| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: My Security ShieldWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.07.2012, 21:05
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  My Security Shield Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.07.2012, 07:47
| #17 |
 | My Security ShieldCode:
ATTFilter 08:40:36.0699 2516 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
08:40:36.0714 2516 ============================================================
08:40:36.0714 2516 Current date / time: 2012/07/11 08:40:36.0714
08:40:36.0714 2516 SystemInfo:
08:40:36.0714 2516
08:40:36.0714 2516 OS Version: 6.1.7601 ServicePack: 1.0
08:40:36.0714 2516 Product type: Workstation
08:40:36.0730 2516 ComputerName: FRANZISKA-PC
08:40:36.0730 2516 UserName: Franziska
08:40:36.0730 2516 Windows directory: C:\Windows
08:40:36.0730 2516 System windows directory: C:\Windows
08:40:36.0730 2516 Running under WOW64
08:40:36.0730 2516 Processor architecture: Intel x64
08:40:36.0730 2516 Number of processors: 2
08:40:36.0730 2516 Page size: 0x1000
08:40:36.0730 2516 Boot type: Normal boot
08:40:36.0730 2516 ============================================================
08:40:37.0323 2516 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:40:37.0338 2516 Drive \Device\Harddisk1\DR1 - Size: 0x1DE000000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:40:37.0338 2516 ============================================================
08:40:37.0338 2516 \Device\Harddisk0\DR0:
08:40:37.0338 2516 MBR partitions:
08:40:37.0338 2516 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F00800, BlocksNum 0x32000
08:40:37.0354 2516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F33000, BlocksNum 0x38452800
08:40:37.0354 2516 \Device\Harddisk1\DR1:
08:40:37.0354 2516 MBR partitions:
08:40:37.0354 2516 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x890, BlocksNum 0xEEF770
08:40:37.0354 2516 ============================================================
08:40:37.0385 2516 C: <-> \Device\Harddisk0\DR0\Partition1
08:40:37.0385 2516 ============================================================
08:40:37.0385 2516 Initialize success
08:40:37.0385 2516 ============================================================
08:41:07.0587 1324 ============================================================
08:41:07.0587 1324 Scan started
08:41:07.0587 1324 Mode: Manual; SigCheck; TDLFS;
08:41:07.0587 1324 ============================================================
08:41:09.0178 1324 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:41:09.0334 1324 1394ohci - ok
08:41:09.0428 1324 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:41:09.0475 1324 ACPI - ok
08:41:09.0553 1324 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:41:09.0615 1324 AcpiPmi - ok
08:41:09.0740 1324 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:41:09.0818 1324 adp94xx - ok
08:41:09.0927 1324 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:41:09.0974 1324 adpahci - ok
08:41:10.0021 1324 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:41:10.0067 1324 adpu320 - ok
08:41:10.0177 1324 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:41:10.0333 1324 AeLookupSvc - ok
08:41:10.0457 1324 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:41:10.0567 1324 AFD - ok
08:41:10.0629 1324 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe
08:41:10.0691 1324 AgereModemAudio - ok
08:41:10.0879 1324 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\Windows\system32\DRIVERS\agrsm64.sys
08:41:10.0957 1324 AgereSoftModem - ok
08:41:11.0035 1324 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:41:11.0066 1324 agp440 - ok
08:41:11.0097 1324 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:41:11.0144 1324 ALG - ok
08:41:11.0175 1324 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:41:11.0191 1324 aliide - ok
08:41:11.0206 1324 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:41:11.0222 1324 amdide - ok
08:41:11.0253 1324 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:41:11.0284 1324 AmdK8 - ok
08:41:11.0315 1324 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:41:11.0347 1324 AmdPPM - ok
08:41:11.0409 1324 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:41:11.0456 1324 amdsata - ok
08:41:11.0534 1324 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:41:11.0581 1324 amdsbs - ok
08:41:11.0596 1324 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:41:11.0612 1324 amdxata - ok
08:41:11.0659 1324 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:41:11.0752 1324 AppID - ok
08:41:11.0783 1324 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:41:11.0861 1324 AppIDSvc - ok
08:41:11.0939 1324 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:41:12.0064 1324 Appinfo - ok
08:41:12.0283 1324 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:41:12.0298 1324 Apple Mobile Device - ok
08:41:12.0361 1324 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:41:12.0407 1324 arc - ok
08:41:12.0423 1324 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:41:12.0470 1324 arcsas - ok
08:41:12.0517 1324 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:41:12.0610 1324 AsyncMac - ok
08:41:12.0641 1324 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:41:12.0657 1324 atapi - ok
08:41:12.0797 1324 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:41:12.0938 1324 AudioEndpointBuilder - ok
08:41:12.0953 1324 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:41:13.0016 1324 AudioSrv - ok
08:41:13.0063 1324 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:41:13.0141 1324 AxInstSV - ok
08:41:13.0234 1324 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:41:13.0297 1324 b06bdrv - ok
08:41:13.0359 1324 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:41:13.0437 1324 b57nd60a - ok
08:41:13.0499 1324 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:41:13.0546 1324 BDESVC - ok
08:41:13.0577 1324 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:41:13.0640 1324 Beep - ok
08:41:13.0780 1324 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
08:41:13.0921 1324 BFE - ok
08:41:14.0123 1324 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
08:41:14.0279 1324 BITS - ok
08:41:14.0342 1324 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:41:14.0373 1324 blbdrive - ok
08:41:14.0529 1324 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
08:41:14.0560 1324 Bonjour Service - ok
08:41:14.0623 1324 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:41:14.0654 1324 bowser - ok
08:41:14.0685 1324 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:41:14.0732 1324 BrFiltLo - ok
08:41:14.0763 1324 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:41:14.0779 1324 BrFiltUp - ok
08:41:14.0810 1324 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:41:14.0919 1324 Browser - ok
08:41:14.0981 1324 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:41:15.0059 1324 Brserid - ok
08:41:15.0075 1324 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:41:15.0137 1324 BrSerWdm - ok
08:41:15.0169 1324 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:41:15.0231 1324 BrUsbMdm - ok
08:41:15.0231 1324 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:41:15.0293 1324 BrUsbSer - ok
08:41:15.0309 1324 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:41:15.0403 1324 BTHMODEM - ok
08:41:15.0434 1324 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:41:15.0543 1324 bthserv - ok
08:41:15.0652 1324 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
08:41:15.0699 1324 btwaudio - ok
08:41:15.0761 1324 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
08:41:15.0793 1324 btwavdt - ok
08:41:15.0839 1324 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:41:15.0917 1324 cdfs - ok
08:41:15.0980 1324 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
08:41:16.0042 1324 cdrom - ok
08:41:16.0089 1324 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:41:16.0198 1324 CertPropSvc - ok
08:41:16.0245 1324 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:41:16.0276 1324 circlass - ok
