Trojaner-Board - Achtung! Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert. 50 € Zahlungsaufforderung

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Achtung! Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert. 50 € Zahlungsaufforderung (https://www.trojaner-board.de/110404-achtung-sicherheitsgruenden-wurde-windowssystem-blockiert-50-zahlungsaufforderung.html)

Wie gesagt, einfach in Zukunft sein lassen. Daher hast du diesen Blockiermüll wohl auch her.

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Ok, der TDSS-Killer ist auch durch. Etwas komisch war nur, dass er einen Threat gefunden hat, nach dem Scan stand im Fenster aber groß oben drüber "No threats found" (in der Auflistung darunter allerdings dann doch wieder "Found: 1 threat). Das ganze ging auch ziemlich schnell, etwas mehr als 3 Minuten. Ist das normal?

Hier das Log:

Code:

 14:46:56.0841 4868        TDSS rootkit removing tool 2.7.15.0 Feb 27 2012 12:59:02

14:46:56.0935 4868        ============================================================

14:46:56.0935 4868        Current date / time: 2012/02/28 14:46:56.0935

14:46:56.0935 4868        SystemInfo:

14:46:56.0935 4868        

14:46:56.0936 4868        OS Version: 6.0.6002 ServicePack: 2.0

14:46:56.0936 4868        Product type: Workstation

14:46:56.0936 4868        ComputerName: HOME-PC

14:46:56.0936 4868        UserName: Freddy

14:46:56.0936 4868        Windows directory: C:\Windows

14:46:56.0936 4868        System windows directory: C:\Windows

14:46:56.0936 4868        Processor architecture: Intel x86

14:46:56.0936 4868        Number of processors: 2

14:46:56.0937 4868        Page size: 0x1000

14:46:56.0937 4868        Boot type: Normal boot

14:46:56.0937 4868        ============================================================

14:46:58.0091 4868        Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x209CD, SectorsPerTrack: 0x1A, TracksPerCylinder: 0x5A, Type 'K0', Flags 0x00000050

14:46:58.0095 4868        \Device\Harddisk0\DR0:

14:46:58.0095 4868        MBR used

14:46:58.0095 4868        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x950C800

14:46:58.0096 4868        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x97FB000, BlocksNum 0x921E000

14:46:58.0183 4868        Initialize success

14:46:58.0183 4868        ============================================================

14:47:51.0432 3320        ============================================================

14:47:51.0432 3320        Scan started

14:47:51.0432 3320        Mode: Manual; SigCheck; TDLFS; 

14:47:51.0432 3320        ============================================================

14:47:53.0417 3320        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

14:47:53.0666 3320        ACPI - ok

14:47:54.0056 3320        adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

14:47:54.0119 3320        adp94xx - ok

14:47:54.0431 3320        adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

14:47:54.0478 3320        adpahci - ok

14:47:54.0836 3320        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

14:47:54.0852 3320        adpu160m - ok

14:47:55.0164 3320        adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

14:47:55.0195 3320        adpu320 - ok

14:47:55.0429 3320        AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

14:47:55.0507 3320        AFD - ok

14:47:56.0006 3320        AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys

14:47:56.0178 3320        AgereSoftModem - ok

14:47:56.0365 3320        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

14:47:56.0381 3320        agp440 - ok

14:47:56.0599 3320        aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

14:47:56.0615 3320        aic78xx - ok

14:47:56.0677 3320        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

14:47:56.0708 3320        aliide - ok

14:47:56.0849 3320        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

14:47:56.0864 3320        amdagp - ok

14:47:56.0911 3320        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

14:47:56.0927 3320        amdide - ok

14:47:57.0036 3320        AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

14:47:57.0192 3320        AmdK7 - ok

14:47:57.0379 3320        AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

14:47:57.0504 3320        AmdK8 - ok

14:47:57.0832 3320        arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

14:47:57.0863 3320        arc - ok

14:47:57.0941 3320        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

14:47:57.0956 3320        arcsas - ok

14:47:58.0268 3320        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

14:47:58.0424 3320        AsyncMac - ok

14:47:58.0658 3320        atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

14:47:58.0674 3320        atapi - ok

14:47:58.0846 3320        athr            (b0c272def210b149c0bfa0d85600ce4b) C:\Windows\system32\DRIVERS\athr.sys

14:47:58.0939 3320        athr - ok

14:47:59.0126 3320        AVGIDSDriver    (1c8d965bbcaa9ee5defdb54743437086) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

14:47:59.0251 3320        AVGIDSDriver - ok

14:47:59.0376 3320        AVGIDSEH        (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

14:47:59.0423 3320        AVGIDSEH - ok

14:47:59.0454 3320        AVGIDSFilter    (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

14:47:59.0485 3320        AVGIDSFilter - ok

14:47:59.0532 3320        AVGIDSShim      (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys

14:47:59.0563 3320        AVGIDSShim - ok

14:47:59.0719 3320        Avgldx86        (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys

14:47:59.0750 3320        Avgldx86 - ok

14:48:00.0296 3320        Avgmfx86        (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys

14:48:00.0328 3320        Avgmfx86 - ok

14:48:00.0452 3320        Avgrkx86        (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys

14:48:00.0484 3320        Avgrkx86 - ok

14:48:00.0530 3320        Avgtdix         (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys

14:48:00.0577 3320        Avgtdix - ok

14:48:00.0733 3320        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

14:48:00.0827 3320        Beep - ok

14:48:00.0967 3320        blbdrive - ok

14:48:01.0279 3320        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

14:48:01.0342 3320        bowser - ok

14:48:01.0576 3320        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

14:48:01.0685 3320        BrFiltLo - ok

14:48:01.0919 3320        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

14:48:01.0981 3320        BrFiltUp - ok

14:48:02.0153 3320        Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

14:48:02.0278 3320        Brserid - ok

14:48:02.0480 3320        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

14:48:02.0652 3320        BrSerWdm - ok

14:48:02.0870 3320        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

14:48:03.0011 3320        BrUsbMdm - ok

14:48:03.0276 3320        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

14:48:03.0416 3320        BrUsbSer - ok

14:48:03.0588 3320        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

14:48:03.0713 3320        BTHMODEM - ok

14:48:03.0853 3320        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

14:48:03.0947 3320        cdfs - ok

14:48:03.0994 3320        cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

14:48:04.0056 3320        cdrom - ok

14:48:04.0196 3320        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

14:48:04.0306 3320        circlass - ok

14:48:04.0524 3320        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

14:48:04.0571 3320        CLFS - ok

14:48:04.0711 3320        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

14:48:04.0836 3320        CmBatt - ok

14:48:04.0898 3320        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

14:48:04.0930 3320        cmdide - ok

14:48:05.0132 3320        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

14:48:05.0164 3320        Compbatt - ok

14:48:05.0538 3320        crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

14:48:05.0554 3320        crcdisk - ok

14:48:05.0678 3320        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

14:48:05.0803 3320        Crusoe - ok

14:48:05.0975 3320        CVirtA          (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys

14:48:06.0006 3320        CVirtA - ok

14:48:06.0068 3320        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

14:48:06.0131 3320        DfsC - ok

14:48:06.0334 3320        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

14:48:06.0365 3320        disk - ok

14:48:06.0443 3320        drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

14:48:06.0505 3320        drmkaud - ok

14:48:06.0630 3320        dsNcAdpt        (b2c3f71b86e25c3df78339ddb40a7562) C:\Windows\system32\DRIVERS\dsNcAdpt.sys

14:48:06.0677 3320        dsNcAdpt - ok

14:48:06.0770 3320        DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

14:48:06.0848 3320        DXGKrnl - ok

14:48:07.0098 3320        E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

14:48:07.0238 3320        E1G60 - ok

14:48:07.0457 3320        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

14:48:07.0488 3320        Ecache - ok

14:48:07.0722 3320        elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

14:48:07.0753 3320        elxstor - ok

14:48:08.0065 3320        exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

14:48:08.0143 3320        exfat - ok

14:48:08.0377 3320        fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

14:48:08.0440 3320        fastfat - ok

14:48:08.0627 3320        fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

14:48:08.0736 3320        fdc - ok

14:48:08.0939 3320        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

14:48:08.0970 3320        FileInfo - ok

14:48:09.0064 3320        Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

14:48:09.0142 3320        Filetrace - ok

14:48:09.0235 3320        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

14:48:09.0360 3320        flpydisk - ok

14:48:09.0641 3320        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

14:48:09.0672 3320        FltMgr - ok

14:48:09.0984 3320        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

14:48:10.0062 3320        Fs_Rec - ok

14:48:10.0280 3320        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

14:48:10.0312 3320        gagp30kx - ok

14:48:10.0421 3320        GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:48:10.0436 3320        GEARAspiWDM - ok

14:48:10.0748 3320        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

14:48:10.0889 3320        HdAudAddService - ok

14:48:11.0170 3320        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

14:48:11.0279 3320        HDAudBus - ok

14:48:11.0497 3320        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

14:48:11.0622 3320        HidBth - ok

14:48:11.0825 3320        HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

14:48:11.0950 3320        HidIr - ok

14:48:12.0137 3320        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

14:48:12.0215 3320        HidUsb - ok

14:48:12.0433 3320        HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

14:48:12.0464 3320        HpCISSs - ok

14:48:12.0823 3320        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

14:48:12.0901 3320        HTTP - ok

14:48:13.0166 3320        i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

14:48:13.0198 3320        i2omp - ok

14:48:13.0400 3320        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

14:48:13.0463 3320        i8042prt - ok

14:48:13.0744 3320        iaStor          (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\DRIVERS\iaStor.sys

14:48:13.0790 3320        iaStor - ok

14:48:14.0102 3320        iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

14:48:14.0134 3320        iaStorV - ok

14:48:14.0664 3320        igfx            (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

14:48:14.0836 3320        igfx - ok

14:48:15.0163 3320        iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

14:48:15.0194 3320        iirsp - ok

14:48:15.0694 3320        IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys

14:48:15.0865 3320        IntcAzAudAddService - ok

14:48:16.0084 3320        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

14:48:16.0115 3320        intelide - ok

14:48:16.0271 3320        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

14:48:16.0349 3320        intelppm - ok

14:48:16.0598 3320        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:48:16.0661 3320        IpFilterDriver - ok

14:48:16.0942 3320        IpInIp - ok

14:48:17.0144 3320        IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

14:48:17.0269 3320        IPMIDRV - ok

14:48:17.0441 3320        IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

14:48:17.0519 3320        IPNAT - ok

14:48:17.0784 3320        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

14:48:17.0862 3320        IRENUM - ok

14:48:18.0158 3320        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

14:48:18.0190 3320        isapnp - ok

14:48:18.0455 3320        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

14:48:18.0486 3320        iScsiPrt - ok

14:48:18.0704 3320        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

14:48:18.0736 3320        iteatapi - ok

14:48:18.0782 3320        iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

14:48:18.0814 3320        iteraid - ok

14:48:18.0892 3320        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

14:48:18.0923 3320        kbdclass - ok

14:48:18.0985 3320        kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys

14:48:19.0079 3320        kbdhid - ok

14:48:19.0375 3320        KR10I           (a383f2cea0a8f4e76e71abc869bd5748) C:\Windows\system32\drivers\kr10i.sys

14:48:19.0422 3320        KR10I - ok

14:48:19.0594 3320        KR10N           (6e9922332386c2a49936b30b2b6fd298) C:\Windows\system32\drivers\kr10n.sys

14:48:19.0640 3320        KR10N - ok

14:48:19.0796 3320        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

14:48:19.0843 3320        KSecDD - ok

14:48:20.0202 3320        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

14:48:20.0296 3320        lltdio - ok

14:48:20.0608 3320        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

14:48:20.0639 3320        LSI_FC - ok

14:48:20.0888 3320        LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

14:48:20.0920 3320        LSI_SAS - ok

14:48:20.0998 3320        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

14:48:21.0029 3320        LSI_SCSI - ok

14:48:21.0060 3320        luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

