| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Spyhunter 4 läßt sich nicht entfernen.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.04.2012, 20:46
| #16 |
 |  Spyhunter 4 läßt sich nicht entfernen.Code:
ATTFilter 21:17:52.0685 5532 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
21:17:53.0162 5532 ============================================================
21:17:53.0162 5532 Current date / time: 2012/04/27 21:17:53.0162
21:17:53.0163 5532 SystemInfo:
21:17:53.0163 5532
21:17:53.0163 5532 OS Version: 6.0.6002 ServicePack: 2.0
21:17:53.0163 5532 Product type: Workstation
21:17:53.0163 5532 ComputerName: SURBORG-PC
21:17:53.0164 5532 UserName: surborg
21:17:53.0164 5532 Windows directory: C:\Windows
21:17:53.0164 5532 System windows directory: C:\Windows
21:17:53.0164 5532 Processor architecture: Intel x86
21:17:53.0164 5532 Number of processors: 2
21:17:53.0164 5532 Page size: 0x1000
21:17:53.0164 5532 Boot type: Normal boot
21:17:53.0164 5532 ============================================================
21:17:54.0798 5532 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:17:54.0808 5532 ============================================================
21:17:54.0808 5532 \Device\Harddisk0\DR0:
21:17:54.0808 5532 MBR partitions:
21:17:54.0808 5532 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xE893000
21:17:54.0808 5532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xEB81800, BlocksNum 0xE643970
21:17:54.0808 5532 ============================================================
21:17:54.0846 5532 C: <-> \Device\Harddisk0\DR0\Partition0
21:17:54.0894 5532 E: <-> \Device\Harddisk0\DR0\Partition1
21:17:54.0894 5532 ============================================================
21:17:54.0894 5532 Initialize success
21:17:54.0894 5532 ============================================================
21:32:23.0088 5684 ============================================================
21:32:23.0088 5684 Scan started
21:32:23.0088 5684 Mode: Manual; SigCheck; TDLFS;
21:32:23.0088 5684 ============================================================
21:32:24.0009 5684 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:32:24.0236 5684 ACPI - ok
21:32:24.0319 5684 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:32:24.0368 5684 adp94xx - ok
21:32:24.0432 5684 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:32:24.0455 5684 adpahci - ok
21:32:24.0487 5684 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:32:24.0512 5684 adpu160m - ok
21:32:24.0550 5684 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:32:24.0568 5684 adpu320 - ok
21:32:24.0619 5684 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
21:32:24.0742 5684 AeLookupSvc - ok
21:32:24.0841 5684 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:32:24.0912 5684 AFD - ok
21:32:24.0972 5684 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:32:24.0999 5684 agp440 - ok
21:32:25.0062 5684 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:32:25.0092 5684 aic78xx - ok
21:32:25.0140 5684 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
21:32:25.0310 5684 ALG - ok
21:32:25.0337 5684 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:32:25.0362 5684 aliide - ok
21:32:25.0394 5684 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:32:25.0421 5684 amdagp - ok
21:32:25.0446 5684 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:32:25.0472 5684 amdide - ok
21:32:25.0494 5684 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:32:25.0585 5684 AmdK7 - ok
21:32:25.0607 5684 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:32:25.0675 5684 AmdK8 - ok
21:32:25.0812 5684 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:32:25.0841 5684 AntiVirSchedulerService - ok
21:32:25.0888 5684 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:32:25.0913 5684 AntiVirService - ok
21:32:25.0961 5684 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
21:32:26.0030 5684 Appinfo - ok
21:32:26.0085 5684 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:32:26.0114 5684 arc - ok
21:32:26.0180 5684 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:32:26.0209 5684 arcsas - ok
21:32:26.0248 5684 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:32:26.0322 5684 AsyncMac - ok
21:32:26.0358 5684 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:32:26.0385 5684 atapi - ok
21:32:26.0512 5684 Ati External Event Utility (37c63181d8a1b6c948f0866bcbde406e) C:\Windows\system32\Ati2evxx.exe
21:32:26.0585 5684 Ati External Event Utility - ok
21:32:27.0096 5684 atikmdag (a2b6478963451a99c28da8133b648142) C:\Windows\system32\DRIVERS\atikmdag.sys
21:32:27.0341 5684 atikmdag - ok
21:32:27.0523 5684 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:32:27.0591 5684 AtiPcie - ok
21:32:27.0689 5684 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
21:32:27.0741 5684 AudioEndpointBuilder - ok
21:32:27.0752 5684 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
21:32:27.0805 5684 Audiosrv - ok
21:32:27.0868 5684 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
21:32:27.0929 5684 avgntflt - ok
21:32:27.0961 5684 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
21:32:27.0988 5684 avipbb - ok
21:32:28.0006 5684 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
21:32:28.0023 5684 avkmgr - ok
21:32:28.0081 5684 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:32:28.0140 5684 Beep - ok
21:32:28.0222 5684 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
21:32:28.0291 5684 BFE - ok
21:32:28.0440 5684 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
21:32:28.0562 5684 BITS - ok
21:32:28.0582 5684 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:32:28.0657 5684 blbdrive - ok
21:32:28.0711 5684 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:32:28.0768 5684 bowser - ok
21:32:28.0820 5684 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:32:28.0874 5684 BrFiltLo - ok
21:32:28.0897 5684 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:32:28.0954 5684 BrFiltUp - ok
21:32:28.0994 5684 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
21:32:29.0086 5684 Browser - ok
21:32:29.0113 5684 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:32:29.0352 5684 Brserid - ok
21:32:29.0376 5684 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:32:29.0451 5684 BrSerWdm - ok
21:32:29.0479 5684 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:32:29.0556 5684 BrUsbMdm - ok
21:32:29.0579 5684 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:32:29.0655 5684 BrUsbSer - ok
21:32:29.0696 5684 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:32:29.0755 5684 BTHMODEM - ok
21:32:29.0806 5684 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:32:29.0854 5684 cdfs - ok
21:32:29.0903 5684 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:32:29.0931 5684 cdrom - ok
21:32:29.0975 5684 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
21:32:30.0051 5684 CertPropSvc - ok
21:32:30.0074 5684 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
21:32:30.0120 5684 circlass - ok
21:32:30.0183 5684 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:32:30.0209 5684 CLFS - ok
21:32:30.0288 5684 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:32:30.0311 5684 clr_optimization_v2.0.50727_32 - ok
21:32:30.0431 5684 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:32:30.0458 5684 clr_optimization_v4.0.30319_32 - ok
21:32:30.0507 5684 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:32:30.0574 5684 CmBatt - ok
21:32:30.0606 5684 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:32:30.0631 5684 cmdide - ok
21:32:30.0655 5684 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:32:30.0682 5684 Compbatt - ok
21:32:30.0690 5684 COMSysApp - ok
21:32:30.0783 5684 ConfigFree Service (d10d01b2dfcd8d2f32a32ed29e8da1c2) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
21:32:30.0813 5684 ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
21:32:30.0813 5684 ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
21:32:30.0826 5684 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:32:30.0854 5684 crcdisk - ok
21:32:30.0878 5684 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:32:30.0932 5684 Crusoe - ok
21:32:30.0989 5684 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
21:32:31.0051 5684 CryptSvc - ok
21:32:31.0152 5684 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
21:32:31.0202 5684 DcomLaunch - ok
21:32:31.0273 5684 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:32:31.0327 5684 DfsC - ok
21:32:31.0624 5684 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
21:32:31.0841 5684 DFSR - ok
21:32:32.0095 5684 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
21:32:32.0156 5684 Dhcp - ok
21:32:32.0235 5684 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:32:32.0262 5684 disk - ok