08:41:16.0432 1324 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:41:16.0495 1324 CLFS - ok
08:41:16.0557 1324 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:41:16.0619 1324 clr_optimization_v2.0.50727_32 - ok
08:41:16.0697 1324 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:41:16.0760 1324 clr_optimization_v2.0.50727_64 - ok
08:41:16.0853 1324 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:41:16.0885 1324 clr_optimization_v4.0.30319_32 - ok
08:41:16.0931 1324 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:41:16.0978 1324 clr_optimization_v4.0.30319_64 - ok
08:41:17.0041 1324 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:41:17.0087 1324 CmBatt - ok
08:41:17.0134 1324 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:41:17.0165 1324 cmdide - ok
08:41:17.0321 1324 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
08:41:17.0415 1324 CNG - ok
08:41:17.0462 1324 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:41:17.0493 1324 Compbatt - ok
08:41:17.0571 1324 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:41:17.0696 1324 CompositeBus - ok
08:41:17.0711 1324 COMSysApp - ok
08:41:17.0727 1324 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:41:17.0743 1324 crcdisk - ok
08:41:17.0805 1324 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
08:41:17.0883 1324 CryptSvc - ok
08:41:17.0977 1324 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:41:18.0086 1324 DcomLaunch - ok
08:41:18.0179 1324 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:41:18.0273 1324 defragsvc - ok
08:41:18.0320 1324 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:41:18.0429 1324 DfsC - ok
08:41:18.0507 1324 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:41:18.0601 1324 Dhcp - ok
08:41:18.0616 1324 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:41:18.0725 1324 discache - ok
08:41:18.0757 1324 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:41:18.0788 1324 Disk - ok
08:41:19.0271 1324 DKbFltr (d5bcb77be83cf99f508943945d46343d) C:\Windows\syswow64\Drivers\DKbFltr.sys
08:41:19.0303 1324 DKbFltr - ok
08:41:19.0412 1324 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:41:19.0537 1324 Dnscache - ok
08:41:19.0599 1324 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:41:19.0724 1324 dot3svc - ok
08:41:19.0771 1324 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:41:19.0895 1324 DPS - ok
08:41:19.0927 1324 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:41:19.0958 1324 drmkaud - ok
08:41:20.0145 1324 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:41:20.0223 1324 DXGKrnl - ok
08:41:20.0254 1324 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:41:20.0317 1324 EapHost - ok
08:41:20.0925 1324 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:41:21.0081 1324 ebdrv - ok
08:41:21.0268 1324 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:41:21.0331 1324 EFS - ok
08:41:21.0549 1324 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:41:21.0627 1324 ehRecvr - ok
08:41:21.0705 1324 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:41:21.0767 1324 ehSched - ok
08:41:21.0908 1324 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:41:22.0001 1324 elxstor - ok
08:41:22.0267 1324 ePowerSvc (c75ce2e262fee152f43c230d59f92dae) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
08:41:22.0313 1324 ePowerSvc - ok
08:41:22.0579 1324 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:41:22.0641 1324 ErrDev - ok
08:41:22.0750 1324 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:41:22.0844 1324 EventSystem - ok
08:41:22.0906 1324 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:41:23.0031 1324 exfat - ok
08:41:23.0093 1324 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:41:23.0218 1324 fastfat - ok
08:41:23.0374 1324 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:41:23.0468 1324 Fax - ok
08:41:23.0499 1324 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:41:23.0515 1324 fdc - ok
08:41:23.0561 1324 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:41:23.0655 1324 fdPHost - ok
08:41:23.0671 1324 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:41:23.0733 1324 FDResPub - ok
08:41:23.0764 1324 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:41:23.0795 1324 FileInfo - ok
08:41:23.0842 1324 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:41:23.0905 1324 Filetrace - ok
08:41:23.0951 1324 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:41:23.0967 1324 flpydisk - ok
08:41:24.0029 1324 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:41:24.0092 1324 FltMgr - ok
08:41:24.0279 1324 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:41:24.0404 1324 FontCache - ok
08:41:24.0544 1324 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:41:24.0591 1324 FontCache3.0.0.0 - ok
08:41:24.0622 1324 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:41:24.0653 1324 FsDepends - ok
08:41:24.0700 1324 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
08:41:24.0731 1324 Fs_Rec - ok
08:41:24.0794 1324 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:41:24.0841 1324 fvevol - ok
08:41:24.0872 1324 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:41:24.0887 1324 gagp30kx - ok
08:41:24.0965 1324 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:41:25.0012 1324 GEARAspiWDM - ok
08:41:25.0153 1324 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:41:25.0324 1324 gpsvc - ok
08:41:25.0558 1324 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
08:41:25.0605 1324 Greg_Service - ok
08:41:25.0667 1324 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:41:25.0714 1324 gusvc - ok
08:41:26.0011 1324 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
08:41:26.0042 1324 hamachi - ok
08:41:26.0447 1324 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
08:41:26.0510 1324 Hamachi2Svc - ok
08:41:26.0759 1324 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:41:26.0791 1324 hcw85cir - ok
08:41:26.0884 1324 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:41:26.0978 1324 HdAudAddService - ok
08:41:27.0040 1324 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:41:27.0087 1324 HDAudBus - ok
08:41:27.0118 1324 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:41:27.0149 1324 HidBatt - ok
08:41:27.0181 1324 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:41:27.0243 1324 HidBth - ok
08:41:27.0305 1324 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:41:27.0352 1324 HidIr - ok
08:41:27.0383 1324 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
08:41:27.0477 1324 hidserv - ok
08:41:27.0555 1324 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
08:41:27.0586 1324 HidUsb - ok
08:41:27.0633 1324 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:41:27.0727 1324 hkmsvc - ok
08:41:27.0836 1324 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:41:27.0914 1324 HomeGroupListener - ok
08:41:27.0976 1324 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:41:28.0054 1324 HomeGroupProvider - ok
08:41:28.0117 1324 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:41:28.0163 1324 HpSAMD - ok
08:41:28.0319 1324 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:41:28.0429 1324 HTTP - ok
08:41:28.0460 1324 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:41:28.0475 1324 hwpolicy - ok
08:41:28.0569 1324 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:41:28.0600 1324 i8042prt - ok
08:41:28.0741 1324 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
08:41:28.0772 1324 IAANTMON - ok
08:41:28.0881 1324 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
08:41:28.0897 1324 iaStor - ok
08:41:28.0990 1324 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:41:29.0053 1324 iaStorV - ok
08:41:29.0333 1324 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:41:29.0411 1324 idsvc - ok
08:41:30.0394 1324 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
08:41:30.0628 1324 igfx - ok
08:41:30.0971 1324 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:41:31.0003 1324 iirsp - ok