14:48:21.0138 3320        luafv - ok

14:48:21.0310 3320        megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

14:48:21.0341 3320        megasas - ok

14:48:21.0403 3320        Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

14:48:21.0481 3320        Modem - ok

14:48:21.0637 3320        monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

14:48:21.0715 3320        monitor - ok

14:48:22.0012 3320        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

14:48:22.0043 3320        mouclass - ok

14:48:22.0152 3320        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

14:48:22.0199 3320        mouhid - ok

14:48:22.0246 3320        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

14:48:22.0277 3320        MountMgr - ok

14:48:22.0464 3320        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

14:48:22.0480 3320        mpio - ok

14:48:22.0760 3320        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

14:48:22.0823 3320        mpsdrv - ok

14:48:23.0041 3320        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

14:48:23.0072 3320        Mraid35x - ok

14:48:23.0416 3320        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

14:48:23.0478 3320        MRxDAV - ok

14:48:23.0712 3320        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:48:23.0774 3320        mrxsmb - ok

14:48:24.0071 3320        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:48:24.0118 3320        mrxsmb10 - ok

14:48:24.0430 3320        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:48:24.0508 3320        mrxsmb20 - ok

14:48:24.0710 3320        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

14:48:24.0726 3320        msahci - ok

14:48:24.0882 3320        msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

14:48:24.0898 3320        msdsm - ok

14:48:25.0085 3320        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

14:48:25.0163 3320        Msfs - ok

14:48:25.0381 3320        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

14:48:25.0412 3320        msisadrv - ok

14:48:25.0568 3320        MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

14:48:25.0631 3320        MSKSSRV - ok

14:48:25.0849 3320        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

14:48:25.0912 3320        MSPCLOCK - ok

14:48:26.0161 3320        MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

14:48:26.0239 3320        MSPQM - ok

14:48:26.0504 3320        MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

14:48:26.0536 3320        MsRPC - ok

14:48:26.0707 3320        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

14:48:26.0723 3320        mssmbios - ok

14:48:26.0957 3320        MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

14:48:27.0019 3320        MSTEE - ok

14:48:27.0160 3320        MTsensor        (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys

14:48:27.0206 3320        MTsensor - ok

14:48:27.0253 3320        Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

14:48:27.0284 3320        Mup - ok

14:48:27.0456 3320        NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

14:48:27.0487 3320        NativeWifiP - ok

14:48:27.0830 3320        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

14:48:27.0908 3320        NDIS - ok

14:48:28.0142 3320        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

14:48:28.0205 3320        NdisTapi - ok

14:48:28.0408 3320        Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

14:48:28.0470 3320        Ndisuio - ok

14:48:28.0704 3320        NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

14:48:28.0751 3320        NdisWan - ok

14:48:28.0876 3320        NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

14:48:28.0938 3320        NDProxy - ok

14:48:29.0078 3320        NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

14:48:29.0156 3320        NetBIOS - ok

14:48:29.0219 3320        netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

14:48:29.0281 3320        netbt - ok

14:48:29.0515 3320        nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

14:48:29.0546 3320        nfrd960 - ok

14:48:29.0734 3320        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

14:48:29.0796 3320        Npfs - ok

14:48:29.0921 3320        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

14:48:30.0014 3320        nsiproxy - ok

14:48:30.0467 3320        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

14:48:30.0654 3320        Ntfs - ok

14:48:30.0888 3320        ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

14:48:31.0013 3320        ntrigdigi - ok

14:48:31.0372 3320        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

14:48:31.0450 3320        Null - ok

14:48:31.0668 3320        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

14:48:31.0684 3320        nvraid - ok

14:48:31.0777 3320        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

14:48:31.0793 3320        nvstor - ok

14:48:31.0886 3320        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

14:48:31.0918 3320        nv_agp - ok

14:48:32.0089 3320        NwlnkFlt - ok

14:48:32.0120 3320        NwlnkFwd - ok

14:48:32.0245 3320        ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

14:48:32.0370 3320        ohci1394 - ok

14:48:32.0698 3320        PAC207          (9482616a0f87384c5afb5f34a317bf6c) C:\Windows\system32\DRIVERS\PFC027.SYS

14:48:32.0900 3320        PAC207 - ok

14:48:33.0088 3320        Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

14:48:33.0212 3320        Parport - ok

14:48:33.0431 3320        partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

14:48:33.0462 3320        partmgr - ok

14:48:33.0805 3320        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

14:48:33.0930 3320        Parvdm - ok

14:48:34.0164 3320        pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

14:48:34.0195 3320        pci - ok

14:48:34.0460 3320        pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

14:48:34.0492 3320        pciide - ok

14:48:34.0648 3320        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys

14:48:34.0679 3320        pcmcia - ok

14:48:35.0100 3320        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

14:48:35.0303 3320        PEAUTH - ok

14:48:35.0630 3320        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

14:48:35.0708 3320        PptpMiniport - ok

14:48:35.0896 3320        Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

14:48:36.0036 3320        Processor - ok

14:48:36.0270 3320        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

14:48:36.0348 3320        PSched - ok

14:48:36.0644 3320        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

14:48:36.0722 3320        ql2300 - ok

14:48:36.0878 3320        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

14:48:36.0894 3320        ql40xx - ok

14:48:36.0956 3320        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

14:48:37.0003 3320        QWAVEdrv - ok

14:48:37.0144 3320        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

14:48:37.0222 3320        RasAcd - ok

14:48:37.0424 3320        Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:48:37.0502 3320        Rasl2tp - ok

14:48:37.0752 3320        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

14:48:37.0814 3320        RasPppoe - ok

14:48:38.0048 3320        RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

14:48:38.0126 3320        RasSstp - ok

14:48:38.0423 3320        rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

14:48:38.0501 3320        rdbss - ok

14:48:38.0672 3320        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:48:38.0750 3320        RDPCDD - ok