21:32:32.0331 5684 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
21:32:32.0392 5684 Dnscache - ok
21:32:32.0442 5684 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
21:32:32.0492 5684 dot3svc - ok
21:32:32.0548 5684 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
21:32:32.0606 5684 DPS - ok
21:32:32.0637 5684 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:32:32.0691 5684 drmkaud - ok
21:32:32.0794 5684 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:32:32.0850 5684 DXGKrnl - ok
21:32:32.0900 5684 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:32:32.0966 5684 E1G60 - ok
21:32:33.0011 5684 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
21:32:33.0063 5684 EapHost - ok
21:32:33.0131 5684 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:32:33.0151 5684 Ecache - ok
21:32:33.0251 5684 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
21:32:33.0290 5684 ehRecvr - ok
21:32:33.0325 5684 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
21:32:33.0382 5684 ehSched - ok
21:32:33.0405 5684 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
21:32:33.0429 5684 ehstart - ok
21:32:33.0510 5684 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:32:33.0553 5684 elxstor - ok
21:32:33.0656 5684 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
21:32:33.0745 5684 EMDMgmt - ok
21:32:33.0884 5684 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
21:32:33.0922 5684 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
21:32:33.0922 5684 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
21:32:33.0955 5684 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:32:34.0022 5684 ErrDev - ok
21:32:34.0109 5684 esgiguard (2407b8164e966755bc6a4242fc9de31e) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
21:32:34.0132 5684 esgiguard - ok
21:32:34.0209 5684 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
21:32:34.0258 5684 EventSystem - ok
21:32:34.0319 5684 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:32:34.0388 5684 exfat - ok
21:32:34.0441 5684 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:32:34.0504 5684 fastfat - ok
21:32:34.0547 5684 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:32:34.0626 5684 fdc - ok
21:32:34.0663 5684 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
21:32:34.0726 5684 fdPHost - ok
21:32:34.0738 5684 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
21:32:34.0853 5684 FDResPub - ok
21:32:34.0892 5684 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:32:34.0911 5684 FileInfo - ok
21:32:34.0935 5684 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:32:34.0998 5684 Filetrace - ok
21:32:35.0271 5684 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
21:32:35.0413 5684 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
21:32:35.0413 5684 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
21:32:35.0620 5684 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:32:35.0686 5684 flpydisk - ok
21:32:35.0753 5684 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:32:35.0786 5684 FltMgr - ok
21:32:36.0013 5684 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
21:32:36.0146 5684 FontCache - ok
21:32:36.0229 5684 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:32:36.0252 5684 FontCache3.0.0.0 - ok
21:32:36.0287 5684 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
21:32:36.0332 5684 Fs_Rec - ok
21:32:36.0357 5684 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
21:32:36.0417 5684 FwLnk - ok
21:32:36.0454 5684 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:32:36.0481 5684 gagp30kx - ok
21:32:36.0831 5684 GoogleDesktopManager (4edbba45ba5662945c7ac2c4cc80911f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
21:32:36.0982 5684 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning
21:32:36.0982 5684 GoogleDesktopManager - detected UnsignedFile.Multi.Generic (1)
21:32:37.0197 5684 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
21:32:37.0311 5684 gpsvc - ok
21:32:37.0449 5684 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:32:37.0474 5684 gupdate - ok
21:32:37.0493 5684 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
21:32:37.0516 5684 gupdatem - ok
21:32:37.0568 5684 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:32:37.0594 5684 gusvc - ok
21:32:37.0718 5684 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
21:32:37.0842 5684 HdAudAddService - ok
21:32:37.0943 5684 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:32:38.0026 5684 HDAudBus - ok
21:32:38.0045 5684 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:32:38.0147 5684 HidBth - ok
21:32:38.0165 5684 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:32:38.0257 5684 HidIr - ok
21:32:38.0291 5684 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
21:32:38.0345 5684 hidserv - ok
21:32:38.0373 5684 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:32:38.0413 5684 HidUsb - ok
21:32:38.0455 5684 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
21:32:38.0513 5684 hkmsvc - ok
21:32:38.0536 5684 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:32:38.0561 5684 HpCISSs - ok
21:32:38.0627 5684 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:32:38.0691 5684 HSFHWAZL - ok
21:32:38.0871 5684 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:32:38.0964 5684 HSF_DPV - ok
21:32:39.0038 5684 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:32:39.0078 5684 HSXHWAZL - ok
21:32:39.0160 5684 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:32:39.0246 5684 HTTP - ok
21:32:39.0318 5684 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:32:39.0332 5684 i2omp - ok
21:32:39.0383 5684 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:32:39.0416 5684 i8042prt - ok
21:32:39.0463 5684 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:32:39.0490 5684 iaStorV - ok
21:32:39.0643 5684 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:32:39.0672 5684 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:32:39.0672 5684 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:32:39.0864 5684 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:32:39.0925 5684 idsvc - ok
21:32:39.0962 5684 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:32:39.0982 5684 iirsp - ok
21:32:40.0068 5684 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
21:32:40.0120 5684 IKEEXT - ok
21:32:40.0444 5684 IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys
21:32:40.0583 5684 IntcAzAudAddService - ok
21:32:40.0766 5684 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:32:40.0790 5684 intelide - ok
21:32:40.0825 5684 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:32:40.0896 5684 intelppm - ok
21:32:40.0934 5684 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
21:32:41.0009 5684 IPBusEnum - ok
21:32:41.0037 5684 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:32:41.0114 5684 IpFilterDriver - ok
21:32:41.0175 5684 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
21:32:41.0231 5684 iphlpsvc - ok
21:32:41.0237 5684 IpInIp - ok
21:32:41.0266 5684 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:32:41.0321 5684 IPMIDRV - ok
21:32:41.0353 5684 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:32:41.0412 5684 IPNAT - ok
21:32:41.0440 5684 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:32:41.0504 5684 IRENUM - ok
21:32:41.0528 5684 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:32:41.0556 5684 isapnp - ok
21:32:41.0637 5684 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:32:41.0671 5684 iScsiPrt - ok
21:32:41.0695 5684 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:32:41.0718 5684 iteatapi - ok
21:32:41.0764 5684 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:32:41.0778 5684 iteraid - ok
21:32:41.0801 5684 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:32:41.0819 5684 kbdclass - ok
21:32:41.0844 5684 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
21:32:41.0879 5684 kbdhid - ok
21:32:41.0914 5684 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:32:41.0959 5684 KeyIso - ok
21:32:42.0049 5684 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
21:32:42.0080 5684 KSecDD - ok
21:32:42.0174 5684 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
21:32:42.0259 5684 KtmRm - ok
21:32:42.0306 5684 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
21:32:42.0332 5684 LanmanServer - ok
21:32:42.0395 5684 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
21:32:42.0438 5684 LanmanWorkstation - ok
21:32:42.0493 5684 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:32:42.0549 5684 lltdio - ok
21:32:42.0609 5684 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
21:32:42.0688 5684 lltdsvc - ok
21:32:42.0723 5684 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