08:41:31.0143 1324 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:41:31.0315 1324 IKEEXT - ok
08:41:31.0393 1324 int15.sys (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\System32\OEM\Factory\int15.sys
08:41:31.0424 1324 int15.sys - ok
08:41:31.0736 1324 IntcAzAudAddService (430aab6c09af99d5beb311795349e9dd) C:\Windows\system32\drivers\RTKVHD64.sys
08:41:31.0861 1324 IntcAzAudAddService - ok
08:41:32.0063 1324 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:41:32.0079 1324 intelide - ok
08:41:32.0141 1324 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:41:32.0173 1324 intelppm - ok
08:41:32.0219 1324 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:41:32.0329 1324 IPBusEnum - ok
08:41:32.0563 1324 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:41:32.0641 1324 IpFilterDriver - ok
08:41:32.0750 1324 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
08:41:32.0890 1324 iphlpsvc - ok
08:41:32.0937 1324 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:41:32.0984 1324 IPMIDRV - ok
08:41:33.0077 1324 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:41:33.0155 1324 IPNAT - ok
08:41:33.0358 1324 iPod Service (d38469601b72d2da4f847fc642174e21) C:\Program Files\iPod\bin\iPodService.exe
08:41:33.0421 1324 iPod Service - ok
08:41:33.0452 1324 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:41:33.0499 1324 IRENUM - ok
08:41:33.0530 1324 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:41:33.0545 1324 isapnp - ok
08:41:33.0608 1324 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:41:33.0670 1324 iScsiPrt - ok
08:41:33.0717 1324 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:41:33.0748 1324 kbdclass - ok
08:41:33.0764 1324 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:41:33.0779 1324 kbdhid - ok
08:41:33.0826 1324 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:41:33.0842 1324 KeyIso - ok
08:41:33.0873 1324 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
08:41:33.0889 1324 KSecDD - ok
08:41:33.0935 1324 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
08:41:33.0982 1324 KSecPkg - ok
08:41:33.0998 1324 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:41:34.0091 1324 ksthunk - ok
08:41:34.0154 1324 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:41:34.0247 1324 KtmRm - ok
08:41:34.0294 1324 L1C (2377ec4cc3e356655b996f39b43486b6) C:\Windows\system32\DRIVERS\L1C62x64.sys
08:41:34.0325 1324 L1C - ok
08:41:34.0388 1324 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
08:41:34.0481 1324 LanmanServer - ok
08:41:34.0513 1324 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:41:34.0622 1324 LanmanWorkstation - ok
08:41:34.0669 1324 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:41:34.0700 1324 lltdio - ok
08:41:34.0747 1324 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:41:34.0887 1324 lltdsvc - ok
08:41:34.0918 1324 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:41:34.0996 1324 lmhosts - ok
08:41:35.0043 1324 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:41:35.0105 1324 LSI_FC - ok
08:41:35.0152 1324 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:41:35.0183 1324 LSI_SAS - ok
08:41:35.0199 1324 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:41:35.0230 1324 LSI_SAS2 - ok
08:41:35.0261 1324 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:41:35.0308 1324 LSI_SCSI - ok
08:41:35.0339 1324 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:41:35.0449 1324 luafv - ok
08:41:35.0480 1324 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
08:41:35.0495 1324 MBAMProtector - ok
08:41:35.0698 1324 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:41:35.0761 1324 MBAMService - ok
08:41:35.0792 1324 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:41:35.0839 1324 Mcx2Svc - ok
08:41:35.0870 1324 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:41:35.0901 1324 megasas - ok
08:41:35.0963 1324 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:41:36.0010 1324 MegaSR - ok
08:41:36.0057 1324 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:41:36.0197 1324 MMCSS - ok
08:41:36.0229 1324 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:41:36.0291 1324 Modem - ok
08:41:36.0307 1324 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:41:36.0338 1324 monitor - ok
08:41:36.0400 1324 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
08:41:36.0431 1324 mouclass - ok
08:41:36.0478 1324 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:41:36.0525 1324 mouhid - ok
08:41:36.0572 1324 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:41:36.0619 1324 mountmgr - ok
08:41:36.0759 1324 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:41:36.0806 1324 MozillaMaintenance - ok
08:41:36.0884 1324 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
08:41:36.0946 1324 MpFilter - ok
08:41:36.0993 1324 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:41:37.0040 1324 mpio - ok
08:41:37.0071 1324 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:41:37.0149 1324 mpsdrv - ok
08:41:37.0289 1324 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
08:41:37.0399 1324 MpsSvc - ok
08:41:37.0445 1324 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:41:37.0523 1324 MRxDAV - ok
08:41:37.0601 1324 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:41:37.0695 1324 mrxsmb - ok
08:41:37.0820 1324 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:41:37.0882 1324 mrxsmb10 - ok
08:41:37.0945 1324 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:41:37.0991 1324 mrxsmb20 - ok
08:41:38.0038 1324 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:41:38.0069 1324 msahci - ok
08:41:38.0132 1324 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:41:38.0163 1324 msdsm - ok
08:41:38.0272 1324 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:41:38.0350 1324 MSDTC - ok
08:41:38.0444 1324 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:41:38.0522 1324 Msfs - ok
08:41:38.0553 1324 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:41:38.0678 1324 mshidkmdf - ok
08:41:38.0725 1324 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:41:38.0740 1324 msisadrv - ok
08:41:38.0803 1324 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:41:38.0865 1324 MSiSCSI - ok
08:41:38.0865 1324 msiserver - ok
08:41:38.0912 1324 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:41:38.0959 1324 MSKSSRV - ok
08:41:39.0068 1324 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:41:39.0099 1324 MsMpSvc - ok
08:41:39.0130 1324 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:41:39.0224 1324 MSPCLOCK - ok
08:41:39.0239 1324 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:41:39.0271 1324 MSPQM - ok
08:41:39.0395 1324 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:41:39.0442 1324 MsRPC - ok
08:41:39.0473 1324 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:41:39.0489 1324 mssmbios - ok
08:41:39.0520 1324 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:41:39.0583 1324 MSTEE - ok
08:41:39.0661 1324 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:41:39.0723 1324 MTConfig - ok
08:41:39.0770 1324 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:41:39.0785 1324 Mup - ok
08:41:39.0817 1324 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
08:41:39.0832 1324 mwlPSDFilter - ok
08:41:39.0848 1324 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
08:41:39.0848 1324 mwlPSDNServ - ok
08:41:39.0910 1324 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
08:41:39.0941 1324 mwlPSDVDisk - ok
08:41:40.0129 1324 MWLService (0f5faac852db4c340b7a2f187e3358b8) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
08:41:40.0160 1324 MWLService - ok
08:41:40.0238 1324 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:41:40.0363 1324 napagent - ok
08:41:40.0456 1324 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:41:40.0519 1324 NativeWifiP - ok
08:41:40.0675 1324 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:41:40.0768 1324 NDIS - ok
08:41:40.0815 1324 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:41:40.0909 1324 NdisCap - ok