14:48:38.0922 3320        rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

14:48:39.0031 3320        rdpdr - ok

14:48:39.0218 3320        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

14:48:39.0328 3320        RDPENCDD - ok

14:48:39.0562 3320        RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

14:48:39.0624 3320        RDPWD - ok

14:48:39.0842 3320        rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

14:48:39.0889 3320        rimmptsk - ok

14:48:40.0014 3320        rimsptsk        (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

14:48:40.0061 3320        rimsptsk - ok

14:48:40.0201 3320        rismxdp         (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys

14:48:40.0232 3320        rismxdp - ok

14:48:40.0310 3320        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

14:48:40.0388 3320        rspndr - ok

14:48:40.0560 3320        RTL8023xp       (5c5612756b380bcedbf566a780ff9afe) C:\Windows\system32\DRIVERS\Rtnicxp.sys

14:48:40.0622 3320        RTL8023xp - ok

14:48:40.0825 3320        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

14:48:40.0856 3320        sbp2port - ok

14:48:41.0184 3320        sdbus           (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys

14:48:41.0246 3320        sdbus - ok

14:48:41.0418 3320        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

14:48:41.0558 3320        secdrv - ok

14:48:42.0011 3320        Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

14:48:42.0151 3320        Serenum - ok

14:48:42.0338 3320        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

14:48:42.0463 3320        Serial - ok

14:48:42.0697 3320        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

14:48:42.0760 3320        sermouse - ok

14:48:42.0978 3320        sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys

14:48:43.0103 3320        sffdisk - ok

14:48:43.0337 3320        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

14:48:43.0462 3320        sffp_mmc - ok

14:48:43.0696 3320        sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys

14:48:43.0805 3320        sffp_sd - ok

14:48:43.0976 3320        sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

14:48:44.0117 3320        sfloppy - ok

14:48:44.0288 3320        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

14:48:44.0320 3320        sisagp - ok

14:48:44.0382 3320        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

14:48:44.0413 3320        SiSRaid2 - ok

14:48:44.0460 3320        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

14:48:44.0476 3320        SiSRaid4 - ok

14:48:44.0554 3320        Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

14:48:44.0600 3320        Smb - ok

14:48:45.0084 3320        spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

14:48:45.0100 3320        spldr - ok

14:48:45.0880 3320        srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

14:48:45.0942 3320        srv - ok

14:48:46.0441 3320        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

14:48:46.0519 3320        srv2 - ok

14:48:47.0081 3320        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

14:48:47.0143 3320        srvnet - ok

14:48:47.0330 3320        StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys

14:48:47.0393 3320        StillCam - ok

14:48:47.0783 3320        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

14:48:47.0798 3320        swenum - ok

14:48:48.0360 3320        Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

14:48:48.0376 3320        Symc8xx - ok

14:48:48.0859 3320        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

14:48:48.0875 3320        Sym_hi - ok

14:48:49.0405 3320        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

14:48:49.0421 3320        Sym_u3 - ok

14:48:49.0686 3320        SynTP           (baa29028e7db52837198465c5c53a2f0) C:\Windows\system32\DRIVERS\SynTP.sys

14:48:49.0717 3320        SynTP - ok

14:48:50.0560 3320        Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

14:48:50.0684 3320        Tcpip - ok

14:48:51.0761 3320        Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

14:48:51.0886 3320        Tcpip6 - ok

14:48:52.0151 3320        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

14:48:52.0198 3320        tcpipreg - ok

14:48:52.0322 3320        tdcmdpst        (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys

14:48:52.0369 3320        tdcmdpst - ok

14:48:52.0447 3320        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

14:48:52.0525 3320        TDPIPE - ok

14:48:52.0837 3320        TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

14:48:52.0915 3320        TDTCP - ok

14:48:53.0586 3320        tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

14:48:53.0664 3320        tdx - ok

14:48:53.0992 3320        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

14:48:54.0023 3320        TermDD - ok

14:48:54.0444 3320        tos_sps32       (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys

14:48:54.0475 3320        tos_sps32 - ok

14:48:54.0803 3320        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:48:54.0881 3320        tssecsrv - ok

14:48:55.0052 3320        tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

14:48:55.0084 3320        tunmp - ok

14:48:55.0130 3320        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

14:48:55.0193 3320        tunnel - ok

14:48:56.0004 3320        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

14:48:56.0020 3320        uagp35 - ok

14:48:56.0332 3320        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

14:48:56.0410 3320        udfs - ok

14:48:56.0924 3320        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

14:48:56.0956 3320        uliagpkx - ok

14:48:57.0361 3320        uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

14:48:57.0392 3320        uliahci - ok

14:48:57.0673 3320        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

14:48:57.0689 3320        UlSata - ok

14:48:58.0016 3320        ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

14:48:58.0048 3320        ulsata2 - ok

14:48:58.0750 3320        umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

14:48:58.0812 3320        umbus - ok

14:48:59.0249 3320        USBAAPL         (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys

14:48:59.0296 3320        USBAAPL ( UnsignedFile.Multi.Generic ) - warning

14:48:59.0296 3320        USBAAPL - detected UnsignedFile.Multi.Generic (1)

14:48:59.0639 3320        usbccgp         (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys

14:48:59.0748 3320        usbccgp - ok

14:49:00.0700 3320        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

14:49:00.0871 3320        usbcir - ok

14:49:01.0168 3320        usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

14:49:01.0292 3320        usbehci - ok

14:49:01.0792 3320        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

14:49:01.0870 3320        usbhub - ok

14:49:02.0260 3320        usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

14:49:02.0416 3320        usbohci - ok

14:49:02.0743 3320        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

14:49:02.0821 3320        usbprint - ok

14:49:03.0742 3320        USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:49:03.0820 3320        USBSTOR - ok

14:49:04.0100 3320        usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