21:32:42.0836 5684 lmhosts - ok
21:32:42.0877 5684 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:32:42.0906 5684 LSI_FC - ok
21:32:42.0950 5684 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:32:42.0979 5684 LSI_SAS - ok
21:32:43.0020 5684 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:32:43.0049 5684 LSI_SCSI - ok
21:32:43.0086 5684 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:32:43.0154 5684 luafv - ok
21:32:43.0206 5684 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\drivers\massfilter.sys
21:32:43.0275 5684 massfilter - ok
21:32:43.0315 5684 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
21:32:43.0342 5684 Mcx2Svc - ok
21:32:43.0375 5684 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:32:43.0405 5684 mdmxsdk - ok
21:32:43.0457 5684 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:32:43.0475 5684 megasas - ok
21:32:43.0572 5684 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:32:43.0608 5684 MegaSR - ok
21:32:43.0635 5684 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:32:43.0679 5684 MMCSS - ok
21:32:43.0699 5684 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:32:43.0769 5684 Modem - ok
21:32:43.0802 5684 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:32:43.0873 5684 monitor - ok
21:32:43.0885 5684 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:32:43.0912 5684 mouclass - ok
21:32:43.0937 5684 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:32:44.0005 5684 mouhid - ok
21:32:44.0030 5684 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:32:44.0057 5684 MountMgr - ok
21:32:44.0112 5684 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:32:44.0140 5684 mpio - ok
21:32:44.0172 5684 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:32:44.0230 5684 mpsdrv - ok
21:32:44.0315 5684 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
21:32:44.0390 5684 MpsSvc - ok
21:32:44.0410 5684 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:32:44.0435 5684 Mraid35x - ok
21:32:44.0487 5684 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:32:44.0532 5684 MRxDAV - ok
21:32:44.0580 5684 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:32:44.0629 5684 mrxsmb - ok
21:32:44.0681 5684 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:32:44.0733 5684 mrxsmb10 - ok
21:32:44.0778 5684 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:32:44.0822 5684 mrxsmb20 - ok
21:32:44.0877 5684 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
21:32:44.0905 5684 msahci - ok
21:32:44.0957 5684 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:32:44.0972 5684 msdsm - ok
21:32:45.0026 5684 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
21:32:45.0061 5684 MSDTC - ok
21:32:45.0097 5684 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:32:45.0167 5684 Msfs - ok
21:32:45.0216 5684 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:32:45.0238 5684 msisadrv - ok
21:32:45.0279 5684 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
21:32:45.0333 5684 MSiSCSI - ok
21:32:45.0347 5684 msiserver - ok
21:32:45.0369 5684 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:32:45.0403 5684 MSKSSRV - ok
21:32:45.0438 5684 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:32:45.0494 5684 MSPCLOCK - ok
21:32:45.0521 5684 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:32:45.0588 5684 MSPQM - ok
21:32:45.0644 5684 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:32:45.0676 5684 MsRPC - ok
21:32:45.0703 5684 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:32:45.0723 5684 mssmbios - ok
21:32:45.0739 5684 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:32:45.0789 5684 MSTEE - ok
21:32:45.0817 5684 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:32:45.0837 5684 Mup - ok
21:32:45.0902 5684 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
21:32:45.0944 5684 napagent - ok
21:32:46.0005 5684 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:32:46.0057 5684 NativeWifiP - ok
21:32:46.0176 5684 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:32:46.0229 5684 NDIS - ok
21:32:46.0252 5684 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:32:46.0301 5684 NdisTapi - ok
21:32:46.0328 5684 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:32:46.0364 5684 Ndisuio - ok
21:32:46.0427 5684 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:32:46.0467 5684 NdisWan - ok
21:32:46.0485 5684 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:32:46.0511 5684 NDProxy - ok
21:32:46.0533 5684 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:32:46.0578 5684 NetBIOS - ok
21:32:46.0636 5684 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:32:46.0694 5684 netbt - ok
21:32:46.0743 5684 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:32:46.0772 5684 Netlogon - ok
21:32:46.0833 5684 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
21:32:46.0917 5684 Netman - ok
21:32:46.0970 5684 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
21:32:47.0050 5684 netprofm - ok
21:32:47.0130 5684 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:32:47.0144 5684 NetTcpPortSharing - ok
21:32:47.0180 5684 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:32:47.0193 5684 nfrd960 - ok
21:32:47.0233 5684 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
21:32:47.0268 5684 NlaSvc - ok
21:32:47.0297 5684 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:32:47.0341 5684 Npfs - ok
21:32:47.0369 5684 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
21:32:47.0409 5684 nsi - ok
21:32:47.0427 5684 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:32:47.0460 5684 nsiproxy - ok
21:32:47.0617 5684 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:32:47.0809 5684 Ntfs - ok
21:32:47.0842 5684 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:32:47.0961 5684 ntrigdigi - ok
21:32:47.0989 5684 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:32:48.0044 5684 Null - ok
21:32:48.0071 5684 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:32:48.0087 5684 nvraid - ok
21:32:48.0118 5684 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:32:48.0133 5684 nvstor - ok
21:32:48.0183 5684 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:32:48.0199 5684 nv_agp - ok
21:32:48.0211 5684 NwlnkFlt - ok
21:32:48.0219 5684 NwlnkFwd - ok
21:32:48.0292 5684 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
21:32:48.0357 5684 ohci1394 - ok
21:32:48.0493 5684 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:32:48.0600 5684 p2pimsvc - ok
21:32:48.0613 5684 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:32:48.0681 5684 p2psvc - ok
21:32:48.0718 5684 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:32:48.0866 5684 Parport - ok
21:32:48.0908 5684 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:32:48.0936 5684 partmgr - ok
21:32:48.0956 5684 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:32:49.0075 5684 Parvdm - ok
21:32:49.0113 5684 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
21:32:49.0184 5684 PcaSvc - ok
21:32:49.0241 5684 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:32:49.0272 5684 pci - ok
21:32:49.0354 5684 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:32:49.0374 5684 pciide - ok
21:32:49.0411 5684 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:32:49.0428 5684 pcmcia - ok
21:32:49.0953 5684 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:32:50.0126 5684 PEAUTH - ok
21:32:50.0443 5684 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
21:32:50.0612 5684 pla - ok
21:32:50.0814 5684 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
21:32:50.0863 5684 PlugPlay - ok
21:32:50.0971 5684 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:32:51.0058 5684 PNRPAutoReg - ok
21:32:51.0070 5684 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
21:32:51.0133 5684 PNRPsvc - ok
21:32:51.0216 5684 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
21:32:51.0301 5684 PolicyAgent - ok
21:32:51.0388 5684 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:32:51.0436 5684 PptpMiniport - ok
21:32:51.0475 5684 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
21:32:51.0522 5684 Processor - ok
21:32:51.0565 5684 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
21:32:51.0609 5684 ProfSvc - ok
21:32:51.0625 5684 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:32:51.0639 5684 ProtectedStorage - ok
21:32:51.0690 5684 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:32:51.0713 5684 PSched - ok
21:32:51.0738 5684 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
21:32:51.0750 5684 PSI - ok
21:32:51.0767 5684 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\Windows\system32\Drivers\PxHelp20.sys
21:32:51.0792 5684 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