08:41:40.0924 1324 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:41:40.0971 1324 NdisTapi - ok
08:41:41.0018 1324 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:41:41.0096 1324 Ndisuio - ok
08:41:41.0143 1324 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:41:41.0252 1324 NdisWan - ok
08:41:41.0299 1324 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:41:41.0377 1324 NDProxy - ok
08:41:41.0439 1324 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:41:41.0517 1324 NetBIOS - ok
08:41:41.0564 1324 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:41:41.0673 1324 NetBT - ok
08:41:41.0720 1324 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:41:41.0720 1324 Netlogon - ok
08:41:41.0782 1324 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:41:41.0891 1324 Netman - ok
08:41:41.0969 1324 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:41:42.0110 1324 netprofm - ok
08:41:42.0219 1324 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:41:42.0266 1324 NetTcpPortSharing - ok
08:41:43.0217 1324 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
08:41:43.0483 1324 NETw5s64 - ok
08:41:44.0309 1324 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
08:41:44.0481 1324 netw5v64 - ok
08:41:44.0653 1324 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:41:44.0684 1324 nfrd960 - ok
08:41:44.0793 1324 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:41:44.0824 1324 NisDrv - ok
08:41:45.0043 1324 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
08:41:45.0121 1324 NisSrv - ok
08:41:45.0214 1324 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:41:45.0323 1324 NlaSvc - ok
08:41:45.0401 1324 nmwcdx64 (ad8c3895155ee8d057f073856b2d5851) C:\Windows\system32\drivers\nmwcdx64.sys
08:41:45.0495 1324 nmwcdx64 - ok
08:41:45.0526 1324 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:41:45.0573 1324 Npfs - ok
08:41:45.0589 1324 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:41:45.0682 1324 nsi - ok
08:41:45.0729 1324 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:41:45.0823 1324 nsiproxy - ok
08:41:46.0135 1324 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:41:46.0275 1324 Ntfs - ok
08:41:46.0400 1324 NTI IScheduleSvc (70e3eb0cef795d348f05e5a9b115f491) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
08:41:46.0415 1324 NTI IScheduleSvc - ok
08:41:46.0509 1324 NTIBackupSvc (fd324cce1d4d5bb5af65f8e55b462c7e) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
08:41:46.0540 1324 NTIBackupSvc - ok
08:41:46.0712 1324 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
08:41:46.0743 1324 NTIDrvr - ok
08:41:46.0821 1324 NTISchedulerSvc (3f6268a2ec33cd38cf75c880af8ded42) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
08:41:46.0899 1324 NTISchedulerSvc - ok
08:41:46.0930 1324 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:41:47.0024 1324 Null - ok
08:41:47.0102 1324 nuvotoncir (6f09cb36c344b98356978b37ba9ad42b) C:\Windows\system32\DRIVERS\nuvotoncir.sys
08:41:47.0180 1324 nuvotoncir - ok
08:41:47.0289 1324 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys
08:41:47.0320 1324 NVHDA - ok
08:41:49.0005 1324 nvlddmkm (ccb87cbaf1b9c24b874ff10fc9e260f3) C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:41:49.0348 1324 nvlddmkm - ok
08:41:49.0489 1324 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:41:49.0520 1324 nvraid - ok
08:41:49.0582 1324 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:41:49.0629 1324 nvstor - ok
08:41:49.0691 1324 nvsvc (522b2ad8d62e3d5c82a745ad523f65fa) C:\Windows\system32\nvvsvc.exe
08:41:49.0738 1324 nvsvc - ok
08:41:49.0754 1324 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:41:49.0785 1324 nv_agp - ok
08:41:49.0832 1324 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:41:49.0894 1324 ohci1394 - ok
08:41:50.0019 1324 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:41:50.0050 1324 ose - ok
08:41:51.0688 1324 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:41:51.0829 1324 osppsvc - ok
08:41:52.0031 1324 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:41:52.0156 1324 p2pimsvc - ok
08:41:52.0265 1324 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:41:52.0328 1324 p2psvc - ok
08:41:52.0390 1324 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:41:52.0484 1324 Parport - ok
08:41:52.0515 1324 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
08:41:52.0546 1324 partmgr - ok
08:41:52.0624 1324 Partner Service (9665402b7fa59302d520ad845ddfc026) C:\ProgramData\Partner\Partner.exe
08:41:52.0655 1324 Partner Service - ok
08:41:53.0014 1324 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:41:53.0108 1324 PcaSvc - ok
08:41:53.0389 1324 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:41:53.0451 1324 pci - ok
08:41:53.0451 1324 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:41:53.0467 1324 pciide - ok
08:41:53.0529 1324 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:41:53.0607 1324 pcmcia - ok
08:41:53.0623 1324 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:41:53.0638 1324 pcw - ok
08:41:53.0732 1324 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:41:53.0825 1324 PEAUTH - ok
08:41:54.0106 1324 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:41:54.0169 1324 PerfHost - ok
08:41:54.0512 1324 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:41:54.0637 1324 pla - ok
08:41:54.0746 1324 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:41:54.0793 1324 PlugPlay - ok
08:41:54.0839 1324 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:41:54.0902 1324 PNRPAutoReg - ok
08:41:54.0964 1324 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:41:55.0011 1324 PNRPsvc - ok
08:41:55.0120 1324 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:41:55.0276 1324 PolicyAgent - ok
08:41:55.0323 1324 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:41:55.0432 1324 Power - ok
08:41:55.0526 1324 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:41:55.0651 1324 PptpMiniport - ok
08:41:55.0682 1324 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:41:55.0744 1324 Processor - ok
08:41:55.0807 1324 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
08:41:55.0885 1324 ProfSvc - ok
08:41:55.0931 1324 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:41:55.0963 1324 ProtectedStorage - ok
08:41:56.0041 1324 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:41:56.0134 1324 Psched - ok
08:41:56.0477 1324 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:41:56.0571 1324 ql2300 - ok
08:41:56.0821 1324 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:41:56.0883 1324 ql40xx - ok
08:41:56.0992 1324 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:41:57.0039 1324 QWAVE - ok
08:41:57.0101 1324 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:41:57.0148 1324 QWAVEdrv - ok
08:41:57.0195 1324 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:41:57.0257 1324 RasAcd - ok
08:41:57.0304 1324 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:41:57.0351 1324 RasAgileVpn - ok
08:41:57.0382 1324 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:41:57.0429 1324 RasAuto - ok
08:41:57.0460 1324 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:41:57.0554 1324 Rasl2tp - ok
08:41:57.0647 1324 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:41:57.0772 1324 RasMan - ok
08:41:57.0803 1324 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:41:57.0850 1324 RasPppoe - ok
08:41:57.0881 1324 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:41:57.0944 1324 RasSstp - ok
08:41:57.0991 1324 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:41:58.0084 1324 rdbss - ok
08:41:58.0100 1324 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:41:58.0162 1324 rdpbus - ok
08:41:58.0193 1324 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:41:58.0287 1324 RDPCDD - ok
08:41:58.0334 1324 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:41:58.0427 1324 RDPENCDD - ok
08:41:58.0459 1324 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:41:58.0537 1324 RDPREFMP - ok
08:41:58.0599 1324 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