14:49:04.0163 3320        usbuhci - ok

14:49:04.0756 3320        vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

14:49:04.0880 3320        vga - ok

14:49:06.0019 3320        VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

14:49:06.0082 3320        VgaSave - ok

14:49:06.0378 3320        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

14:49:06.0394 3320        viaagp - ok

14:49:06.0550 3320        ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

14:49:06.0674 3320        ViaC7 - ok

14:49:07.0064 3320        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

14:49:07.0080 3320        viaide - ok

14:49:07.0595 3320        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

14:49:07.0610 3320        volmgr - ok

14:49:08.0016 3320        volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

14:49:08.0063 3320        volmgrx - ok

14:49:08.0437 3320        volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

14:49:08.0468 3320        volsnap - ok

14:49:09.0186 3320        vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

14:49:09.0217 3320        vsmraid - ok

14:49:10.0028 3320        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

14:49:10.0184 3320        WacomPen - ok

14:49:10.0933 3320        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

14:49:10.0996 3320        Wanarp - ok

14:49:11.0027 3320        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

14:49:11.0074 3320        Wanarpv6 - ok

14:49:11.0760 3320        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

14:49:11.0776 3320        Wd - ok

14:49:12.0322 3320        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

14:49:12.0415 3320        Wdf01000 - ok

14:49:13.0180 3320        WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

14:49:13.0289 3320        WmiAcpi - ok

14:49:13.0601 3320        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

14:49:13.0679 3320        WpdUsb - ok

14:49:13.0913 3320        ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

14:49:13.0991 3320        ws2ifsl - ok

14:49:14.0303 3320        WSDPrintDevice  (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys

14:49:14.0350 3320        WSDPrintDevice - ok

14:49:14.0537 3320        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:49:14.0615 3320        WUDFRd - ok

14:49:14.0708 3320        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

14:49:15.0161 3320        \Device\Harddisk0\DR0 - ok

14:49:15.0208 3320        Boot (0x1200)   (9f66481563f3e13e18297b6867a6de48) \Device\Harddisk0\DR0\Partition0

14:49:15.0208 3320        \Device\Harddisk0\DR0\Partition0 - ok

14:49:15.0254 3320        Boot (0x1200)   (ed80cb87387bc837c59b31d2db9654d6) \Device\Harddisk0\DR0\Partition1

14:49:15.0254 3320        \Device\Harddisk0\DR0\Partition1 - ok

14:49:15.0254 3320        ============================================================

14:49:15.0254 3320        Scan finished

14:49:15.0254 3320        ============================================================

14:49:15.0270 3604        Detected object count: 1

14:49:15.0270 3604        Actual detected object count: 1

14:51:05.0156 3604        USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user

14:51:05.0156 3604        USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

ComboFix ist durch, hier der log:
Combofix Logfile:

Code:

ComboFix 12-02-27.02 - Freddy 28.02.2012  16:25:44.1.2 - x86

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2038.1173 [GMT 1:00]

ausgeführt von:: c:\users\Freddy\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Freddy\AppData\Local\{BC8B309B-75FF-401C-A4D3-3E779FD88379}

c:\users\Freddy\AppData\Local\{BC8B309B-75FF-401C-A4D3-3E779FD88379}\chrome.manifest

c:\users\Freddy\AppData\Local\{BC8B309B-75FF-401C-A4D3-3E779FD88379}\chrome\content\_cfg.js

c:\users\Freddy\AppData\Local\{BC8B309B-75FF-401C-A4D3-3E779FD88379}\chrome\content\overlay.xul

c:\users\Freddy\AppData\Local\{BC8B309B-75FF-401C-A4D3-3E779FD88379}\install.rdf

c:\users\Freddy\AppData\Roaming\Adobe\plugs

c:\users\Freddy\AppData\Roaming\Adobe\shed

c:\users\Freddy\AppData\Roaming\Microsoft\Windows\Recent\mxfilerelatedcache.mxc2

c:\users\Freddy\Favorites\mxfilerelatedcache.mxc2

c:\users\Freddy\ia_remove.sh0688.tmp

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-01-28 bis 2012-02-28  ))))))))))))))))))))))))))))))

.

.

2012-02-28 15:40 . 2012-02-28 15:41        --------        d-----w-        c:\users\Freddy\AppData\Local\temp

2012-02-28 15:40 . 2012-02-28 15:40        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-02-27 22:55 . 2012-02-27 22:55        --------        d-----w-        C:\_OTL

2012-02-26 17:58 . 2012-02-26 17:58        --------        d-----w-        c:\program files\ESET

2012-02-15 10:39 . 2012-01-12 19:52        2044416        ----a-w-        c:\windows\system32\win32k.sys

2012-02-15 10:39 . 2011-12-14 16:17        680448        ----a-w-        c:\windows\system32\msvcrt.dll

2012-02-15 10:39 . 2011-12-20 10:56        2409784        ----a-w-        c:\program files\Windows Mail\OESpamFilter.dat

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-22 00:12 . 2011-05-17 19:48        414368        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2012-01-12 00:19 . 2012-01-12 00:19        4448256        ----a-w-        c:\windows\system32\GPhotos.scr

2012-01-04 00:48 . 2012-01-04 00:48        354176        ----a-w-        c:\windows\system32\DivXControlPanelApplet.cpl

2011-12-10 14:24 . 2009-03-28 01:55        20464        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-02-22 09:09 . 2011-10-10 01:11        134104        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-01-18 12:13        1811296        ----a-w-        c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-01-18 1811296]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Freddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Freddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Freddy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-18 15146376]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-03-30 119608]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-22 894248]

"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]

"Skytel"="Skytel.exe" [2007-06-15 1826816]

"NDSTray.exe"="NDSTray.exe" [BU]

"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]

"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]

"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-01-17 2339168]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-10-31 273528]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-01-18 939872]

"ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-18 928096]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]

.

c:\users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Freddy\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]

OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - 38302606

*Deregistered* - 38302606

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

Inhalt des "geplante Tasks" Ordners

.

2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-12 11:04]

.