21:32:51.0792 5684 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
21:32:51.0976 5684 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:32:52.0039 5684 ql2300 - ok
21:32:52.0073 5684 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:32:52.0089 5684 ql40xx - ok
21:32:52.0152 5684 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
21:32:52.0189 5684 QWAVE - ok
21:32:52.0211 5684 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:32:52.0253 5684 QWAVEdrv - ok
21:32:52.0273 5684 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:32:52.0307 5684 RasAcd - ok
21:32:52.0338 5684 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
21:32:52.0398 5684 RasAuto - ok
21:32:52.0437 5684 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:32:52.0467 5684 Rasl2tp - ok
21:32:52.0548 5684 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
21:32:52.0579 5684 RasMan - ok
21:32:52.0622 5684 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:32:52.0657 5684 RasPppoe - ok
21:32:52.0691 5684 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:32:52.0709 5684 RasSstp - ok
21:32:52.0768 5684 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:32:52.0810 5684 rdbss - ok
21:32:52.0837 5684 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:32:52.0900 5684 RDPCDD - ok
21:32:52.0958 5684 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:32:52.0992 5684 rdpdr - ok
21:32:53.0000 5684 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:32:53.0053 5684 RDPENCDD - ok
21:32:53.0110 5684 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
21:32:53.0217 5684 RDPWD - ok
21:32:53.0262 5684 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
21:32:53.0328 5684 RemoteAccess - ok
21:32:53.0381 5684 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
21:32:53.0433 5684 RemoteRegistry - ok
21:32:53.0487 5684 Revoflt (b9bb8e2093c1615ad6ea55ad96214354) C:\Windows\system32\DRIVERS\revoflt.sys
21:32:53.0506 5684 Revoflt - ok
21:32:53.0541 5684 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
21:32:53.0569 5684 RpcLocator - ok
21:32:53.0674 5684 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
21:32:53.0709 5684 RpcSs - ok
21:32:53.0744 5684 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:32:53.0803 5684 rspndr - ok
21:32:53.0878 5684 RTHDMIAzAudService (c853ae16ccf5033c0cba0855390f5c7f) C:\Windows\system32\drivers\RtHDMIV.sys
21:32:53.0892 5684 RTHDMIAzAudService - ok
21:32:53.0943 5684 RTL8169 (7157e70a90cce49deb8885d23a073a39) C:\Windows\system32\DRIVERS\Rtlh86.sys
21:32:53.0996 5684 RTL8169 - ok
21:32:54.0077 5684 RTL8187B (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
21:32:54.0147 5684 RTL8187B - ok
21:32:54.0171 5684 RtlProt (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys
21:32:54.0193 5684 RtlProt - ok
21:32:54.0232 5684 RTSTOR (9ff7d9cf3a5f296613588b0e8db83afe) C:\Windows\system32\drivers\RTSTOR.SYS
21:32:54.0287 5684 RTSTOR - ok
21:32:54.0331 5684 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
21:32:54.0347 5684 SamSs - ok
21:32:54.0382 5684 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:32:54.0406 5684 sbp2port - ok
21:32:54.0449 5684 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
21:32:54.0499 5684 SCardSvr - ok
21:32:54.0605 5684 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
21:32:54.0677 5684 Schedule - ok
21:32:54.0707 5684 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
21:32:54.0734 5684 SCPolicySvc - ok
21:32:54.0776 5684 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
21:32:54.0814 5684 SDRSVC - ok
21:32:54.0837 5684 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:32:54.0896 5684 secdrv - ok
21:32:54.0922 5684 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
21:32:54.0956 5684 seclogon - ok
21:32:55.0162 5684 Secunia PSI Agent (2d0599dd0124764fc939c59985c860de) C:\Program Files\Secunia\PSI\PSIA.exe
21:32:55.0254 5684 Secunia PSI Agent - ok
21:32:55.0322 5684 Secunia Update Agent (20b9e1adbc58958b480933e4da005dfb) C:\Program Files\Secunia\PSI\sua.exe
21:32:55.0377 5684 Secunia Update Agent - ok
21:32:55.0531 5684 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
21:32:55.0593 5684 SENS - ok
21:32:55.0667 5684 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:32:55.0753 5684 Serenum - ok
21:32:55.0787 5684 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:32:55.0851 5684 Serial - ok
21:32:55.0875 5684 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:32:55.0917 5684 sermouse - ok
21:32:55.0971 5684 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
21:32:56.0009 5684 SessionEnv - ok
21:32:56.0029 5684 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:32:56.0069 5684 sffdisk - ok
21:32:56.0088 5684 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:32:56.0122 5684 sffp_mmc - ok
21:32:56.0143 5684 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:32:56.0186 5684 sffp_sd - ok
21:32:56.0213 5684 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
21:32:56.0246 5684 sfloppy - ok
21:32:56.0316 5684 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
21:32:56.0366 5684 SharedAccess - ok
21:32:56.0422 5684 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
21:32:56.0483 5684 ShellHWDetection - ok
21:32:56.0515 5684 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:32:56.0533 5684 sisagp - ok
21:32:56.0553 5684 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:32:56.0568 5684 SiSRaid2 - ok
21:32:56.0604 5684 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:32:56.0619 5684 SiSRaid4 - ok
21:32:57.0069 5684 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
21:32:57.0294 5684 slsvc - ok
21:32:57.0443 5684 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
21:32:57.0492 5684 SLUINotify - ok
21:32:57.0575 5684 SmartFaceVWatchSrv (3566310df25ea5c3b2e9f50f5b50eac1) C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
21:32:57.0586 5684 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - warning
21:32:57.0586 5684 SmartFaceVWatchSrv - detected UnsignedFile.Multi.Generic (1)
21:32:57.0657 5684 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:32:57.0699 5684 Smb - ok
21:32:57.0751 5684 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
21:32:57.0823 5684 SNMPTRAP - ok
21:32:57.0850 5684 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:32:57.0878 5684 spldr - ok
21:32:57.0929 5684 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
21:32:57.0999 5684 Spooler - ok
21:32:58.0088 5684 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:32:58.0151 5684 srv - ok
21:32:58.0227 5684 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:32:58.0282 5684 srv2 - ok
21:32:58.0338 5684 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:32:58.0384 5684 srvnet - ok
21:32:58.0435 5684 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
21:32:58.0498 5684 SSDPSRV - ok
21:32:58.0536 5684 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:32:58.0556 5684 ssmdrv - ok
21:32:58.0625 5684 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
21:32:58.0675 5684 SstpSvc - ok
21:32:58.0800 5684 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
21:32:58.0874 5684 stisvc - ok
21:32:58.0912 5684 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:32:58.0938 5684 swenum - ok
21:32:59.0006 5684 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
21:32:59.0091 5684 swprv - ok
21:32:59.0148 5684 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:32:59.0173 5684 Symc8xx - ok
21:32:59.0216 5684 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:32:59.0241 5684 Sym_hi - ok
21:32:59.0263 5684 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:32:59.0288 5684 Sym_u3 - ok
21:32:59.0358 5684 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
21:32:59.0387 5684 SynTP - ok
21:32:59.0496 5684 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
21:32:59.0546 5684 SysMain - ok
21:32:59.0583 5684 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
21:32:59.0602 5684 TabletInputService - ok
21:32:59.0668 5684 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
21:32:59.0701 5684 TapiSrv - ok
21:32:59.0723 5684 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
21:32:59.0788 5684 TBS - ok
21:32:59.0959 5684 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
21:33:00.0114 5684 Tcpip - ok
21:33:00.0138 5684 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
21:33:00.0215 5684 Tcpip6 - ok
21:33:00.0260 5684 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
21:33:00.0323 5684 tcpipreg - ok
21:33:00.0377 5684 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
21:33:00.0432 5684 tdcmdpst - ok
21:33:00.0472 5684 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:33:00.0527 5684 TDPIPE - ok
21:33:00.0557 5684 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:33:00.0627 5684 TDTCP - ok