08:41:58.0661 1324 RDPWD - ok
08:41:58.0739 1324 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:41:58.0849 1324 rdyboost - ok
08:41:59.0005 1324 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:41:59.0145 1324 RemoteAccess - ok
08:41:59.0192 1324 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:41:59.0332 1324 RemoteRegistry - ok
08:41:59.0379 1324 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:41:59.0441 1324 RpcEptMapper - ok
08:41:59.0473 1324 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:41:59.0504 1324 RpcLocator - ok
08:41:59.0597 1324 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:41:59.0660 1324 RpcSs - ok
08:41:59.0691 1324 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:41:59.0785 1324 rspndr - ok
08:41:59.0878 1324 RSUSBSTOR (a5df2f732a6c95554e548fcb6932bd31) C:\Windows\system32\Drivers\RtsUStor.sys
08:41:59.0925 1324 RSUSBSTOR - ok
08:42:00.0050 1324 RS_Service (b5a4b7d779cf4070df408de18bd33b02) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
08:42:00.0065 1324 RS_Service ( UnsignedFile.Multi.Generic ) - warning
08:42:00.0065 1324 RS_Service - detected UnsignedFile.Multi.Generic (1)
08:42:00.0175 1324 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:42:00.0206 1324 SamSs - ok
08:42:00.0253 1324 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:42:00.0299 1324 sbp2port - ok
08:42:00.0362 1324 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:42:00.0424 1324 SCardSvr - ok
08:42:00.0518 1324 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:42:00.0611 1324 scfilter - ok
08:42:00.0814 1324 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:42:00.0970 1324 Schedule - ok
08:42:01.0251 1324 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:42:01.0298 1324 SCPolicySvc - ok
08:42:01.0485 1324 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:42:01.0563 1324 SDRSVC - ok
08:42:01.0625 1324 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:42:01.0688 1324 secdrv - ok
08:42:01.0719 1324 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:42:01.0766 1324 seclogon - ok
08:42:01.0875 1324 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
08:42:01.0984 1324 SENS - ok
08:42:02.0015 1324 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:42:02.0047 1324 SensrSvc - ok
08:42:02.0093 1324 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:42:02.0125 1324 Serenum - ok
08:42:02.0156 1324 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:42:02.0218 1324 Serial - ok
08:42:02.0265 1324 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:42:02.0296 1324 sermouse - ok
08:42:02.0390 1324 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:42:02.0499 1324 SessionEnv - ok
08:42:02.0764 1324 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:42:02.0811 1324 sffdisk - ok
08:42:02.0827 1324 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:42:02.0858 1324 sffp_mmc - ok
08:42:02.0873 1324 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:42:02.0920 1324 sffp_sd - ok
08:42:02.0967 1324 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:42:03.0014 1324 sfloppy - ok
08:42:03.0092 1324 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:42:03.0201 1324 SharedAccess - ok
08:42:03.0357 1324 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:42:03.0466 1324 ShellHWDetection - ok
08:42:03.0513 1324 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:42:03.0529 1324 SiSRaid2 - ok
08:42:03.0544 1324 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:42:03.0560 1324 SiSRaid4 - ok
08:42:03.0591 1324 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:42:03.0685 1324 Smb - ok
08:42:03.0731 1324 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:42:03.0763 1324 SNMPTRAP - ok
08:42:03.0763 1324 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:42:03.0794 1324 spldr - ok
08:42:03.0872 1324 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:42:03.0950 1324 Spooler - ok
08:42:04.0558 1324 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:42:04.0777 1324 sppsvc - ok
08:42:05.0042 1324 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:42:05.0120 1324 sppuinotify - ok
08:42:05.0354 1324 sptd (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys
08:42:05.0401 1324 sptd - ok
08:42:05.0541 1324 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:42:05.0603 1324 srv - ok
08:42:05.0713 1324 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:42:05.0775 1324 srv2 - ok
08:42:05.0853 1324 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:42:05.0900 1324 srvnet - ok
08:42:05.0962 1324 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:42:06.0071 1324 SSDPSRV - ok
08:42:06.0087 1324 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:42:06.0134 1324 SstpSvc - ok
08:42:06.0149 1324 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:42:06.0165 1324 stexstor - ok
08:42:06.0259 1324 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:42:06.0321 1324 stisvc - ok
08:42:06.0352 1324 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:42:06.0368 1324 swenum - ok
08:42:06.0446 1324 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:42:06.0602 1324 swprv - ok
08:42:06.0680 1324 SynTP (924d711941956f7420a4925592be8253) C:\Windows\system32\DRIVERS\SynTP.sys
08:42:06.0727 1324 SynTP - ok
08:42:06.0976 1324 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:42:07.0101 1324 SysMain - ok
08:42:07.0538 1324 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:42:07.0600 1324 TabletInputService - ok
08:42:07.0678 1324 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:42:07.0787 1324 TapiSrv - ok
08:42:07.0834 1324 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:42:07.0912 1324 TBS - ok
08:42:08.0271 1324 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
08:42:08.0365 1324 Tcpip - ok
08:42:09.0004 1324 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
08:42:09.0051 1324 TCPIP6 - ok
08:42:09.0363 1324 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:42:09.0472 1324 tcpipreg - ok
08:42:09.0550 1324 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:42:09.0581 1324 TDPIPE - ok
08:42:09.0613 1324 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:42:09.0644 1324 TDTCP - ok
08:42:09.0706 1324 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:42:09.0784 1324 tdx - ok
08:42:09.0815 1324 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:42:09.0831 1324 TermDD - ok
08:42:09.0971 1324 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:42:10.0096 1324 TermService - ok
08:42:10.0174 1324 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:42:10.0268 1324 Themes - ok
08:42:10.0315 1324 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:42:10.0346 1324 THREADORDER - ok
08:42:10.0424 1324 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:42:10.0549 1324 TrkWks - ok
08:42:10.0627 1324 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:42:10.0720 1324 TrustedInstaller - ok
08:42:10.0892 1324 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:42:10.0954 1324 tssecsrv - ok
08:42:11.0017 1324 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:42:11.0079 1324 TsUsbFlt - ok
08:42:11.0157 1324 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:42:11.0235 1324 tunnel - ok
08:42:11.0360 1324 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:42:11.0391 1324 uagp35 - ok
08:42:11.0438 1324 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
08:42:11.0453 1324 UBHelper - ok
08:42:11.0531 1324 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:42:11.0656 1324 udfs - ok
08:42:11.0734 1324 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:42:11.0781 1324 UI0Detect - ok
08:42:11.0828 1324 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:42:11.0859 1324 uliagpkx - ok
08:42:11.0906 1324 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
08:42:11.0937 1324 umbus - ok
08:42:11.0968 1324 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:42:11.0999 1324 UmPass - ok
08:42:12.0109 1324 Updater Service (70dde3a86dbeb1d6c3c30ad687b1877a) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
