| |
| |||||||
Log-Analyse und Auswertung: TR/ATRAPS.Gen2 und TR/ATRAPS.GenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.08.2012, 13:49
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3f986b3a-9908-11e0-a556-c80aa98379c8}\Shell - "" = AutoRun
O33 - MountPoints2\{3f986b3a-9908-11e0-a556-c80aa98379c8}\Shell\AutoRun\command - "" = Iomega Encryption Utility.exe
O33 - MountPoints2\{eceb4d5a-74e4-11e0-a0e2-c80aa98379c8}\Shell - "" = AutoRun
O33 - MountPoints2\{eceb4d5a-74e4-11e0-a0e2-c80aa98379c8}\Shell\AutoRun\command - "" = D:\SetupSeriesA.exe
:Files
C:\Users\Regina\_0AA6EBFE1D884E4E80D3DF6A7757540D
C:\Windows\Installer\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\L
C:\Windows\Installer\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\U
C:\Windows\Installer\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\n
C:\Windows\Installer\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\@
C:\Users\Regina\AppData\Local\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\L
C:\Users\Regina\AppData\Local\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\U
C:\Users\Regina\AppData\Local\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\n
C:\Users\Regina\AppData\Local\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\@
C:\Program Files (x86)\Common Files\Spigot
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.08.2012, 10:28
| #17 |
 | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Hallo Arne,
__________________hier das Ergebnis: Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f986b3a-9908-11e0-a556-c80aa98379c8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f986b3a-9908-11e0-a556-c80aa98379c8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f986b3a-9908-11e0-a556-c80aa98379c8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f986b3a-9908-11e0-a556-c80aa98379c8}\ not found.
File Iomega Encryption Utility.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eceb4d5a-74e4-11e0-a0e2-c80aa98379c8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eceb4d5a-74e4-11e0-a0e2-c80aa98379c8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eceb4d5a-74e4-11e0-a0e2-c80aa98379c8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eceb4d5a-74e4-11e0-a0e2-c80aa98379c8}\ not found.
File D:\SetupSeriesA.exe not found.
========== FILES ==========
C:\Users\Regina\_0AA6EBFE1D884E4E80D3DF6A7757540D moved successfully.
C:\Windows\Installer\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\L folder moved successfully.
C:\Windows\Installer\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\U folder moved successfully.
File\Folder C:\Windows\Installer\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\n not found.
C:\Windows\Installer\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\@ moved successfully.
C:\Users\Regina\AppData\Local\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\L folder moved successfully.
C:\Users\Regina\AppData\Local\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\U folder moved successfully.
File\Folder C:\Users\Regina\AppData\Local\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\n not found.
C:\Users\Regina\AppData\Local\{5c0b5c6d-ea04-f662-e6ee-6a7ba91c9543}\@ moved successfully.
File\Folder C:\Program Files (x86)\Common Files\Spigot not found.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Regina\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Regina
->Temp folder emptied: 2511733632 bytes
->Temporary Internet Files folder emptied: 95505729 bytes
->FireFox cache emptied: 1117249816 bytes
->Google Chrome cache emptied: 819568 bytes
->Flash cache emptied: 3208891 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 759974393 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 119691 bytes
RecycleBin emptied: 6181595 bytes
Total Files Cleaned = 4.287,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Regina
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.57.0 log created on 08162012_172922
Files\Folders moved on Reboot...
C:\Users\Regina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.
PendingFileRenameOperations files...
File C:\Users\Regina\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
[2012.08.16 17:49:46 | 000,000,000 | ---- | M] () C:\Windows\temp\dsiwmis.log : Unable to obtain MD5
[2012.08.16 17:49:44 | 008,405,015 | ---- | M] () C:\Windows\temp\TmpFile1 : Unable to obtain MD5
Registry entries deleted on Reboot...