2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-12 11:04]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.de/

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Felder ausfüllen - file://c:\program files\DHL\DHL Bestellhelfer\fillFormContext.html

IE: Felder merken - file://c:\program files\DHL\DHL Bestellhelfer\assignContext.html

IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe

TCP: DhcpNameServer = 192.168.1.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

DPF: {1ED48504-8834-11D5-AC75-0008C73FD642} - file:///C:/Program%20Files/ProENGINEER%20Student%20Edition/i486_nt/obj/pvx_install.exe

FF - ProfilePath - c:\users\Freddy\AppData\Roaming\Mozilla\Firefox\Profiles\grohfmrs.default\

FF - prefs.js: browser.search.defaulturl - 

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B91da1831-09e6-4d29-ac32-ad727a183e48%7D&mid=8bb2b9192f3047d69a413f2f749b8d4a-0cc5edd1b954af0b4f8681772ca507c2c2d2e203&ds=AVG&v=10.0.0.7&lang=de&pr=fr&d=2011-12-05%2012%3A14%3A05&sap=ku&q=

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

HKCU-Run-TOSCDSPD - TOSCDSPD.EXE

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2012-02-28 16:41

Windows 6.0.6002 Service Pack 2 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

Zeit der Fertigstellung: 2012-02-28  16:46:17

ComboFix-quarantined-files.txt  2012-02-28 15:46

.

Vor Suchlauf: 8.400.859.136 Bytes frei

Nach Suchlauf: 8.217.374.720 Bytes frei

.

- - End Of File - - F48FF893FE988ED4647E47766519A6AB

--- --- ---

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Hi!

Hier sind die logs von GMER und OSAM. Beim Scan mit aswMBR.exe wurde der Bildschirm plötzlich schwarz und es ging nichts mehr, war komplett abgestürzt glaube ich. Habe ich da was falsch gemacht? Sollte ich bei dem Scan auch die Maus nicht bewegen? Wenn du weißt, woran das liegen könnte wäre es super, wenn du mir nochmal bescheid sagen könntest. Sonst versuch ich das später einfach nochmal.

GMER-log:
GMER Logfile:

Code:

GMER 1.0.15.15641 - hxxp://www.gmer.net

Rootkit scan 2012-02-29 08:14:23

Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.DL03

Running: cektkvxj.exe; Driver: C:\Users\Freddy\AppData\Local\Temp\kwtdipow.sys
 
 

---- System - GMER 1.0.15 ----
 

SSDT            \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. )  ZwOpenProcess [0xAA5137A0]

SSDT            \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. )  ZwTerminateProcess [0xAA513848]

SSDT            \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. )  ZwTerminateThread [0xAA5138E4]

SSDT            \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. )  ZwWriteVirtualMemory [0xAA513980]
 

---- Kernel code sections - GMER 1.0.15 ----
 

.text           ntkrnlpa.exe!KeSetEvent + 3F1                                                                                               826F4B74 4 Bytes  [A0, 37, 51, AA]

.text           ntkrnlpa.exe!KeSetEvent + 621                                                                                               826F4DA4 8 Bytes  [48, 38, 51, AA, E4, 38, 51, ...] {DEC EAX; CMP [ECX-0x56], DL; IN AL, 0x38; PUSH ECX; STOSB }

.text           ntkrnlpa.exe!KeSetEvent + 681                                                                                               826F4E04 4 Bytes  [80, 39, 51, AA] {CMP BYTE [ECX], 0x51; STOSB }

.text           C:\Windows\system32\DRIVERS\tos_sps32.sys                                                                                   section is writeable [0x8894C000, 0x4036D, 0xE8000020]

.dsrt           C:\Windows\system32\DRIVERS\tos_sps32.sys                                                                                   unknown last section [0x88995000, 0x510, 0x40000040]
 

---- User code sections - GMER 1.0.15 ----
 

.text           C:\Program Files\Real\RealPlayer\Update\realsched.exe[1268] kernel32.dll!SetUnhandledExceptionFilter                        7631A8C5 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
 

---- Devices - GMER 1.0.15 ----
 

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                      AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                     Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                     Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

AttachedDevice  \Driver\tdx \Device\Tcp                                                                                                     avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

AttachedDevice  \Driver\tdx \Device\Udp                                                                                                     avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

AttachedDevice  \Driver\tdx \Device\RawIp                                                                                                   avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
 

---- EOF - GMER 1.0.15 ----

--- --- ---

OSAM-log:
OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

hxxp://www.online-solutions.ru/en/

Saved at 09:16:34 on 29.02.2012
 

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit

Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Boot Execute]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----

"BootExecute" - "AVG Technologies CZ, s.r.o." - C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

"BootExecute" - "AVG Technologies CZ, s.r.o." - C:\PROGRA~1\AVG\AVG10\avgrsx.exe
 

[Common]

-----( %SystemRoot%\Tasks )-----

"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl

"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl

"hpsctrlc.cpl" - "Hewlett-Packard" - C:\Windows\system32\hpsctrlc.cpl

"TOSCDSPD.cpl" - "TOSHIBA" - C:\Windows\system32\TOSCDSPD.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"Apple Mobile USB Driver" (USBAAPL) - "Apple, Inc." - C:\Windows\System32\Drivers\usbaapl.sys

"AVG Anti-Rootkit Driver" (Avgrkx86) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgrkx86.sys

"AVG AVI Loader Driver" (Avgldx86) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgldx86.sys

"AVG Mini-Filter Resident Anti-Virus Shield" (Avgmfx86) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgmfx86.sys

"AVG TDI Driver" (Avgtdix) - "AVG Technologies CZ, s.r.o." - C:\Windows\System32\DRIVERS\avgtdix.sys

"AVGIDSDriver" (AVGIDSDriver) - "AVG Technologies CZ, s.r.o. " - C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys

"AVGIDSEH" (AVGIDSEH) - "AVG Technologies CZ, s.r.o. " - C:\Windows\System32\DRIVERS\AVGIDSEH.Sys

"AVGIDSFilter" (AVGIDSFilter) - "AVG Technologies CZ, s.r.o. " - C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys

"AVGIDSShim" (AVGIDSShim) - "AVG Technologies CZ, s.r.o. " - C:\Windows\System32\DRIVERS\AVGIDSShim.Sys

"catchme" (catchme) - ? - C:\Users\Freddy\AppData\Local\Temp\catchme.sys  (File not found)

"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)

"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)

"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
 

[Explorer]

-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)

{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)

{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)

{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

{B658800C-F66E-4EF3-AB85-6C0C227862A9} "ViProtocolOLE Class" - ? - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} "XPLPPFilter Class" - "AVG Technologies CZ, s.r.o." - C:\Program Files\AVG\AVG10\avgpp.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)

{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} "AVG Find Extension" - ? -   (File not found | COM-object registry key not found)

{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} "AVG Shell Extension Class" - "AVG Technologies CZ, s.r.o." - C:\Program Files\AVG\AVG10\avgse.dll

{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)

{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)

{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll

{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll

{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll  (File found, but it contains no detailed information)
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{67DABFBF-D0AB-41FA-9C46-CC0F21721616} "DivXBrowserPlugin Object" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll / hxxp://download.divx.com/player/DivXBrowserPlugin.cab

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{F27237D7-93C8-44C2-AC6E-D6057B9A918F} "JuniperSetupClientControl Class" - "Juniper Networks" - C:\Windows\Downloaded Program Files\JuniperSetupClient.ocx / https://juniper.net/dana-cached/sc/JuniperSetupClient.cab

{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash11e.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\Windows\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab

{1ED48504-8834-11D5-AC75-0008C73FD642} "{1ED48504-8834-11D5-AC75-0008C73FD642}" - ? -   (File not found | COM-object registry key not found) / file:///C:/Program%20Files/ProENGINEER%20Student%20Edition/i486_nt/obj/pvx_install.exe

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

"ICQ7.5" - "ICQ, LLC." - C:\Program Files\ICQ7.5\ICQ.exe

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

<binary data> "AVG Security Toolbar" - ? - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} "AVG Safe Search" - "AVG Technologies CZ, s.r.o." - C:\Program Files\AVG\AVG10\avgssie.dll

{95B7759C-8C7F-4BF1-B163-73684A933233} "AVG Security Toolbar" - ? - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "SSVHelper Class" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll

{ac38bd53-2101-4ec8-a4d7-d1e58c690e71} "{ac38bd53-2101-4ec8-a4d7-d1e58c690e71}" - ? -   (File not found | COM-object registry key not found)
 

[Logon]

-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE  (Shortcut exists | File exists)

"desktop.ini" - ? - C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Freddy\AppData\Roaming\Dropbox\bin\Dropbox.exe  (Shortcut exists | File exists)

-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"ICQ" - "ICQ, LLC." - "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4

"Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----

"StartupPrograms" - ? - rdpclip  (File not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"AVG_TRAY" - "AVG Technologies CZ, s.r.o." - C:\Program Files\AVG\AVG10\avgtray.exe

"DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"

"NDSTray.exe" - ? - NDSTray.exe  (File not found)

"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime

"ROC_roc_dec12" - ? - "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

"TkBellExe" - "RealNetworks, Inc." - "c:\program files\real\realplayer\Update\realsched.exe" -osboot

"topi" - "TOSHIBA" - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup

"Toshiba Registration" - "Toshiba" - C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe

"vProt" - ? - "C:\Program Files\AVG Secure Search\vprot.exe"
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

"ASLDR Service" (ASLDRService) - ? - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

"AVG Security Toolbar Service" (AVG Security Toolbar Service) - ? - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe

"AVG WatchDog" (avgwd) - "AVG Technologies CZ, s.r.o." - C:\Program Files\AVG\AVG10\avgwdsvc.exe

"AVGIDSAgent" (AVGIDSAgent) - "AVG Technologies CZ, s.r.o." - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

"ConfigFree Service" (CFSvcs) - "TOSHIBA CORPORATION" - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe

"Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"Google Updater Service" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe

"Juniper Network Connect Service" (dsNcService) - "Juniper Networks" - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)

"TOSHIBA Optical Disc Drive Service" (TODDSrv) - "TOSHIBA Corporation" - C:\Windows\system32\TODDSrv.exe

"vToolbarUpdater" (vToolbarUpdater) - ? - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----

"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/code]

Viele Grüße!

Starte aswMBR neu, stell unten links auf (none) und klick dann nochmal auf Scan

Das hat geklappt :)

Das Log:

Code:

 aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software

Run date: 2012-03-01 13:43:12

-----------------------------

13:43:12.272    OS Version: Windows 6.0.6002 Service Pack 2

13:43:12.273    Number of processors: 2 586 0xF0D

13:43:12.275    ComputerName: HOME-PC  UserName: Freddy

13:43:12.891    Initialize success

13:43:22.901    AVAST engine defs: 12030100

13:43:27.667    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

13:43:27.674    Disk 0 Vendor: TOSHIBA_ DL03 Size: 152627MB BusType: 3

13:43:27.705    Disk 0 MBR read successfully

13:43:27.713    Disk 0 MBR scan

13:43:27.780    Disk 0 Windows VISTA default MBR code

13:43:27.804    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS         1500 MB offset 2048

13:43:27.825    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        76313 MB offset 3074048

13:43:27.874    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        74812 MB offset 159363072

13:43:27.907    Disk 0 scanning sectors +312578048

13:43:28.018    Disk 0 scanning C:\Windows\system32\drivers

13:43:47.416    Service scanning

13:44:30.362    Modules scanning

13:44:40.376    Disk 0 trace - called modules:

13:44:40.414    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys 

13:44:40.430    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f7dac8]

13:44:40.447    3 CLASSPNP.SYS[887178b3] -> nt!IofCallDriver -> [0x85409020]

13:44:40.464    5 acpi.sys[806976bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8541a030]

13:44:40.482    Scan finished successfully

14:18:15.866    Disk 0 MBR has been saved successfully to "C:\Users\Freddy\Desktop\MBR.dat"

14:18:15.883    The log file has been saved successfully to "C:\Users\Freddy\Desktop\aswMBR.txt"

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Hallo!