08:42:12.0171 1324 Updater Service - ok
08:42:12.0280 1324 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:42:12.0421 1324 upnphost - ok
08:42:12.0483 1324 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
08:42:12.0514 1324 USBAAPL64 - ok
08:42:12.0577 1324 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:42:12.0623 1324 usbccgp - ok
08:42:12.0670 1324 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:42:12.0717 1324 usbcir - ok
08:42:12.0733 1324 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
08:42:12.0764 1324 usbehci - ok
08:42:12.0826 1324 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:42:12.0857 1324 usbhub - ok
08:42:12.0873 1324 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:42:12.0904 1324 usbohci - ok
08:42:12.0951 1324 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:42:12.0998 1324 usbprint - ok
08:42:13.0045 1324 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:42:13.0076 1324 USBSTOR - ok
08:42:13.0232 1324 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
08:42:13.0279 1324 usbuhci - ok
08:42:13.0341 1324 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
08:42:13.0372 1324 usbvideo - ok
08:42:13.0419 1324 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:42:13.0497 1324 UxSms - ok
08:42:13.0544 1324 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:42:13.0559 1324 VaultSvc - ok
08:42:13.0622 1324 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:42:13.0637 1324 vdrvroot - ok
08:42:13.0747 1324 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:42:13.0856 1324 vds - ok
08:42:13.0918 1324 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:42:13.0949 1324 vga - ok
08:42:13.0981 1324 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:42:14.0059 1324 VgaSave - ok
08:42:14.0105 1324 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:42:14.0168 1324 vhdmp - ok
08:42:14.0246 1324 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:42:14.0277 1324 viaide - ok
08:42:14.0308 1324 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:42:14.0324 1324 volmgr - ok
08:42:14.0417 1324 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:42:14.0480 1324 volmgrx - ok
08:42:14.0558 1324 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:42:14.0605 1324 volsnap - ok
08:42:14.0683 1324 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:42:14.0729 1324 vsmraid - ok
08:42:14.0979 1324 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:42:15.0166 1324 VSS - ok
08:42:15.0790 1324 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
08:42:15.0837 1324 vwifibus - ok
08:42:15.0884 1324 VWiFiFlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:42:15.0946 1324 VWiFiFlt - ok
08:42:15.0977 1324 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
08:42:16.0009 1324 vwifimp - ok
08:42:16.0040 1324 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:42:16.0102 1324 W32Time - ok
08:42:16.0118 1324 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:42:16.0133 1324 WacomPen - ok
08:42:16.0180 1324 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:42:16.0274 1324 WANARP - ok
08:42:16.0305 1324 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:42:16.0352 1324 Wanarpv6 - ok
08:42:16.0601 1324 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:42:16.0711 1324 wbengine - ok
08:42:17.0007 1324 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:42:17.0069 1324 WbioSrvc - ok
08:42:17.0132 1324 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:42:17.0225 1324 wcncsvc - ok
08:42:17.0288 1324 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:42:17.0303 1324 WcsPlugInService - ok
08:42:17.0631 1324 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:42:17.0662 1324 Wd - ok
08:42:17.0756 1324 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:42:17.0818 1324 Wdf01000 - ok
08:42:17.0927 1324 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:42:18.0021 1324 WdiServiceHost - ok
08:42:18.0021 1324 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:42:18.0052 1324 WdiSystemHost - ok
08:42:18.0099 1324 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:42:18.0177 1324 WebClient - ok
08:42:18.0224 1324 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:42:18.0333 1324 Wecsvc - ok
08:42:18.0380 1324 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:42:18.0489 1324 wercplsupport - ok
08:42:18.0520 1324 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:42:18.0583 1324 WerSvc - ok
08:42:18.0645 1324 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:42:18.0723 1324 WfpLwf - ok
08:42:18.0895 1324 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:42:18.0926 1324 WIMMount - ok
08:42:18.0973 1324 WinDefend - ok
08:42:18.0988 1324 WinHttpAutoProxySvc - ok
08:42:19.0316 1324 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:42:19.0409 1324 Winmgmt - ok
08:42:19.0971 1324 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:42:20.0111 1324 WinRM - ok
08:42:20.0642 1324 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:42:20.0704 1324 WinUsb - ok
08:42:20.0891 1324 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:42:21.0001 1324 Wlansvc - ok
08:42:21.0063 1324 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:42:21.0094 1324 WmiAcpi - ok
08:42:21.0250 1324 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:42:21.0313 1324 wmiApSrv - ok
08:42:21.0391 1324 WMPNetworkSvc - ok
08:42:21.0422 1324 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:42:21.0453 1324 WPCSvc - ok
08:42:21.0484 1324 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:42:21.0562 1324 WPDBusEnum - ok
08:42:21.0578 1324 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:42:21.0625 1324 ws2ifsl - ok
08:42:21.0640 1324 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
08:42:21.0671 1324 wscsvc - ok
08:42:21.0687 1324 WSearch - ok
08:42:22.0077 1324 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
08:42:22.0217 1324 wuauserv - ok
08:42:22.0451 1324 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:42:22.0576 1324 WudfPf - ok
08:42:22.0607 1324 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:42:22.0685 1324 WUDFRd - ok
08:42:22.0732 1324 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:42:22.0841 1324 wudfsvc - ok
08:42:22.0888 1324 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:42:23.0013 1324 WwanSvc - ok
08:42:23.0075 1324 MBR (0x1B8) (9c51d3fd2697bd2ae931be1d6f1e6ffa) \Device\Harddisk0\DR0
08:42:24.0199 1324 \Device\Harddisk0\DR0 - ok
08:42:24.0199 1324 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR1
08:42:24.0511 1324 \Device\Harddisk1\DR1 - ok
08:42:24.0542 1324 Boot (0x1200) (daceddfdaee71d5d0819f57847557ae5) \Device\Harddisk0\DR0\Partition0
08:42:24.0542 1324 \Device\Harddisk0\DR0\Partition0 - ok
08:42:24.0635 1324 Boot (0x1200) (a0df840d95c02d1fdb0a98d5ce412c4c) \Device\Harddisk0\DR0\Partition1
08:42:24.0635 1324 \Device\Harddisk0\DR0\Partition1 - ok
08:42:24.0651 1324 Boot (0x1200) (9d6623ead07ce47db978ce890466a6f4) \Device\Harddisk1\DR1\Partition0
08:42:24.0651 1324 \Device\Harddisk1\DR1\Partition0 - ok
08:42:24.0651 1324 ============================================================
08:42:24.0651 1324 Scan finished
08:42:24.0651 1324 ============================================================
08:42:24.0698 3644 Detected object count: 1
08:42:24.0698 3644 Actual detected object count: 1
08:42:47.0723 3644 RS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:42:47.0723 3644 RS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:43:55.0272 2884 Deinitialize success
|
|
11.07.2012, 10:38
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | My Security Shield Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
12.07.2012, 09:49
| #19 |
| | My Security ShieldCode:
ATTFilter ComboFix 12-07-11.03 - Franziska 12.07.2012 10:29:43.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.2729 [GMT 2:00]
ausgeführt von:: c:\users\Franziska\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-12 bis 2012-07-12 ))))))))))))))))))))))))))))))
.
.