21:33:00.0677 5684 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:33:00.0721 5684 tdx - ok
21:33:00.0823 5684 TemproMonitoringService (24ea631fec13e87afe07a2b28732ef38) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
21:33:00.0848 5684 TemproMonitoringService - ok
21:33:00.0894 5684 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:33:00.0923 5684 TermDD - ok
21:33:01.0021 5684 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
21:33:01.0122 5684 TermService - ok
21:33:01.0183 5684 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
21:33:01.0218 5684 Themes - ok
21:33:01.0256 5684 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
21:33:01.0314 5684 THREADORDER - ok
21:33:01.0403 5684 TNaviSrv (b146492a882a25a2df1db4668fced6c8) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
21:33:01.0427 5684 TNaviSrv - ok
21:33:01.0458 5684 TODDSrv (c5ac715b65b01788abc22d10749dddd8) C:\Windows\system32\TODDSrv.exe
21:33:01.0487 5684 TODDSrv - ok
21:33:01.0560 5684 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
21:33:01.0593 5684 TosCoSrv - ok
21:33:01.0637 5684 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
21:33:01.0660 5684 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
21:33:01.0660 5684 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
21:33:01.0768 5684 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
21:33:01.0810 5684 tos_sps32 - ok
21:33:01.0847 5684 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
21:33:01.0888 5684 TrkWks - ok
21:33:01.0954 5684 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
21:33:01.0979 5684 TrustedInstaller - ok
21:33:02.0007 5684 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:33:02.0055 5684 tssecsrv - ok
21:33:02.0078 5684 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:33:02.0097 5684 tunmp - ok
21:33:02.0130 5684 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:33:02.0152 5684 tunnel - ok
21:33:02.0189 5684 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
21:33:02.0201 5684 TVALZ - ok
21:33:02.0252 5684 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:33:02.0273 5684 uagp35 - ok
21:33:02.0337 5684 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:33:02.0364 5684 udfs - ok
21:33:02.0446 5684 UI Assistant Service (30b78a6296127b7a793cf42ca61b29b0) C:\Program Files\Join Air\AssistantServices.exe
21:33:02.0470 5684 UI Assistant Service - ok
21:33:02.0511 5684 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
21:33:02.0554 5684 UI0Detect - ok
21:33:02.0665 5684 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
21:33:02.0694 5684 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
21:33:02.0694 5684 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
21:33:02.0727 5684 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:33:02.0745 5684 uliagpkx - ok
21:33:02.0791 5684 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:33:02.0818 5684 uliahci - ok
21:33:02.0858 5684 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:33:02.0880 5684 UlSata - ok
21:33:02.0926 5684 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:33:02.0942 5684 ulsata2 - ok
21:33:02.0972 5684 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:33:03.0005 5684 umbus - ok
21:33:03.0057 5684 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
21:33:03.0135 5684 upnphost - ok
21:33:03.0196 5684 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:33:03.0245 5684 usbccgp - ok
21:33:03.0279 5684 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:33:03.0404 5684 usbcir - ok
21:33:03.0438 5684 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:33:03.0481 5684 usbehci - ok
21:33:03.0524 5684 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:33:03.0571 5684 usbhub - ok
21:33:03.0594 5684 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
21:33:03.0626 5684 usbohci - ok
21:33:03.0661 5684 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:33:03.0694 5684 usbprint - ok
21:33:03.0738 5684 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:33:03.0764 5684 usbscan - ok
21:33:03.0812 5684 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:33:03.0862 5684 USBSTOR - ok
21:33:03.0881 5684 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:33:03.0929 5684 usbuhci - ok
21:33:03.0963 5684 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
21:33:04.0010 5684 usbvideo - ok
21:33:04.0050 5684 UVCFTR (8c5094a8ab24de7496c7c19942f2df04) C:\Windows\system32\Drivers\UVCFTR_S.SYS
21:33:04.0075 5684 UVCFTR - ok
21:33:04.0111 5684 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
21:33:04.0137 5684 UxSms - ok
21:33:04.0213 5684 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
21:33:04.0281 5684 vds - ok
21:33:04.0309 5684 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:33:04.0350 5684 vga - ok
21:33:04.0358 5684 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:33:04.0389 5684 VgaSave - ok
21:33:04.0411 5684 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:33:04.0427 5684 viaagp - ok
21:33:04.0453 5684 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:33:04.0484 5684 ViaC7 - ok
21:33:04.0508 5684 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:33:04.0522 5684 viaide - ok
21:33:04.0559 5684 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:33:04.0575 5684 volmgr - ok
21:33:04.0641 5684 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:33:04.0664 5684 volmgrx - ok
21:33:04.0722 5684 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:33:04.0741 5684 volsnap - ok
21:33:04.0775 5684 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:33:04.0792 5684 vsmraid - ok
21:33:04.0955 5684 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
21:33:05.0105 5684 VSS - ok
21:33:05.0186 5684 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
21:33:05.0240 5684 W32Time - ok
21:33:05.0312 5684 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:33:05.0373 5684 WacomPen - ok
21:33:05.0406 5684 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:33:05.0454 5684 Wanarp - ok
21:33:05.0460 5684 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:33:05.0487 5684 Wanarpv6 - ok
21:33:05.0553 5684 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
21:33:05.0590 5684 wcncsvc - ok
21:33:05.0629 5684 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
21:33:05.0660 5684 WcsPlugInService - ok
21:33:05.0683 5684 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:33:05.0698 5684 Wd - ok
21:33:05.0778 5684 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:33:05.0807 5684 Wdf01000 - ok
21:33:05.0834 5684 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:33:05.0872 5684 WdiServiceHost - ok
21:33:05.0879 5684 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
21:33:05.0937 5684 WdiSystemHost - ok
21:33:05.0999 5684 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
21:33:06.0026 5684 WebClient - ok
21:33:06.0075 5684 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
21:33:06.0111 5684 Wecsvc - ok
21:33:06.0143 5684 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
21:33:06.0172 5684 wercplsupport - ok
21:33:06.0223 5684 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
21:33:06.0253 5684 WerSvc - ok
21:33:06.0356 5684 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:33:06.0430 5684 winachsf - ok
21:33:06.0604 5684 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
21:33:06.0624 5684 WinDefend - ok
21:33:06.0638 5684 WinHttpAutoProxySvc - ok
21:33:06.0721 5684 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
21:33:06.0748 5684 Winmgmt - ok
21:33:06.0928 5684 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
21:33:07.0011 5684 WinRM - ok
21:33:07.0121 5684 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
21:33:07.0173 5684 Wlansvc - ok
21:33:07.0244 5684 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
21:33:07.0299 5684 WmiAcpi - ok
21:33:07.0391 5684 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
21:33:07.0435 5684 wmiApSrv - ok
21:33:07.0634 5684 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:33:07.0790 5684 WMPNetworkSvc - ok
21:33:07.0939 5684 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
21:33:08.0023 5684 WPCSvc - ok
21:33:08.0066 5684 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
21:33:08.0110 5684 WPDBusEnum - ok
21:33:08.0512 5684 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:33:08.0565 5684 WPFFontCache_v0400 - ok
21:33:08.0642 5684 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:33:08.0719 5684 ws2ifsl - ok
21:33:08.0774 5684 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
21:33:08.0821 5684 wscsvc - ok
21:33:08.0828 5684 WSearch - ok
21:33:09.0132 5684 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
21:33:09.0267 5684 wuauserv - ok