Regina |
|
17.08.2012, 20:24
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
17.08.2012, 21:46
| #19 |
| | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Hallo Arne, hier der Report vom TDSSKiller: Code:
ATTFilter 22:38:20.0799 4148 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
22:38:21.0095 4148 ============================================================
22:38:21.0095 4148 Current date / time: 2012/08/17 22:38:21.0095
22:38:21.0095 4148 SystemInfo:
22:38:21.0095 4148
22:38:21.0095 4148 OS Version: 6.1.7600 ServicePack: 0.0
22:38:21.0095 4148 Product type: Workstation
22:38:21.0095 4148 ComputerName: REGINA-PC
22:38:21.0095 4148 UserName: Regina
22:38:21.0095 4148 Windows directory: C:\Windows
22:38:21.0095 4148 System windows directory: C:\Windows
22:38:21.0095 4148 Running under WOW64
22:38:21.0095 4148 Processor architecture: Intel x64
22:38:21.0095 4148 Number of processors: 4
22:38:21.0095 4148 Page size: 0x1000
22:38:21.0095 4148 Boot type: Normal boot
22:38:21.0095 4148 ============================================================
22:38:21.0828 4148 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:38:21.0844 4148 ============================================================
22:38:21.0844 4148 \Device\Harddisk0\DR0:
22:38:21.0844 4148 MBR partitions:
22:38:21.0844 4148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
22:38:21.0844 4148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x48E25000
22:38:21.0844 4148 ============================================================
22:38:21.0860 4148 C: <-> \Device\Harddisk0\DR0\Partition2
22:38:21.0860 4148 ============================================================
22:38:21.0860 4148 Initialize success
22:38:21.0860 4148 ============================================================
22:40:01.0606 5076 ============================================================
22:40:01.0606 5076 Scan started
22:40:01.0606 5076 Mode: Manual; SigCheck; TDLFS;
22:40:01.0606 5076 ============================================================
22:40:01.0934 5076 ================ Scan services =============================
22:40:02.0199 5076 [ 1b00662092f9f9568b995902f0cc40d5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
22:40:02.0339 5076 1394ohci - ok
22:40:02.0386 5076 [ 6f11e88748cdefd2f76aa215f97ddfe5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
22:40:02.0402 5076 ACPI - ok
22:40:02.0449 5076 [ 63b05a0420ce4bf0e4af6dcc7cada254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
22:40:02.0542 5076 AcpiPmi - ok
22:40:02.0605 5076 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:40:02.0620 5076 adp94xx - ok
22:40:02.0636 5076 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:40:02.0651 5076 adpahci - ok
22:40:02.0714 5076 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:40:02.0729 5076 adpu320 - ok
22:40:02.0745 5076 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:40:02.0901 5076 AeLookupSvc - ok
22:40:02.0963 5076 [ db9d6c6b2cd95a9ca414d045b627422e ] AFD C:\Windows\system32\drivers\afd.sys
22:40:03.0057 5076 AFD - ok
22:40:03.0587 5076 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
22:40:03.0603 5076 agp440 - ok
22:40:03.0681 5076 [ 94c0972b06c75456ed574dd46417b1d8 ] aksdf C:\Windows\system32\drivers\aksdf.sys
22:40:03.0759 5076 aksdf - ok
22:40:03.0977 5076 [ 7b0bc062ca6abab23f88ea483b5a538e ] aksfridge C:\Windows\system32\DRIVERS\aksfridge.sys
22:40:04.0024 5076 aksfridge - ok
22:40:04.0040 5076 [ a56f1b0f967aef8a82d7771e6d166def ] akshasp C:\Windows\system32\DRIVERS\akshasp.sys
22:40:04.0071 5076 akshasp - ok
22:40:04.0133 5076 [ 67dff8c8f95cb21c9c3380dd4c0387f2 ] akshhl C:\Windows\system32\DRIVERS\akshhl.sys
22:40:04.0165 5076 akshhl - ok
22:40:04.0211 5076 [ a9a09bc526e614ce9f29bb23c2a76ced ] aksusb C:\Windows\system32\DRIVERS\aksusb.sys
22:40:04.0243 5076 aksusb - ok
22:40:04.0289 5076 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
22:40:04.0352 5076 ALG - ok
22:40:04.0445 5076 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
22:40:04.0461 5076 aliide - ok
22:40:04.0539 5076 [ 671d9dca48da807780d8409c18ed0ae0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:40:04.0648 5076 AMD External Events Utility - ok
22:40:04.0711 5076 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\DRIVERS\amdide.sys
22:40:04.0726 5076 amdide - ok
