0.2mdn.net [ C:\USERS\RENE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SGANH5SB ]
C:\USERS\RENE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RENE@AD.AD-SRV[2].TXT [ /AD.AD-SRV ]
C:\USERS\RENE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RENE@AD4.ADFARM1.ADITION[1].TXT [ /AD4.ADFARM1.ADITION ]
C:\USERS\RENE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RENE@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
C:\USERS\RENE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RENE@BS.SERVING-SYS[2].TXT [ /BS.SERVING-SYS ]
C:\USERS\RENE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RENE@GOOGLEADS.G.DOUBLECLICK[1].TXT [ /GOOGLEADS.G.DOUBLECLICK ]
C:\USERS\RENE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RENE@IM.BANNER.T-ONLINE[2].TXT [ /IM.BANNER.T-ONLINE ]
C:\USERS\RENE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RENE@TRAFFICTRACK[1].TXT [ /TRAFFICTRACK ]
C:\USERS\RENE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\RENE@ZANOX-AFFILIATE[2].TXT [ /ZANOX-AFFILIATE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmyohdzefo.stats.esomniture.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.cpcadnet.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.cpcadnet.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
bridge2.admarketplace.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.admarketplace.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.bizzclick.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfmiggcpkco.stats.esomniture.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.mediatraffic.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad1.dyntracker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
stats.bmw.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ads.247activemedia.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.admediate.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.ad6media.fr [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.ad6media.fr [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.aimfar.solution.weborama.fr [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.aimfar.solution.weborama.fr [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
tracking.statravel.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.www.burstnet.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.velmedia.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\RENE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YUFYF7ET.DEFAULT\COOKIES.SQLITE ]
media.eju.org [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AZAAABY ]
media.mtvnservices.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AZAAABY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@247ACTIVEMEDIA[2].TXT [ /247ACTIVEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@2O7[2].TXT [ /2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ACCOUNT.FROGSTER-ONLINE[1].TXT [ /ACCOUNT.FROGSTER-ONLINE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.360YIELD[1].TXT [ /AD.360YIELD ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.AD-SRV[2].TXT [ /AD.AD-SRV ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.ADITION[2].TXT [ /AD.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.ADNET[2].TXT [ /AD.ADNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.ADSERVER01[2].TXT [ /AD.ADSERVER01 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD.ZANOX[2].TXT [ /AD.ZANOX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD1.ADFARM1.ADITION[2].TXT [ /AD1.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD2.ADFARM1.ADITION[2].TXT [ /AD2.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD3.ADFARM1.ADITION[2].TXT [ /AD3.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AD4.ADFARM1.ADITION[1].TXT [ /AD4.ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADBRITE[2].TXT [ /ADBRITE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADFARM1.ADITION[2].TXT [ /ADFARM1.ADITION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADFORM[2].TXT [ /ADFORM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADJUGGLER[1].TXT [ /ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADMEDIATE[2].TXT [ /ADMEDIATE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.247ACTIVEMEDIA[1].TXT [ /ADS.247ACTIVEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.AD4GAME[1].TXT [ /ADS.AD4GAME ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.ADK2[2].TXT [ /ADS.ADK2 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.ADXVALUE[2].TXT [ /ADS.ADXVALUE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.ASK[2].TXT [ /ADS.ASK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.CPXCENTER[2].TXT [ /ADS.CPXCENTER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.CREAFI[1].TXT [ /ADS.CREAFI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.CREATIVE-SERVING[2].TXT [ /ADS.CREATIVE-SERVING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.GAMERSMEDIA[2].TXT [ /ADS.GAMERSMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.GLISPA[2].TXT [ /ADS.GLISPA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.INTERGI[1].TXT [ /ADS.INTERGI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.LZJL[1].TXT [ /ADS.LZJL ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.PUBMATIC[2].TXT [ /ADS.PUBMATIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADS.PURELEADS[2].TXT [ /ADS.PURELEADS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADSERVER.ADTECHUS[1].TXT [ /ADSERVER.ADTECHUS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADSERVER[1].TXT [ /ADSERVER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADSERVING.EZANGA[1].TXT [ /ADSERVING.EZANGA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADSRV1.ADMEDIATE[2].TXT [ /ADSRV1.ADMEDIATE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADTECH[1].TXT [ /ADTECH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADULTFRIENDFINDER[2].TXT [ /ADULTFRIENDFINDER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISE[2].TXT [ /ADVERTISE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADVERTISING[1].TXT [ /ADVERTISING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ADXPOSE[1].TXT [ /ADXPOSE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AIM4MEDIA[1].TXT [ /AIM4MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APMEBF[1].TXT [ /APMEBF ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@APP.INSIGHTGRIT[1].TXT [ /APP.INSIGHTGRIT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ATDMT[2].TXT [ /ATDMT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AUTOSCOUT24.112.2O7[1].TXT [ /AUTOSCOUT24.112.2O7 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@AZJMP[2].TXT [ /AZJMP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BANNER.CPCADNET[2].TXT [ /BANNER.CPCADNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BETTENRID.TRAFFECTIVE-TRACKING[2].TXT [ /BETTENRID.TRAFFECTIVE-TRACKING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZRATE.CO[1].TXT [ /BIZRATE.CO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BIZZCLICK[1].TXT [ /BIZZCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CASALEMEDIA[1].TXT [ /CASALEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICK.IWANTUONLINE[2].TXT [ /CLICK.IWANTUONLINE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICK.PAYPERCLICK.CO[1].TXT [ /CLICK.PAYPERCLICK.CO ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICK.RIGHT-ADS[1].TXT [ /CLICK.RIGHT-ADS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKS.MYSEARCHTHEME[1].TXT [ /CLICKS.MYSEARCHTHEME ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKS.THESPECIALSEARCH[1].TXT [ /CLICKS.THESPECIALSEARCH ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[1].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CLICKSOR[2].TXT [ /CLICKSOR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@COLLECTIVE-MEDIA[1].TXT [ /COLLECTIVE-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@CPCADNET[1].TXT [ /CPCADNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DISCOUNTSHOPUSA[2].TXT [ /DISCOUNTSHOPUSA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EAS.APM.EMEDIATE[2].TXT [ /EAS.APM.EMEDIATE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ECLICKZ[1].TXT [ /ECLICKZ ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EHG-REDDOORINTERACTIVE.HITBOX[1].TXT [ /EHG-REDDOORINTERACTIVE.HITBOX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ENHANCE[2].TXT [ /ENHANCE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EXOCLICK[1].TXT [ /EXOCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@EYEWONDER[2].TXT [ /EYEWONDER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FASTCLICK[1].TXT [ /FASTCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FIDELITY.ROTATOR.HADJ7.ADJUGGLER[1].TXT [ /FIDELITY.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FILTER.PLUSFIND[2].TXT [ /FILTER.PLUSFIND ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FINDOLOGY[1].TXT [ /FINDOLOGY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FINDVERMONT[2].TXT [ /FINDVERMONT ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@FRIENDFINDER[2].TXT [ /FRIENDFINDER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GLOBAL.MULTIFIND24[1].TXT [ /GLOBAL.MULTIFIND24 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@GO.WANTUSEXY[1].TXT [ /GO.WANTUSEXY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@H2PORN[1].TXT [ /H2PORN ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@HARRENMEDIANETWORK[1].TXT [ /HARRENMEDIANETWORK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@HITBOX[1].TXT [ /HITBOX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@IM.BANNER.T-ONLINE[1].TXT [ /IM.BANNER.T-ONLINE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INDIECLICK[1].TXT [ /INDIECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INTERCLICK[2].TXT [ /INTERCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LINKSYNERGY[2].TXT [ /LINKSYNERGY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LIVEPERSON[1].TXT [ /LIVEPERSON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@LIVEPERSON[3].TXT [ /LIVEPERSON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MARCOPOLO.TRAFFECTIVE-TRACKING[2].TXT [ /MARCOPOLO.TRAFFECTIVE-TRACKING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIA6DEGREES[1].TXT [ /MEDIA6DEGREES ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIABRANDSWW[1].TXT [ /MEDIABRANDSWW ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MEDIATRAFFIC[2].TXT [ /MEDIATRAFFIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MM.CHITIKA[2].TXT [ /MM.CHITIKA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MMOTRAFFIC[1].TXT [ /MMOTRAFFIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MYBESTCLICK[2].TXT [ /MYBESTCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@MYROITRACKING[1].TXT [ /MYROITRACKING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@OPTIMIZE.INDIECLICK[1].TXT [ /OPTIMIZE.INDIECLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@OVERTURE[2].TXT [ /OVERTURE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P220T1S5853760.KRONOS.BRAVENETMEDIA[1].TXT [ /P220T1S5853760.KRONOS.BRAVENETMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P222T1S1746321.KRONOS.BRAVENETMEDIA[1].TXT [ /P222T1S1746321.KRONOS.BRAVENETMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P222T1S4048664.KRONOS.BRAVENETMEDIA[1].TXT [ /P222T1S4048664.KRONOS.BRAVENETMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P222T1S6000092.KRONOS.BRAVENETMEDIA[1].TXT [ /P222T1S6000092.KRONOS.BRAVENETMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P306T1S1974157.KRONOS.BRAVENETMEDIA[1].TXT [ /P306T1S1974157.KRONOS.BRAVENETMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P306T1S5316985.KRONOS.BRAVENETMEDIA[1].TXT [ /P306T1S5316985.KRONOS.BRAVENETMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@P380T1S3819229.KRONOS.BRAVENETMEDIA[1].TXT [ /P380T1S3819229.KRONOS.BRAVENETMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@PRO-MARKET[1].TXT [ /PRO-MARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@QUESTIONMARKET[1].TXT [ /QUESTIONMARKET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@REVSCI[2].TXT [ /REVSCI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@RU4[1].TXT [ /RU4 ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SALES.LIVEPERSON[2].TXT [ /SALES.LIVEPERSON ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVEDBY.ADXSERVE[1].TXT [ /SERVEDBY.ADXSERVE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVER.CPMSTAR[1].TXT [ /SERVER.CPMSTAR ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SEXINFOBANK[2].TXT [ /SEXINFOBANK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SHOPFINDED[1].TXT [ /SHOPFINDED ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SMARTADSERVER[1].TXT [ /SMARTADSERVER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@SPECIFICCLICK[2].TXT [ /SPECIFICCLICK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@STATCOUNTER[2].TXT [ /STATCOUNTER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@THEIFINDER[1].TXT [ /THEIFINDER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACK.ADFORM[1].TXT [ /TRACK.ADFORM ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACK.EFFILIATION[1].TXT [ /TRACK.EFFILIATION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACK.EFFILIATION[3].TXT [ /TRACK.EFFILIATION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACK.RIGHT-ADS[2].TXT [ /TRACK.RIGHT-ADS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACKING.GAMEFORGE[2].TXT [ /TRACKING.GAMEFORGE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACKING.MINDSHARE[1].TXT [ /TRACKING.MINDSHARE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACKING.QUISMA[2].TXT [ /TRACKING.QUISMA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRACKING1.ALEADPAY[1].TXT [ /TRACKING1.ALEADPAY ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRADEDOUBLER[2].TXT [ /TRADEDOUBLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICENGINE[2].TXT [ /TRAFFICENGINE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICMP[2].TXT [ /TRAFFICMP ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFFICTRACK[2].TXT [ /TRAFFICTRACK ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRAFSTATS[1].TXT [ /TRAFSTATS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@TRIBALFUSION[2].TXT [ /TRIBALFUSION ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@UNITYMEDIA[2].TXT [ /UNITYMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@VIACOM.ADBUREAU[2].TXT [ /VIACOM.ADBUREAU ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@VIDASCO.ROTATOR.HADJ7.ADJUGGLER[2].TXT [ /VIDASCO.ROTATOR.HADJ7.ADJUGGLER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WEBMASTERPLAN[2].TXT [ /WEBMASTERPLAN ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WW251.SMARTADSERVER[2].TXT [ /WW251.SMARTADSERVER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.BURSTNET[1].TXT [ /WWW.BURSTNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.CPCADNET[1].TXT [ /WWW.CPCADNET ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.ETRACKER[1].TXT [ /WWW.ETRACKER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.GEOCLIKS[2].TXT [ /WWW.GEOCLIKS ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.KIUPREVENUE[1].TXT [ /WWW.KIUPREVENUE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.MATRIX-MEDIA[1].TXT [ /WWW.MATRIX-MEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.MEDIATRAFFIC[2].TXT [ /WWW.MEDIATRAFFIC ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.TRAFFECTIVE-TRACKING[1].TXT [ /WWW.TRAFFECTIVE-TRACKING ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.WEBCAMSEX[1].TXT [ /WWW.WEBCAMSEX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@WWW.ZANOX-AFFILIATE[1].TXT [ /WWW.ZANOX-AFFILIATE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@XITI[1].TXT [ /XITI ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@XM.XTENDMEDIA[1].TXT [ /XM.XTENDMEDIA ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@XML.TRAFFICENGINE[2].TXT [ /XML.TRAFFICENGINE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@YIELDMANAGER[1].TXT [ /YIELDMANAGER ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ZANOX-AFFILIATE[1].TXT [ /ZANOX-AFFILIATE ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ZANOX[2].TXT [ /ZANOX ]
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\SYSTEM@ZEDO[2].TXT [ /ZEDO ]