21:33:09.0477 5684 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:33:09.0526 5684 WUDFRd - ok
21:33:09.0573 5684 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
21:33:09.0614 5684 wudfsvc - ok
21:33:09.0650 5684 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
21:33:09.0687 5684 XAudio - ok
21:33:09.0769 5684 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
21:33:09.0789 5684 XAudioService - ok
21:33:09.0863 5684 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
21:33:09.0891 5684 ZTEusbmdm6k - ok
21:33:09.0929 5684 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
21:33:09.0944 5684 ZTEusbnmea - ok
21:33:09.0974 5684 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
21:33:09.0989 5684 ZTEusbser6k - ok
21:33:10.0016 5684 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:33:10.0269 5684 \Device\Harddisk0\DR0 - ok
21:33:10.0277 5684 Boot (0x1200) (cd5f36436d11ff47f260055ffe21d983) \Device\Harddisk0\DR0\Partition0
21:33:10.0283 5684 \Device\Harddisk0\DR0\Partition0 - ok
21:33:10.0311 5684 Boot (0x1200) (5044347926b225072ad2262b50cf2efa) \Device\Harddisk0\DR0\Partition1
21:33:10.0314 5684 \Device\Harddisk0\DR0\Partition1 - ok
21:33:10.0316 5684 ============================================================
21:33:10.0316 5684 Scan finished
21:33:10.0316 5684 ============================================================
21:33:10.0341 4860 Detected object count: 9
21:33:10.0341 4860 Actual detected object count: 9
21:35:10.0364 4860 ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0364 4860 ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:10.0365 4860 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0365 4860 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:10.0373 4860 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0373 4860 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:10.0375 4860 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0375 4860 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:10.0380 4860 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0380 4860 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:10.0385 4860 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0385 4860 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:10.0390 4860 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0391 4860 SmartFaceVWatchSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:10.0395 4860 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0395 4860 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:35:10.0400 4860 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
21:35:10.0400 4860 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
28.04.2012, 14:00
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Spyhunter 4 läßt sich nicht entfernen. Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
28.04.2012, 20:49
| #18 |
| | Spyhunter 4 läßt sich nicht entfernen.Code:
ATTFilter ComboFix 12-04-28.01 - surborg 28.04.2012 21:26:48.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3581.2385 [GMT 2:00]
ausgeführt von:: c:\users\surborg\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\surborg\AppData\Roaming\Microsoft\Windows\Recent\mxfilerelatedcache.mxc2
c:\users\surborg\AppData\Roaming\Mozilla\Firefox\Profiles\kfdi17ri.default\weave\toFetch
c:\users\surborg\AppData\Roaming\Mozilla\Firefox\Profiles\kfdi17ri.default\weave\toFetch\clients.json
c:\users\surborg\AppData\Roaming\Mozilla\Firefox\Profiles\kfdi17ri.default\weave\toFetch\tabs.json
c:\users\surborg\AppData\Roaming\result.db
c:\users\surborg\Favorites\mxfilerelatedcache.mxc2
c:\windows\system32\bdaplgin.ax
c:\windows\system32\cero.rs
c:\windows\system32\declrds.ax
c:\windows\system32\esrb.rs
c:\windows\system32\g711codc.ax
c:\windows\system32\grb.rs
c:\windows\system32\iac25_32.ax
c:\windows\system32\ir41_32.ax
c:\windows\system32\ivfsrc.ax
c:\windows\system32\ksproxy.ax
c:\windows\system32\kstvtune.ax
c:\windows\system32\Kswdmcap.ax
c:\windows\system32\ksxbar.ax
c:\windows\system32\Mpeg2Data.ax
c:\windows\system32\mpg2splt.ax
c:\windows\system32\MSDvbNP.ax
c:\windows\system32\MSNP.ax
c:\windows\system32\oflc.rs
c:\windows\system32\pegi-fi.rs
c:\windows\system32\pegi-pt.rs
c:\windows\system32\pegi.rs
c:\windows\system32\pegibbfc.rs
c:\windows\system32\psisrndr.ax
c:\windows\system32\usk.rs
c:\windows\system32\VBICodec.ax
c:\windows\system32\vbisurf.ax
c:\windows\system32\vidcap.ax
c:\windows\system32\WEB.rs
c:\windows\system32\WSTPager.ax
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-28 bis 2012-04-28 ))))))))))))))))))))))))))))))
.
.
2012-04-28 19:34 . 2012-04-28 19:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-28 19:34 . 2012-04-28 19:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-26 11:58 . 2012-04-26 11:58 -------- d-----w- c:\program files\7-Zip
2012-04-25 13:22 . 2012-04-25 13:22 -------- d-----w- C:\_OTL
2012-04-25 09:45 . 2012-04-25 09:45 110080 ----a-r- c:\users\surborg\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconF7A21AF7.exe
2012-04-25 09:45 . 2012-04-25 09:45 110080 ----a-r- c:\users\surborg\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconD7F16134.exe
2012-04-25 09:45 . 2012-04-25 09:45 110080 ----a-r- c:\users\surborg\AppData\Roaming\Microsoft\Installer\{4E0C6314-A8B8-4026-AC15-084E8B63AFB5}\IconCF33A0CE.exe
2012-04-25 09:45 . 2012-04-25 09:45 -------- d-----w- C:\sh4ldr
2012-04-25 09:45 . 2012-04-25 09:45 -------- d-----w- c:\program files\Enigma Software Group
2012-04-24 05:51 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AE700C97-02CB-47CE-B336-A344D5810F3B}\mpengine.dll
2012-04-11 06:20 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-04-01 12:40 . 2006-12-19 16:31 110592 ----a-w- c:\windows\system32\EEBDSCVR.dll
2012-04-01 12:40 . 2006-12-19 16:20 77824 ----a-w- c:\windows\system32\EBAPI.dll
2012-04-01 12:40 . 2003-12-16 23:01 55808 ----a-w- c:\windows\system32\EEBSDKIF.dll
2012-04-01 12:17 . 2008-12-01 11:00 457611 ----a-w- c:\windows\system32\ensppui.dll
2012-04-01 12:17 . 2008-12-01 11:00 457611 ----a-w- c:\windows\system32\enppui.dll
2012-04-01 12:17 . 2008-12-01 10:58 474892 ----a-w- c:\windows\system32\ensppmon.dll
2012-04-01 12:17 . 2008-12-01 10:58 474892 ----a-w- c:\windows\system32\enppmon.dll
2012-04-01 12:17 . 2008-06-18 09:49 249344 ----a-w- c:\windows\system32\enspres.dll
2012-04-01 12:17 . 2008-06-18 09:49 249344 ----a-w- c:\windows\system32\enpres.dll
2012-04-01 12:15 . 2012-04-01 12:17 -------- d-----w- c:\program files\EpsonNet
2012-04-01 12:13 . 2009-12-08 22:00 341504 ----a-w- c:\windows\system32\esw2ud.dll
2012-04-01 12:13 . 2009-04-30 22:00 15872 ----a-w- c:\windows\system32\escdev.dll
2012-04-01 12:13 . 2009-04-30 22:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 13:56 . 2011-07-12 08:21 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-23 08:18 . 2011-07-10 14:26 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-19 16:43 . 2012-02-19 16:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-15 13:32 . 2011-10-14 09:33 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-02-14 15:45 . 2012-03-14 06:00 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-14 06:00 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-14 06:00 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-14 06:00 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-14 06:00 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-02 15:16 . 2012-03-14 06:00 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-18 19:50 . 2012-02-29 17:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"NDSTray.exe"="NDSTray.exe" [BU]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-27 1836544]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"UIExec"="c:\program files\Join Air\UIExec.exe" [2010-04-27 138072]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2010-10-26 1050072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-15 17:11]
.
2012-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-15 17:11]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\surborg\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\surborg\AppData\Roaming\Mozilla\Firefox\Profiles\kfdi17ri.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Suche
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Toshiba TEMPO - c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
AddRemove-EPSON Scanner - c:\program files\epson\escndv\setup\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-04-28 21:34
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i????????$o?????a???a???a?( a?P
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-04-28 21:36:54
ComboFix-quarantined-files.txt 2012-04-28 19:36
.
Vor Suchlauf: 12 Verzeichnis(se), 53.336.313.856 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 53.302.153.216 Bytes frei
.