22:40:04.0804 5076 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:40:04.0835 5076 AmdK8 - ok
22:40:05.0007 5076 [ d3e6b2e1394d93fe9db0ba24814b0d8f ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
22:40:05.0288 5076 amdkmdag - ok
22:40:05.0350 5076 [ cc4d915d786d3da973b2ea9b95d59a29 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:40:05.0397 5076 amdkmdap - ok
22:40:05.0459 5076 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:40:05.0506 5076 AmdPPM - ok
22:40:05.0584 5076 [ ec7ebab00a4d8448bab68d1e49b4beb9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:40:05.0600 5076 amdsata - ok
22:40:05.0662 5076 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:40:05.0678 5076 amdsbs - ok
22:40:05.0725 5076 [ db27766102c7bf7e95140a2aa81d042e ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:40:05.0756 5076 amdxata - ok
22:40:05.0834 5076 [ 391887990cdaa83de5c56c3fde966da1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
22:40:05.0865 5076 AmUStor - ok
22:40:05.0974 5076 [ 466a0d95960dad3222c896d2cea99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:40:06.0005 5076 AntiVirSchedulerService - ok
22:40:06.0068 5076 [ a489be6bb0aa1ff406b488b60542314b ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:40:06.0083 5076 AntiVirService - ok
22:40:06.0161 5076 [ 676894fa57b671fec5c3f05f8929e03b ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
22:40:06.0177 5076 AntiVirWebService - ok
22:40:06.0255 5076 [ 42fd751b27fa0e9c69bb39f39e409594 ] AppID C:\Windows\system32\drivers\appid.sys
22:40:06.0380 5076 AppID - ok
22:40:06.0442 5076 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:40:06.0536 5076 AppIDSvc - ok
22:40:06.0583 5076 [ d065be66822847b7f127d1f90158376e ] Appinfo C:\Windows\System32\appinfo.dll
22:40:06.0645 5076 Appinfo - ok
22:40:06.0692 5076 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
22:40:06.0723 5076 arc - ok
22:40:06.0723 5076 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:40:06.0754 5076 arcsas - ok
22:40:06.0770 5076 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:40:06.0832 5076 AsyncMac - ok
22:40:06.0848 5076 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\DRIVERS\atapi.sys
22:40:06.0863 5076 atapi - ok
22:40:06.0910 5076 [ 637e0753bd6deb8ea5314a5c357ec1a0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
22:40:06.0941 5076 AtiHdmiService - ok
22:40:06.0973 5076 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:40:07.0082 5076 AudioEndpointBuilder - ok
22:40:07.0097 5076 [ 07721a77180edd4d39ccb865bf63c7fd ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:40:07.0144 5076 AudioSrv - ok
22:40:07.0207 5076 [ 26e38b5a58c6c55fafbc563eeddb0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:40:07.0222 5076 avgntflt - ok
22:40:07.0253 5076 [ 9d1f00beff84cbbf46d7f052bc7e0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:40:07.0269 5076 avipbb - ok
22:40:07.0300 5076 [ 248db59fc86de44d2779f4c7fb1a567d ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:40:07.0316 5076 avkmgr - ok
22:40:07.0347 5076 [ b20b5fa5ca050e9926e4d1db81501b32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:40:07.0456 5076 AxInstSV - ok
22:40:07.0519 5076 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:40:07.0597 5076 b06bdrv - ok
22:40:07.0628 5076 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:40:07.0690 5076 b57nd60a - ok
22:40:07.0799 5076 [ fde8c8dc07e75347e4c6b455a0964217 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
22:40:07.0940 5076 BCM43XX - ok
22:40:08.0033 5076 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:40:08.0096 5076 BDESVC - ok
22:40:08.0143 5076 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:40:08.0221 5076 Beep - ok
22:40:08.0283 5076 [ 7f0c323fe3da28aa4aa1bda3f575707f ] BITS C:\Windows\System32\qmgr.dll
22:40:08.0377 5076 BITS - ok
22:40:08.0408 5076 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:40:08.0455 5076 blbdrive - ok
22:40:08.0548 5076 [ 73686fe0b2e0469f89fd2075be724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
22:40:08.0579 5076 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
22:40:08.0579 5076 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
22:40:08.0657 5076 [ 19d20159708e152267e53b66677a4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:40:08.0735 5076 bowser - ok
22:40:08.0782 5076 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:40:08.0829 5076 BrFiltLo - ok