2012-07-09 14:53 . 2012-07-09 14:53 -------- d-----w- C:\_OTL
2012-07-06 11:48 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{697579CE-8E87-4A34-8F40-34484A9691E0}\mpengine.dll
2012-07-06 09:50 . 2012-07-06 09:50 -------- d-----w- c:\program files (x86)\ESET
2012-07-06 06:46 . 2012-02-12 13:23 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{48314FB4-5276-4D1F-80B8-1226075DBE11}\gapaengine.dll
2012-07-02 22:01 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-02 20:02 . 2012-07-02 20:02 -------- d-----w- c:\users\Franziska\AppData\Roaming\Malwarebytes
2012-07-02 20:02 . 2012-07-02 20:02 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-02 20:02 . 2012-07-02 20:02 -------- d-----w- c:\programdata\Malwarebytes
2012-07-02 20:02 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-30 18:59 . 2012-06-30 18:59 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-06-28 15:15 . 2012-06-28 15:15 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-06-27 16:22 . 2012-06-27 16:22 2300696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-06-27 16:22 . 2012-06-27 16:22 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-06-22 22:46 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 22:46 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 22:46 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 22:46 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 22:46 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 22:46 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 22:46 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 22:45 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 22:45 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-18 15:19 . 2012-06-18 15:19 -------- d-----w- c:\windows\PCHEALTH
2012-06-18 15:17 . 2012-06-18 15:17 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-06-18 15:16 . 2012-06-18 15:16 -------- d-----r- C:\MSOCache
2012-06-13 15:38 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-30 19:00 . 2009-11-02 17:39 2300696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-06-30 18:59 . 2009-11-04 21:56 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-06-27 16:22 . 2009-11-02 17:39 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-21 261888]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-18 825864]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-07-31 128296]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-08-04 181480]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2009-8-22 708608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-17 113120]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-05-14 5435904]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\nmwcdx64.sys [2007-06-28 173056]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2009-08-22 332272]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 216576]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-07 834544]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-08-18 796192]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-06 311592]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [2009-06-24 48128]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-06 349480]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-08-18 496160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-26 16369768]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-04 8098848]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5739g&r=273611092716l0353z166t47m4y890
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5739g&r=273611092716l0353z166t47m4y890
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Franziska\AppData\Roaming\Mozilla\Firefox\Profiles\dsa8pszz.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Left4Dead 2 2.0.0.2 - c:\program files (x86)\Left4Dead 2 2.0.0.2\Uninstall-Left4Dead2.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-12 10:42:01 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-07-12 08:42
.
Vor Suchlauf: 15 Verzeichnis(se), 385.673.760.768 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 385.160.556.544 Bytes frei
.
- - End Of File - - 1D9C9C658F83786A179B7EA82B7E58E0
|
|
12.07.2012, 13:11
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | My Security Shield Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.07.2012, 16:10
| #21 |
| | My Security ShieldCode:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-12 15:01:22
Windows 6.1.7601 Service Pack 1
Running: qtut8f65.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x3F 0x2B 0xA7 0x12 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF1 0xF9 0x11 0xBA ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD6 0x77 0x44 0x79 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters@DhcpNameServer 81.173.194.69 81.173.194.77
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet0a02\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x3F 0x2B 0xA7 0x12 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF1 0xF9 0x11 0xBA ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD6 0x77 0x44 0x79 ...
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 15:07:43 on 12.07.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 13.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( %SystemRoot%\system32 )----- "nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys "int15.sys" (int15.sys) - "Acer, Inc." - C:\Windows\System32\OEM\Factory\int15.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "NTIDrvr" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\system32\drivers\NTIDrvr.sys "UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Technology Inc." - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} "Google Dictionary Compression sdch" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Franziska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Acer VCM.lnk" - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "ArcadeDeluxeAgent" - "CyberLink Corp." - "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "BackupManagerTray" - "NewTech Infosystems, Inc." - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k "EgisTecLiveUpdate" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" "LManager" - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\LManager.exe "LogMeIn Hamachi Ui" - "LogMeIn Inc." - "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start "PlayMovie" - "Acer Corp." - "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "KM Language Monitor" - "KYOCERA MITA Corporation" - C:\Windows\system32\KMPJL64.DLL [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\NisSrv.exe "Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files (x86)\Bonjour\mDNSResponder.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe "GRegService" (Greg_Service) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe "Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "LogMeIn Hamachi Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\MsMpEng.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "MyWinLocker Service" (MWLService) - "Egis Technology Inc." - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe "NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe "NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe "NTI IScheduleSvc" (NTI IScheduleSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Partner Service" (Partner Service) - "Google Inc." - C:\ProgramData\Partner\Partner.exe "Raw Socket Service" (RS_Service) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe "Updater Service" (Updater Service) - "Acer" - C:\Program Files\Acer\Acer Updater\UpdaterService.exe [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - ? - C:\Windows\System32\Acer.scr [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-12 16:18:43
-----------------------------
16:18:43.937 OS Version: Windows x64 6.1.7601 Service Pack 1
16:18:43.937 Number of processors: 2 586 0x170A
16:18:43.937 ComputerName: FRANZISKA-PC UserName: Franziska
16:18:45.435 Initialize success
16:18:50.131 AVAST engine defs: 12071200
16:19:21.939 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:19:21.939 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
16:19:21.970 Disk 0 MBR read successfully
16:19:21.970 Disk 0 MBR scan
16:19:21.970 Disk 0 unknown MBR code
16:19:21.986 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12288 MB offset 2048
16:19:22.001 Disk 0 Partition 2 00 12 Compaq diag NTFS 3584 MB offset 25167872
16:19:22.017 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 32507904
16:19:22.033 Disk 0 Partition - 00 0F Extended LBA 460966 MB offset 32712704
16:19:22.048 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 460965 MB offset 32714752
16:19:22.064 Disk 0 scanning C:\Windows\system32\drivers
16:19:32.843 Service scanning
16:19:57.133 Modules scanning
16:19:57.648 Disk 0 trace - called modules:
16:19:57.679 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
16:19:57.694 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057ae060]
16:19:57.710 3 CLASSPNP.SYS[fffff88001bab43f] -> nt!IofCallDriver -> [0xfffffa8003cf1e40]
16:19:57.726 5 ACPI.sys[fffff88000fa37a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046a4050]
16:19:57.741 Scan finished successfully
17:08:29.174 Disk 0 MBR has been saved successfully to "C:\Users\Franziska\Desktop\MBR.dat"
17:08:29.190 The log file has been saved successfully to "C:\Users\Franziska\Desktop\aswMBR.txt"
|
|
12.07.2012, 18:47
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | My Security Shield Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.07.2012, 19:43
| #23 |
| | My Security Shield Hallo, vermutest du also, dass sich da was im MBR versteckt? Ist es dann nicht ratsamer alles nach sichern der Dateien platt zu machen? |
|
12.07.2012, 21:00
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | My Security Shield Nein ich vermute nicht, das is nur eine Vorsichtsmaßnahme Und die Datensicherung machst du falls was beim MBR-Fix schiefgeht Wieso willst du jetzt alles plattmachen?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.07.2012, 09:31
| #25 |