- - End Of File - - CCEF4E7E58B53D477EE3F53E58C1D387
Der Spyhunter ließ sich nicht schließen.Ich mußte während des Combofixscans oft den Zulassen-Button des Spyhunters anklicken. |
|
30.04.2012, 12:11
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spyhunter 4 läßt sich nicht entfernen. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
30.04.2012, 15:13
| #20 |
| | Spyhunter 4 läßt sich nicht entfernen.Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-04-30 16:07:49
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500BEVS-26UST0 rev.01.01A01
Running: grpmsxql.exe; Driver: C:\Users\surborg\AppData\Local\Temp\fxdirfog.sys
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ZwCreateSection [0x9D597700]
SSDT 8DA20F50 ZwRequestWaitReplyPort
SSDT 8DA20F4B ZwSetContextThread
SSDT 8DA20F55 ZwSetSecurityObject
SSDT 8DA20F5A ZwSystemDebugControl
SSDT 8DA20EE7 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 215 826FA998 4 Bytes [00, 77, 59, 9D] {ADD [EDI+0x59], DH; POPF }
.text ntkrnlpa.exe!KeSetEvent + 539 826FACBC 4 Bytes [50, 0F, A2, 8D]
.text ntkrnlpa.exe!KeSetEvent + 56D 826FACF0 4 Bytes [4B, 0F, A2, 8D]
.text ntkrnlpa.exe!KeSetEvent + 5D1 826FAD54 4 Bytes [55, 0F, A2, 8D]
.text ntkrnlpa.exe!KeSetEvent + 619 826FAD9C 4 Bytes [5A, 0F, A2, 8D]
.text ...
.text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x83357000, 0x4036D, 0xE8000020]
.dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x833A0000, 0x510, 0x40000040]
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8F603000, 0x1FB52A, 0xE8000020]
? C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys Das System kann die angegebene Datei nicht finden. !
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----
Library C:\Program (*** hidden *** ) @ C:\Program [2380] 0x00400000
Library C:\Program (*** hidden *** ) @ C:\Program [2380] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program [2380] 0x66FD0000
Library C:\Program (*** hidden *** ) @ C:\Program [2380] 0x67420000
Library C:\Program (*** hidden *** ) @ C:\Program [2380] 0x00160000
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-30 17:34:49
-----------------------------
17:34:49.798 OS Version: Windows 6.0.6002 Service Pack 2
17:34:49.798 Number of processors: 2 586 0x301
17:34:49.814 ComputerName: SURBORG-PC UserName: surborg
17:35:33.748 Initialize success
17:35:48.942 AVAST engine defs: 12043000
17:36:02.670 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:36:02.670 Disk 0 Vendor: WDC_WD2500BEVS-26UST0 01.01A01 Size: 238475MB BusType: 3
17:36:02.780 Disk 0 MBR read successfully
17:36:02.780 Disk 0 MBR scan
17:36:02.826 Disk 0 Windows VISTA default MBR code
17:36:02.842 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
17:36:02.873 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119078 MB offset 3074048
17:36:02.920 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 117895 MB offset 246945792
17:36:02.936 Disk 0 scanning sectors +488395120
17:36:03.076 Disk 0 scanning C:\Windows\system32\drivers
17:36:36.725 Service scanning
17:37:20.249 Modules scanning
17:37:32.417 Disk 0 trace - called modules:
17:37:32.448 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
17:37:32.448 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f70030]
17:37:32.464 3 CLASSPNP.SYS[8079c8b3] -> nt!IofCallDriver -> [0x85ec8f08]
17:37:32.464 5 acpi.sys[8060c6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85efeb98]
17:37:32.480 Scan finished successfully
17:45:05.231 Disk 0 MBR has been saved successfully to "C:\Users\surborg\Desktop\MBR.dat"
17:45:05.231 The log file has been saved successfully to "C:\Users\surborg\Desktop\aswMBR.txt"
Der Osam-Scan bereitet mir Probleme.Den muß ich später nochmal probieren. |
|
01.05.2012, 15:55
| #22 |
| | Spyhunter 4 läßt sich nicht entfernen. Ich habe das Erstellen des Osam-Scan mit Hilfe eurer Anleitung gemacht.Bei mir wurden Schritte übersprungen, das hatte mich irritiert.Ich habe einen Osam-Scan gemacht,habe aber eine html-Datei bekommen und weiß nicht wie ich sie las logfile speichern kann.Das wird mir irgendwie nicht angeboten. |
|
01.05.2012, 16:28
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spyhunter 4 läßt sich nicht entfernen. Versteh ich nicht! Du kannst doch auswählne wie genau das Log gespeichert werden soll! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.05.2012, 16:33
| #24 |
| | Spyhunter 4 läßt sich nicht entfernen. Ich mach es nochmal. Folgendes Problem: Unter settings, Dateireiter Scanner soll ich Einträge deaktivieren.Ich weiß nicht welche. Wenn ich es so einstelle wie in eurer Anleitung, bleibt der Apply-Button grau. Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 19:39:39 on 01.05.2012 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 11.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "TOSCDSPD.cpl" - "TOSHIBA" - C:\Windows\system32\TOSCDSPD.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\surborg\AppData\Local\Temp\catchme.sys (File not found) "esgiguard" (esgiguard) - ? - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "PSI" (PSI) - "Secunia" - C:\Windows\System32\DRIVERS\psi_mf.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "Revoflt" (Revoflt) - "VS Revo Group" - C:\Windows\System32\DRIVERS\revoflt.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020d75-0000-0000-c000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\MLSHEXT.DLL {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} "RUShellExt Class" - "VS Revo Group" - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.6.0_03" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "{D27CDB6E-AE6D-11CF-96B8-444553540000}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "Amazon.de" - ? - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home (HTTP value) "eBay - Der weltweite Online Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 (HTTP value) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Microsoft Office.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\OSA.EXE (Shortcut exists | File exists) "Secunia PSI Tray.lnk" - "Secunia" - C:\Program Files\Secunia\PSI\psi_tray.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "TOSCDSPD" - "TOSHIBA" - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "00TCrdMain" - "TOSHIBA Corporation" - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "EEventManager" - "SEIKO EPSON CORPORATION" - "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" "Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup "NDSTray.exe" - ? - NDSTray.exe (File not found) "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Toshiba TEMPRO" - "Toshiba Europe GmbH" - C:\Program Files\Toshiba TEMPRO\TemproTray.exe "TPwrMain" - "TOSHIBA Corporation" - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE "UIExec" - ? - "C:\Program Files\Join Air\UIExec.exe" (File found, but it contains no detailed information) [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "EPSON SX600FW Series 32MonitorBE" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\E_FLBEKE.DLL "EpsonNet Print Port" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\enppmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "ConfigFree Service" (ConfigFree Service) - "TOSHIBA CORPORATION" - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe "EpsonBidirectionalService" (EpsonBidirectionalService) - "SEIKO EPSON CORPORATION" - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Updater Service" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "GoogleDesktopManager" (GoogleDesktopManager) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Notebook Performance Tuning Service (TEMPRO)" (TemproMonitoringService) - "Toshiba Europe GmbH" - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe "Secunia PSI Agent" (Secunia PSI Agent) - "Secunia" - C:\Program Files\Secunia\PSI\PSIA.exe "Secunia Update Agent" (Secunia Update Agent) - "Secunia" - C:\Program Files\Secunia\PSI\sua.exe "SmartFaceVWatchSrv" (SmartFaceVWatchSrv) - "Toshiba" - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe "TOSHIBA Navi Support Service" (TNaviSrv) - "TOSHIBA Corporation" - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe "TOSHIBA Optical Disc Drive Service" (TODDSrv) - "TOSHIBA Corporation" - C:\Windows\system32\TODDSrv.exe "TOSHIBA Power Saver" (TosCoSrv) - "TOSHIBA Corporation" - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe "TOSHIBA SMART Log Service" (TOSHIBA SMART Log Service) - "TOSHIBA Corporation" - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe "UI Assistant Service" (UI Assistant Service) - ? - C:\Program Files\Join Air\AssistantServices.exe (File found, but it contains no detailed information) "Ulead Burning Helper" (UleadBurningHelper) - "Ulead Systems, Inc." - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
02.05.2012, 12:16
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spyhunter 4 läßt sich nicht entfernen. Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2012, 15:58
| #26 |
| | Spyhunter 4 läßt sich nicht entfernen.Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.05.02.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 surborg :: SURBORG-PC [Administrator] 02.05.2012 15:35:49 mbam-log-2012-05-02 (15-35-49).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 374040 Laufzeit: 1 Stunde(n), 19 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
02.05.2012, 18:43
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spyhunter 4 läßt sich nicht entfernen. Scannt SUPERAntiSpyware noch?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2012, 19:04
| #28 |
| | Spyhunter 4 läßt sich nicht entfernen. Ja,hat lange gebraucht. Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 05/02/2012 at 07:55 PM
Application Version : 5.0.1148
Core Rules Database Version : 8541
Trace Rules Database Version: 6353
Scan type : Complete Scan
Total Scan Time : 02:27:57
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 845
Memory threats detected : 0
Registry items scanned : 34160
Registry threats detected : 0
File items scanned : 176463
File threats detected : 271
Adware.Tracking Cookie
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\surborg@adx.chip[1].txt [ /adx.chip ]
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\surborg@smartadserver[1].txt [ /smartadserver ]
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\Q9FBWB65.txt [ /www.zanox-affiliate.de ]
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\YI0BV0VO.txt [ /ad.dyntracker.de ]
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\CYXKD6FF.txt [ /ad.zanox.com ]
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\BR44826V.txt [ /zanox.com ]