22:40:08.0860 5076 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:40:08.0876 5076 BrFiltUp - ok
22:40:08.0954 5076 [ 6b054c67aaa87843504e8e3c09102009 ] Browser C:\Windows\System32\browser.dll
22:40:09.0016 5076 Browser - ok
22:40:09.0047 5076 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:40:09.0110 5076 Brserid - ok
22:40:09.0125 5076 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:40:09.0172 5076 BrSerWdm - ok
22:40:09.0203 5076 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:40:09.0266 5076 BrUsbMdm - ok
22:40:09.0297 5076 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:40:09.0344 5076 BrUsbSer - ok
22:40:09.0422 5076 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:40:09.0469 5076 BthEnum - ok
22:40:09.0484 5076 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:40:09.0531 5076 BTHMODEM - ok
22:40:09.0593 5076 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:40:09.0640 5076 BthPan - ok
22:40:09.0718 5076 [ d59773c7fdd3d795d6fe402eeea8d71e ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:40:09.0781 5076 BTHPORT - ok
22:40:09.0843 5076 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
22:40:09.0921 5076 bthserv - ok
22:40:09.0952 5076 [ 8504842634dd144c075b6b0c982ccec4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:40:09.0983 5076 BTHUSB - ok
22:40:10.0046 5076 [ 380b798d30c56ede4af58619d0e86ccb ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
22:40:10.0077 5076 btwampfl - ok
22:40:10.0139 5076 [ ba5622f5544c6c445dff1a05acc8b19d ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
22:40:10.0155 5076 btwaudio - ok
22:40:10.0202 5076 [ a11905d0f4bd34771f195217b6aa5ae0 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
22:40:10.0217 5076 btwavdt - ok
22:40:10.0295 5076 [ 3930e53ee0bed9dff9afa09f505d0cae ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:40:10.0342 5076 btwdins - ok
22:40:10.0373 5076 [ 07096d2bc22ccb6cea5a532df0be8a75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
22:40:10.0389 5076 btwl2cap - ok
22:40:10.0405 5076 [ bd776f32d64ec615be4563dc2747224e ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
22:40:10.0420 5076 btwrchid - ok
22:40:10.0451 5076 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:40:10.0576 5076 cdfs - ok
22:40:10.0623 5076 [ 83d2d75e1efb81b3450c18131443f7db ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:40:10.0701 5076 cdrom - ok
22:40:10.0779 5076 [ 312e2f82af11e79906898ac3e3d58a1f ] CertPropSvc C:\Windows\System32\certprop.dll
22:40:10.0841 5076 CertPropSvc - ok
22:40:10.0888 5076 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:40:10.0951 5076 circlass - ok
22:40:10.0982 5076 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
22:40:11.0013 5076 CLFS - ok
22:40:11.0107 5076 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:40:11.0122 5076 clr_optimization_v2.0.50727_32 - ok
22:40:11.0169 5076 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:40:11.0185 5076 clr_optimization_v2.0.50727_64 - ok
22:40:11.0263 5076 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:40:11.0294 5076 clr_optimization_v4.0.30319_32 - ok
22:40:11.0356 5076 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:40:11.0372 5076 clr_optimization_v4.0.30319_64 - ok
22:40:11.0387 5076 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:40:11.0434 5076 CmBatt - ok
22:40:11.0481 5076 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
22:40:11.0512 5076 cmdide - ok
22:40:11.0575 5076 [ ca7720b73446fddec5c69519c1174c98 ] CNG C:\Windows\system32\Drivers\cng.sys
22:40:11.0637 5076 CNG - ok
22:40:11.0668 5076 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:40:11.0684 5076 Compbatt - ok
22:40:11.0699 5076 [ f26b3a86f6fa87ca360b879581ab4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:40:11.0746 5076 CompositeBus - ok
22:40:11.0777 5076 COMSysApp - ok
22:40:11.0793 5076 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:40:11.0809 5076 crcdisk - ok
22:40:11.0887 5076 [ f02786b66375292e58c8777082d4396d ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:40:11.0949 5076 CryptSvc - ok
22:40:11.0996 5076 [ 7266972e86890e2b30c0c322e906b027 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:40:12.0089 5076 DcomLaunch - ok
22:40:12.0136 5076 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
22:40:12.0199 5076 defragsvc - ok