| | My Security Shield Hi, weil ich dachte, dass man bei ner Infektion des MBR sagt, dass es besser ist neu zu installieren. Okay dann werde ich die Daten mal sichern. Gibt es da eine richtige Vorgehensweise um sich dadurch nichts auf der externen Platte einzufangen? |
|
13.07.2012, 19:42
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | My Security ShieldZitat:
Wenn man so will kann man gleich bei jeden Furz neu aufsetzen oder gleich präventiv jeden Tag formatieren weil ja etwas drauf sein könnte
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.07.2012, 16:22
| #27 |
| | My Security ShieldCode:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-15 17:17:20
-----------------------------
17:17:20.741 OS Version: Windows x64 6.1.7601 Service Pack 1
17:17:20.741 Number of processors: 2 586 0x170A
17:17:20.741 ComputerName: FRANZISKA-PC UserName: Franziska
17:17:22.317 Initialize success
17:17:28.791 AVAST engine defs: 12071200
17:17:33.612 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:17:33.627 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
17:17:33.658 Disk 0 MBR read successfully
17:17:33.674 Disk 0 MBR scan
17:17:33.674 Disk 0 Windows 7 default MBR code
17:17:33.690 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12288 MB offset 2048
17:17:33.736 Disk 0 Partition 2 00 12 Compaq diag NTFS 3584 MB offset 25167872
17:17:33.752 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 32507904
17:17:33.768 Disk 0 Partition - 00 0F Extended LBA 460966 MB offset 32712704
17:17:33.799 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 460965 MB offset 32714752
17:17:33.814 Disk 0 scanning C:\Windows\system32\drivers
17:17:46.060 Service scanning
17:18:12.050 Modules scanning
17:18:12.066 Disk 0 trace - called modules:
17:18:12.112 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:18:12.128 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057ab3c0]
17:18:12.144 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80046998a0]
17:18:12.159 5 ACPI.sys[fffff88000ef97a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046a4050]
17:18:12.175 Scan finished successfully
17:19:31.485 Disk 0 MBR has been saved successfully to "C:\Users\Franziska\Desktop\MBR.dat"
17:19:31.485 The log file has been saved successfully to "C:\Users\Franziska\Desktop\aswMBR2.txt"
|
|
15.07.2012, 18:26
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | My Security Shield Den MBR neu zuschreiben ist noch mit das einfachste bei der Bereinigung. Die anderen Schädlinge in Dateien, die sich irgednwo "verstecken" oder per rootkit eingebunden sind, sind viel schwieriger zu finden und zu entfernen. Der MBR ist da immer einheitlich, das ist immer der erste Sektor einer Festplatte und ist immer konstant 512 Byte groß bzw. klein  Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.07.2012, 20:08
| #29 |
| | My Security ShieldCode:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.15.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Franziska :: FRANZISKA-PC [Administrator] 15.07.2012 21:03:48 mbam-log-2012-07-15 (21-03-48).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 211089 Laufzeit: 4 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/15/2012 at 09:21 PM
Application Version : 5.5.1006
Core Rules Database Version : 8902
Trace Rules Database Version: 6714
Scan type : Quick Scan
Total Scan Time : 00:06:32
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 623
Memory threats detected : 0
Registry items scanned : 54322
Registry threats detected : 0
File items scanned : 12453
File threats detected : 216
Adware.Tracking Cookie
C:\Users\Franziska\AppData\Roaming\Microsoft\Windows\Cookies\franziska@doubleclick[1].txt [ /doubleclick ]
C:\Users\Franziska\AppData\Roaming\Microsoft\Windows\Cookies\PQJX20QD.txt [ /accounts.google.com ]
C:\USERS\FRANZISKA\AppData\Roaming\Microsoft\Windows\Cookies\Low\franziska@smartadserver[2].txt [ Cookie:franziska@smartadserver.com/ ]
C:\USERS\FRANZISKA\AppData\Roaming\Microsoft\Windows\Cookies\Low\franziska@doubleclick[1].txt [ Cookie:franziska@doubleclick.net/ ]
C:\USERS\FRANZISKA\Cookies\franziska@doubleclick[1].txt [ Cookie:franziska@doubleclick.net/ ]
C:\USERS\FRANZISKA\Cookies\PQJX20QD.txt [ Cookie:franziska@accounts.google.com/ ]
.smartadserver.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.germanwings.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.sevenoneintermedia.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.vodafonegroup.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.tns-counter.ru [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.stats.comunio.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.rewetouristik.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
data.coremetrics.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.cunda.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.produkt-pfadfinder.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.123handydiscount.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.skydeutschland.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjloalcjedo.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6whkiclcpmcq.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
fl01.ct2.comclick.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkiajczkaq.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlikgcjmco.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkywlajgap.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wbkoepdpggq.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
stats.mikado-82.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.kantarmedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjkywnazsdo.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
stats.w-u-s.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aek4epczekp.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.digital-eliteboard.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfl4ukdzeep.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.shopping.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
audit.median.hu [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.novonordiskas.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.generaltracking.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjliaoc5olp.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
dfb.stats.yum.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.gostats.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmyejcpchq.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
stat.novasol.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmkoupazsdq.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfloamczeap.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.thomascookag.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.4fuckr.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
stat.dgnservice.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.moviepilot.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.examinercom.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.comstats.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
www.comstats.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.olympiaverlag.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjloskc5shq.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
tracking.tchibo.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjmicndjcko.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
stat.aldi.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdmyeidpolo.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aelogpcjego.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.jobscanner.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.macromedia-fachhochschule.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.akupunkturpunkte-finden.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.gettyimages.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjlogiajadp.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wdl4gocpmep.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
stats.realconsulter.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
thecount.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
thecount.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.ad6media.fr [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.ad6media.fr [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4upcpceo.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
testdata.coremetrics.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkokndjaap.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.stepstone.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wmlykjdjcdq.stats.esomniture.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.tuiinteractive.122.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.tracking.hermesworld.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.wir-finden-jobs.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.wir-finden-jobs.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.wir-finden-jobs.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
www.wir-finden-jobs.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\FRANZISKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DSA8PSZZ.DEFAULT\COOKIES.SQLITE ]
Geändert von smakr2 (15.07.2012 um 20:22 Uhr) |
|
15.07.2012, 20:39
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | My Security Shield Das waren keine Vollscans! Weder mit SUPERAntiSpyware noch mit Malwarebytes!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu My Security Shield |
| 7-zip, administrator, alternate, anti-malware, appdata, autostart, code, dateien, dateisystem, document, einloggen, explorer, file, firefox 13.0.1, folge, heuristiks/extra, heuristiks/shuriken, home, ide, install.exe, installation, klicke, launch, locker, log file, malwarebytes, microsoft, microsoft essentials, microsoft office word, mywinlocker, nicht installiert, plug-in, programm, required, richtlinie, scan, schließen, searchscopes, security, system, usb 2.0, windows, öffnen |
Linear-Darstellung