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\G9SGKU8J.txt [ /dyntracker.com ]
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\H9JFKW1O.txt [ /tracking.quisma.com ]
C:\Users\surborg\AppData\Roaming\Microsoft\Windows\Cookies\QU0B3SSE.txt [ /zanox-affiliate.de ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@ad.yieldmanager[1].txt [ Cookie:surborg@ad.yieldmanager.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@metroleap.rotator.hadj7.adjuggler[1].txt [ Cookie:surborg@metroleap.rotator.hadj7.adjuggler.net/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@bs.serving-sys[2].txt [ Cookie:surborg@bs.serving-sys.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@adserver.adreactor[1].txt [ Cookie:surborg@adserver.adreactor.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@zanox[1].txt [ Cookie:surborg@zanox.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@ad.zanox[1].txt [ Cookie:surborg@ad.zanox.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@smartadserver[2].txt [ Cookie:surborg@smartadserver.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@atdmt[2].txt [ Cookie:surborg@atdmt.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@webmasterplan[2].txt [ Cookie:surborg@webmasterplan.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@videoegg.adbureau[2].txt [ Cookie:surborg@videoegg.adbureau.net/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@serving-sys[1].txt [ Cookie:surborg@serving-sys.com/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@yadro[1].txt [ Cookie:surborg@yadro.ru/ ]
C:\USERS\SURBORG\AppData\Roaming\Microsoft\Windows\Cookies\Low\surborg@ww251.smartadserver[1].txt [ Cookie:surborg@ww251.smartadserver.com/ ]
C:\USERS\SURBORG\Cookies\YI0BV0VO.txt [ Cookie:surborg@ad.dyntracker.de/ ]
C:\USERS\SURBORG\Cookies\CYXKD6FF.txt [ Cookie:surborg@ad.zanox.com/ ]
C:\USERS\SURBORG\Cookies\BR44826V.txt [ Cookie:surborg@zanox.com/ ]
C:\USERS\SURBORG\Cookies\surborg@smartadserver[1].txt [ Cookie:surborg@smartadserver.com/ ]
C:\USERS\SURBORG\Cookies\G9SGKU8J.txt [ Cookie:surborg@dyntracker.com/ ]
C:\USERS\SURBORG\Cookies\QU0B3SSE.txt [ Cookie:surborg@zanox-affiliate.de/ ]
.doubleclick.net [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.adfarm1.adition.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SURBORG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SURBORG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SURBORG@TRIBALFUSION[1].TXT [ /TRIBALFUSION ]
C:\USERS\SURBORG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SURBORG@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
C:\USERS\SURBORG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SURBORG@AD.AD-SRV[2].TXT [ /AD.AD-SRV ]
C:\USERS\SURBORG\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SURBORG@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
.adtech.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.uk.at.atwola.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whkiekcpsep.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whmiujcpmfp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whlicnazmfp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdmyaod5kho.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.loyaltypartner.122.2o7.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wal4ukcziho.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
media.stage-entertainment.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekiekdpeeo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
eas4.emediate.eu [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www6.addfreestats.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
adserv.vfl-wolfsburg.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.mediabiz.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekiwkcjweq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
adserver.bravado.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdmiwocjedp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmyalczkfo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmyuhajiaq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmicpdjgbp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjl4knc5mcq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
buntebilder.trendymedia.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
urbia.wwe-media.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
banner.testberichte.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmmyqnazeko.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wclygnc5gcp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
tracking.caspardo.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfmigldjgkp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmyenczkgo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.findmyhome.at [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnl4wkdpkao.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjliehc5gcp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
count.asnetworks.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfk4uicjsap.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whkykncpslq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkowkcjilo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmmikmcpedo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmmyagazelo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekigmdjcgp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmk4omdzaho.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjl4ugcpkko.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlokic5aho.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkyokc5iaq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlyuodjcko.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlycndpalo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmk4koajakp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgloqoajkfo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelicndpshp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlicodpelp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkokod5oep.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekouldjoeo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmyooc5gbq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkoekazwap.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whkisjdpgkp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnl4kpazmdq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgk4wmdpsbp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.webstat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.webstat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.webstat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkisnczcdp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekoopdjwep.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkoanazmeq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wcmiwld5sdo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
int.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.apodiscounter.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.lfstmedia.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.newsclick.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.newsclick.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
counters.gigya.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkoend5ecp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmyqiczsko.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wcl4gpazweq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.stats.ebay.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelyclcpmkp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkyaoajahq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
vb.mol.vs.bluedotmedia.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
vb.mol.vs.bluedotmedia.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
media2.tchibo-content.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
media4.tchibo-content.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
media3.tchibo-content.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmkyckdzsgp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
newsletter.apodiscounter.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.apodiscounter.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.apodiscounter.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.apodiscounter.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.apodiscounter.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkosoczwfp.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wbkyunazclo.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.countryliving.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.countryliving.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.countryliving.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.countryliving.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.countryliving.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.www.countryliving.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.countryliving.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.countryliving.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmmysgdpghq.stats.esomniture.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.xxxlmoebelhaeuser.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.xxxlmoebelhaeuser.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.xxxlmoebelhaeuser.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.xxxlmoebelhaeuser.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\SURBORG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KFDI17RI.DEFAULT\COOKIES.SQLITE ]
|
|
02.05.2012, 19:11
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spyhunter 4 läßt sich nicht entfernen. Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2012, 19:45
| #30 |
| | Spyhunter 4 läßt sich nicht entfernen. Ich habe gerade mal den Spyhunter suchen lassen,glaube aber der ist jetzt weg. Gute Idee,zum wilden Surfen einen anderen Browser zu benutzen.Das werde ich auch machen. Ich danke für die tolle Hilfe und werde wieder etwas überweisen. Morgen schau ich mir dann nochmal den PC meines Sohnes an , wenn ich da nicht zurecht komme (da ist auch dieser hartnäckige Spyhunter drauf,mehr glaub ich aber nicht) würde ich mich nochmal melden. Gruß Petra |
|
| Themen zu Spyhunter 4 läßt sich nicht entfernen. |
| aktualisiert, ausgeführt, dateien, entdeck, entdeckt, entferne, entfernen, folge, freue, gefunde, google, googlen, hoffe, infizierte, infizierte dateien, interne, internet, konnte, laptop, malwarebytes, nicht mehr, performer, problem, spyhunter, stick, windows, würde |
Linear-Darstellung