22:40:12.0277 5076 [ 9c253ce7311ca60fc11c774692a13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:40:12.0308 5076 DfsC - ok
22:40:12.0370 5076 [ ce3b9562d997f69b330d181a8875960f ] Dhcp C:\Windows\system32\dhcpcore.dll
22:40:12.0479 5076 Dhcp - ok
22:40:12.0511 5076 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
22:40:12.0604 5076 discache - ok
22:40:12.0651 5076 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:40:12.0667 5076 Disk - ok
22:40:12.0729 5076 [ 85cf424c74a1d5ec33533e1dbff9920a ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:40:12.0807 5076 Dnscache - ok
22:40:12.0838 5076 [ 14452acdb09b70964c8c21bf80a13acb ] dot3svc C:\Windows\System32\dot3svc.dll
22:40:12.0916 5076 dot3svc - ok
22:40:12.0947 5076 [ 8c2ba6bea949ee6e68385f5692bafb94 ] DPS C:\Windows\system32\dps.dll
22:40:13.0041 5076 DPS - ok
22:40:13.0088 5076 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:40:13.0119 5076 drmkaud - ok
22:40:13.0181 5076 [ 61e894fe1e9cc720c909e6e343351794 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:40:13.0213 5076 DsiWMIService - ok
22:40:13.0291 5076 [ 24ce1ecf9d0ae0301775b07f5fea175b ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:40:13.0353 5076 DXGKrnl - ok
22:40:13.0369 5076 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:40:13.0431 5076 EapHost - ok
22:40:13.0540 5076 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:40:13.0696 5076 ebdrv - ok
22:40:13.0759 5076 [ 156f6159457d0aa7e59b62681b56eb90 ] EFS C:\Windows\System32\lsass.exe
22:40:13.0821 5076 EFS - ok
22:40:13.0930 5076 [ 47c071994c3f649f23d9cd075ac9304a ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:40:14.0008 5076 ehRecvr - ok
22:40:14.0039 5076 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
22:40:14.0071 5076 ehSched - ok
22:40:14.0133 5076 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:40:14.0180 5076 elxstor - ok
22:40:14.0273 5076 [ 064f001bf07333f980ffb565dcf6dd3d ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
22:40:14.0320 5076 ePowerSvc - ok
22:40:14.0351 5076 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
22:40:14.0398 5076 ErrDev - ok
22:40:14.0461 5076 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
22:40:14.0554 5076 EventSystem - ok
22:40:14.0585 5076 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
22:40:14.0632 5076 exfat - ok
22:40:14.0663 5076 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:40:14.0741 5076 fastfat - ok
22:40:14.0788 5076 [ d607b2f1bee3992aa6c2c92c0a2f0855 ] Fax C:\Windows\system32\fxssvc.exe
22:40:14.0866 5076 Fax - ok
22:40:14.0897 5076 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:40:14.0944 5076 fdc - ok
22:40:14.0975 5076 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:40:15.0053 5076 fdPHost - ok
22:40:15.0085 5076 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:40:15.0116 5076 FDResPub - ok
22:40:15.0147 5076 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:40:15.0163 5076 FileInfo - ok
22:40:15.0194 5076 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:40:15.0272 5076 Filetrace - ok
22:40:15.0397 5076 [ 227846995afeefa70d328bf5334a86a5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:40:15.0443 5076 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:40:15.0443 5076 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:40:15.0475 5076 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:40:15.0490 5076 flpydisk - ok
22:40:15.0537 5076 [ f7866af72abbaf84b1fa5aa195378c59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:40:15.0568 5076 FltMgr - ok
22:40:15.0631 5076 [ bc00505cfda789ed3be95d2ff38c4875 ] FontCache C:\Windows\system32\FntCache.dll
22:40:15.0740 5076 FontCache - ok
22:40:15.0802 5076 [ 8d89e3131c27fdd6932189cb785e1b7a ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:40:15.0818 5076 FontCache3.0.0.0 - ok
22:40:15.0833 5076 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:40:15.0865 5076 FsDepends - ok
22:40:15.0911 5076 [ d3e3f93d67821a2db2b3d9fac2dc2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:40:15.0927 5076 Fs_Rec - ok
22:40:15.0974 5076 [ ae87ba80d0ec3b57126ed2cdc15b24ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:40:16.0005 5076 fvevol - ok
22:40:16.0052 5076 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:40:16.0067 5076 gagp30kx - ok