SEnES 02.11.2011 12:29
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8062

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

01.11.2011 19:38:59
mbam-log-2011-11-01 (19-38-59).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 294327
Laufzeit: 1 Stunde(n), 23 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 02.11.2011 12:32
Ok nur Cookies bislang, die können weg.
Fehlt noch ESET

SEnES 02.11.2011 15:54
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c4dcc33751c0e747976b8ba189e5d6b3
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-27 05:57:40
# local_time=2011-10-27 07:57:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 1467375 1467375 0 0
# compatibility_mode=5892 16776573 100 100 610 157264460 0 0
# compatibility_mode=8192 67108863 100 0 255086 255086 0 0
# scanned=131073
# found=5
# cleaned=0
# scan_time=6528
C:\Users\Rene\Downloads\trojan-killer-2109-setup.exe.part a variant of Win32/1AntiVirus application (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MFCK7VF\32467[1].pdf JS/Exploit.Pdfka.PEV trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MFCK7VF\forum[1].htm JS/Kryptik.CZ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MGJWVPV\264c3[1].pdf JS/Exploit.Pdfka.PEV trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MGJWVPV\main[1].htm JS/Kryptik.CZ trojan (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c4dcc33751c0e747976b8ba189e5d6b3
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-02 01:31:21
# local_time=2011-11-02 02:31:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 1969579 1969579 0 0
# compatibility_mode=5892 16776573 100 100 3879 157766664 0 0
# compatibility_mode=8192 67108863 100 0 757290 757290 0 0
# scanned=145304
# found=1
# cleaned=0
# scan_time=6745
C:\_OTL\MovedFiles\10282011_080318\C_Users\Rene\Downloads\trojan-killer-2109-setup.exe.part a variant of Win32/1AntiVirus application (unable to clean) 00000000000000000000000000000000 I

cosinus 02.11.2011 16:01
Nur ein Überrest, war aber auch nicht wirklich gefährlich.
Rechner wieder im Lot?

SEnES 02.11.2011 19:53
ansonsten sind sämtliche symptome weg. ich werde nicht mehr weitergeleitet auf irgendwelche Webseiten. kein Piipen mehr von Antivire, mein Internetstick bricht nicht mehr ab nach 20 mion oder weniger nud somit bin cih echt wieder glücklich das ihc arbeiten kann. Dennoch werde ich kein Onlinebanking mehr mit dem Rechner vollziehen.

Mfg
Senes:applaus:

SEnES 02.11.2011 19:54
kann ich die jjetzt bekannt gewordenen sachen nun noch alle löschen?! und was kannst du mir vll empfehlen für die Zukunft außer nicht mehr auf facebooklinks zu gehen. ;)

cosinus 02.11.2011 20:43
Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt.
Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken.

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink:

Mozilla und andere Browser => http://filepony.de/?q=Flash+Player
Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

SEnES 03.11.2011 18:04
Alles klar so weit, hab die letzten Sachen noch alle übernommen bzw verändert. Bei den JAva Sachen seh ich nichtganz durch was ich wirklich brauche. und ihc hab Probleme mit dem deinstallieren von combofix.

cosinus 03.11.2011 18:28
Zitat:
und ihc hab Probleme mit dem deinstallieren von combofix.
Ahja interessant. Fehlt da nciht etwas?

SEnES 03.11.2011 23:52
okay nach einem neustart hatte sich auch das Problem mit der deinstalation von combofix behoben.

In diesem Sinne ist alles wie besprochen verlaufen =)

vielen vielen Dank =) ich werde euch weiterempfehlen:


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:07 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130