Jetzt ist beides durchgelaufen:

Malwarebytes:

Code:

 Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org
 

Datenbank Version: v2012.03.01.04
 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Freddy :: HOME-PC [Administrator]
 

01.03.2012 20:04:11

mbam-log-2012-03-01 (20-04-11).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 346526

Laufzeit: 2 Stunde(n), 28 Minute(n), 2 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Und SuperAntiSpyware:

Code:

 SUPERAntiSpyware Scan Log

hxxp://www.superantispyware.com
 

Generated 03/02/2012 at 01:27 PM
 

Application Version : 5.0.1144
 

Core Rules Database Version : 8297

Trace Rules Database Version: 6109
 

Scan type       : Complete Scan

Total Scan Time : 02:50:17
 

Operating System Information

Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)

UAC On - Administrator
 

Memory items scanned      : 710

Memory threats detected   : 0

Registry items scanned    : 33975

Registry threats detected : 0

File items scanned        : 166081

File threats detected     : 258
 

Rogue.Internet Antivirus

        C:\Program Files\IA
 

Adware.Tracking Cookie

        C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Cookies\5FNQM5R0.txt [ /atdmt.com ]

        C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Cookies\BWYW05P9.txt [ /c.atdmt.com ]

        C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Cookies\S4FE7PIH.txt [ /doubleclick.net ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\FWP8BSWK.txt [ Cookie:freddy@invitemedia.com/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\PII5NN6J.txt [ Cookie:freddy@ad.yieldmanager.com/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XPLK4YWB.txt [ Cookie:freddy@atdmt.com/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\83481DFI.txt [ Cookie:freddy@smartadserver.com/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1RH4Y1IC.txt [ Cookie:freddy@bs.serving-sys.com/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\SWG6MNUY.txt [ Cookie:freddy@imrworldwide.com/cgi-bin ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\FEXD5N84.txt [ Cookie:freddy@avgtechnologies.112.2o7.net/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\SJEXEGND.txt [ Cookie:freddy@c.atdmt.com/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\GZY69WRD.txt [ Cookie:freddy@adx.chip.de/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\GYF9T7ER.txt [ Cookie:freddy@revsci.net/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\F01WM49N.txt [ Cookie:freddy@adfarm1.adition.com/ ]

        C:\USERS\FREDDY\AppData\Roaming\Microsoft\Windows\Cookies\Low\VPMI9Q59.txt [ Cookie:freddy@doubleclick.net/ ]

        C:\USERS\FREDDY\Cookies\5FNQM5R0.txt [ Cookie:freddy@atdmt.com/ ]

        C:\USERS\FREDDY\Cookies\BWYW05P9.txt [ Cookie:freddy@c.atdmt.com/ ]

        C:\USERS\FREDDY\Cookies\S4FE7PIH.txt [ Cookie:freddy@doubleclick.net/ ]

        delivery.ibanner.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KBG75CTX ]

        secure-uk.imrworldwide.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KBG75CTX ]

        .adtech.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .atdmt.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .apmebf.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .mediaplex.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .xiti.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .imrworldwide.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .imrworldwide.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        livestat.derstandard.at [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        eas.apm.emediate.eu [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .specificclick.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adviva.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .ad.adnet.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        tracking.quisma.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.elitepvpers.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.elitepvpers.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.elitepvpers.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .elitepvpers.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .elitepvpers.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .elitepvpers.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .elitepvpers.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .2o7.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .2o7.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adxpose.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        zbox.zanox.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adxvalue.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.adform.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .yieldmanager.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.googleadservices.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .hightraffic.hugoboss.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .hightraffic.hugoboss.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .hightraffic.hugoboss.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .ad.adnet.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.zanox.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        tracking.klicktel.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        tracking.klicktel.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        accounts.google.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .kontera.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tribalfusion.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .mediaplex.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad1.emediate.dk [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .amazon-adsystem.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .amazon-adsystem.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .media6degrees.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.solocpm.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.solocpm.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.solocpm.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.solocpm.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.solocpm.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.solocpm.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.solocpm.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .bs.serving-sys.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .bs.serving-sys.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .invitemedia.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        fr.sitestat.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        fr.sitestat.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.yieldmanager.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        adserver.yopi.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        track.adform.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adform.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .serving-sys.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.zanox-affiliate.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .zanox-affiliate.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .dyntracker.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad4.adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tracking.quisma.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .im.banner.t-online.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ww251.smartadserver.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adtech.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.multimediaxis.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.multimediaxis.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .multimediaxis.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .multimediaxis.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .multimediaxis.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        www.etracker.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .smartadserver.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad1.emediate.dk [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad1.emediate.dk [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .doubleclick.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad1.adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad3.adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .revsci.net [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad.zanox.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .webmasterplan.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .tradedoubler.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .traffictrack.de [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        ad2.adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .adfarm1.adition.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]

        .zanox.com [ C:\USERS\FREDDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GROHFMRS.DEFAULT\COOKIES.SQLITE ]
 

Trojan.Agent/Gen-Malintent

        C:\PROGRAM FILES\WINRAR\DEFAULT.SFX

Sieht ok aus, da wurden nur Cookies gefunden.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Der

Code:

 Rogue.Internet Antivirus

        C:\Program Files\IA

und der

Code:

 Trojan.Agent/Gen-Malintent

        C:\PROGRAM FILES\WINRAR\DEFAULT.SFX

von SuperAntiSpyware sind also auch unkritisch?

Soweit ich das überblicken kann läuft alles wieder normal, AVG ist jetzt auch nochmal ohne Fund durchgelaufen.

Vielen vielen Dank für die geduldige Beratung und deine ganze Mühe! Euer Forum ist wirklich eine große Hilfe! :daumenhoc

Das 1. war nur ein Überrest das 2. ist von WinRAR und somit ein Fehalarm