22:40:16.0114 5076 [ fe5ab4525bc2ec68b9119a6e5d40128b ] gpsvc C:\Windows\System32\gpsvc.dll
22:40:16.0177 5076 gpsvc - ok
22:40:16.0255 5076 [ 0191dee9b9eb7902af2cf4f67301095d ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
22:40:16.0270 5076 GREGService - ok
22:40:16.0364 5076 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:40:16.0379 5076 gupdate - ok
22:40:16.0411 5076 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:40:16.0426 5076 gupdatem - ok
22:40:16.0473 5076 [ 78fad9117e4527f2ca82259da10f40bd ] Hardlock C:\Windows\system32\drivers\hardlock.sys
22:40:16.0520 5076 Hardlock - ok
22:40:16.0535 5076 hasplms - ok
22:40:16.0567 5076 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:40:16.0629 5076 hcw85cir - ok
22:40:16.0676 5076 [ 6410f6f415b2a5a9037224c41da8bf12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:40:16.0723 5076 HdAudAddService - ok
22:40:16.0754 5076 [ 0a49913402747a0b67de940fb42cbdbb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:40:16.0801 5076 HDAudBus - ok
22:40:16.0847 5076 [ b6ac71aaa2b10848f57fc49d55a651af ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:40:16.0863 5076 HECIx64 - ok
22:40:16.0894 5076 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:40:16.0941 5076 HidBatt - ok
22:40:16.0988 5076 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:40:17.0050 5076 HidBth - ok
22:40:17.0081 5076 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:40:17.0144 5076 HidIr - ok
22:40:17.0175 5076 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
22:40:17.0269 5076 hidserv - ok
22:40:17.0315 5076 [ b3bf6b5b50006def50b66306d99fcf6f ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:40:17.0362 5076 HidUsb - ok
22:40:17.0409 5076 [ efa58ede58dd74388ffd04cb32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:40:17.0487 5076 hkmsvc - ok
22:40:17.0534 5076 [ 046b2673767ca626e2cfb7fdf735e9e8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:40:17.0596 5076 HomeGroupListener - ok
22:40:17.0627 5076 [ 06a7422224d9865a5613710a089987df ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:40:17.0659 5076 HomeGroupProvider - ok
22:40:17.0737 5076 HOSTS Anti-PUPs - ok
22:40:17.0783 5076 [ 0886d440058f203eba0e1825e4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
22:40:17.0799 5076 HpSAMD - ok
22:40:17.0846 5076 [ cee049cac4efa7f4e1e4ad014414a5d4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:40:17.0924 5076 HTTP - ok
22:40:17.0939 5076 [ f17766a19145f111856378df337a5d79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:40:17.0939 5076 hwpolicy - ok
22:40:17.0971 5076 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:40:17.0986 5076 i8042prt - ok
22:40:18.0002 5076 [ abbf174cb394f5c437410a788b7e404a ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:40:18.0033 5076 iaStor - ok
22:40:18.0127 5076 [ 31a0e93cdf29007d6c6fffb632f375ed ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:40:18.0142 5076 IAStorDataMgrSvc - ok
22:40:18.0205 5076 [ b75e45c564e944a2657167d197ab29da ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:40:18.0267 5076 iaStorV - ok
22:40:18.0376 5076 [ 1cf03c69b49acb70c722df92755c0c8c ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:40:18.0376 5076 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:40:18.0376 5076 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:40:18.0439 5076 [ 2f2be70d3e02b6fa877921ab9516d43c ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:40:18.0501 5076 idsvc - ok
22:40:18.0548 5076 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:40:18.0563 5076 iirsp - ok
22:40:18.0610 5076 [ c5b4683680df085b57bc53e5ef34861f ] IKEEXT C:\Windows\System32\ikeext.dll
22:40:18.0719 5076 IKEEXT - ok
22:40:18.0766 5076 [ 36fdf367a1dabff903e2214023d71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
22:40:18.0797 5076 Impcd - ok
22:40:18.0891 5076 [ 06b774e74f7e2b8ae903a70c45a03d61 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:40:19.0000 5076 IntcAzAudAddService - ok
22:40:19.0031 5076 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\DRIVERS\intelide.sys
22:40:19.0031 5076 intelide - ok
22:40:19.0265 5076 [ 09ce164afa8483e41808784d7fca154e ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
22:40:19.0640 5076 intelkmd - ok
22:40:19.0671 5076 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:40:19.0702 5076 intelppm - ok
22:40:19.0749 5076 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:40:19.0827 5076 IPBusEnum - ok
22:40:19.0858 5076 [ 722dd294df62483cecaae6e094b4d695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:40:19.0921 5076 IpFilterDriver - ok
22:40:19.0936 5076 [ e2b4a4494db7cb9b89b55ca268c337c5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:40:19.0983 5076 IPMIDRV - ok
22:40:20.0045 5076 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:40:20.0139 5076 IPNAT - ok
22:40:20.0155 5076 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:40:20.0186 5076 IRENUM - ok
22:40:20.0201 5076 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
22:40:20.0201 5076 isapnp - ok
22:40:20.0217 5076 [ fa4d2557de56d45b0a346f93564be6e1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:40:20.0248 5076 iScsiPrt - ok
22:40:20.0264 5076 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:40:20.0295 5076 kbdclass - ok
22:40:20.0311 5076 [ 6def98f8541e1b5dceb2c822a11f7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:40:20.0357 5076 kbdhid - ok
22:40:20.0389 5076 [ 156f6159457d0aa7e59b62681b56eb90 ] KeyIso C:\Windows\system32\lsass.exe
22:40:20.0404 5076 KeyIso - ok
22:40:20.0467 5076 [ 07071c1e3cd8f0f9114aac8b072ca1e5 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
22:40:20.0482 5076 KMWDFILTER - ok
22:40:20.0529 5076 [ 4f4b5fde429416877de7143044582eb5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:40:20.0545 5076 KSecDD - ok
22:40:20.0560 5076 [ 6f40465a44ecdc1731befafec5bdd03c ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:40:20.0576 5076 KSecPkg - ok
22:40:20.0607 5076 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:40:20.0701 5076 ksthunk - ok
22:40:20.0747 5076 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
22:40:20.0841 5076 KtmRm - ok
22:40:20.0903 5076 [ 39918db0efcf045a1ce6fabbf339f975 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
22:40:20.0919 5076 L1C - ok
22:40:20.0997 5076 [ 81f1d04d4d0e433099365127375fd501 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:40:21.0044 5076 LanmanServer - ok
22:40:21.0075 5076 [ 27026eac8818e8a6c00a1cad2f11d29a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:40:21.0153 5076 LanmanWorkstation - ok
22:40:21.0200 5076 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:40:21.0293 5076 lltdio - ok
22:40:21.0340 5076 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:40:21.0403 5076 lltdsvc - ok
22:40:21.0449 5076 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:40:21.0512 5076 lmhosts - ok
22:40:21.0574 5076 [ a1c148801b4af64847aeb9f3ad9594ef ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:40:21.0605 5076 LMS ( UnsignedFile.Multi.Generic ) - warning
22:40:21.0605 5076 LMS - detected UnsignedFile.Multi.Generic (1)
22:40:21.0637 5076 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:40:21.0668 5076 LSI_FC - ok
22:40:21.0683 5076 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:40:21.0699 5076 LSI_SAS - ok
22:40:21.0715 5076 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:40:21.0746 5076 LSI_SAS2 - ok
22:40:21.0746 5076 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:40:21.0777 5076 LSI_SCSI - ok
22:40:21.0793 5076 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
22:40:21.0886 5076 luafv - ok
22:40:21.0980 5076 [ 23488767cb18fc3ff39e3af1db3fb02c ] massfilter C:\Windows\system32\drivers\massfilter.sys
22:40:22.0011 5076 massfilter - ok
22:40:22.0058 5076 [ f84c8f1000bc11e3b7b23cbd3baff111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:40:22.0105 5076 Mcx2Svc - ok
22:40:22.0136 5076 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:40:22.0151 5076 megasas - ok
22:40:22.0183 5076 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:40:22.0214 5076 MegaSR - ok
22:40:22.0229 5076 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
22:40:22.0323 5076 MMCSS - ok
22:40:22.0354 5076 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:40:22.0385 5076 Modem - ok
22:40:22.0432 5076 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:40:22.0479 5076 monitor - ok
22:40:22.0510 5076 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:40:22.0526 5076 mouclass - ok
22:40:22.0557 5076 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:40:22.0604 5076 mouhid - ok
22:40:22.0635 5076 [ 791af66c4d0e7c90a3646066386fb571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:40:22.0651 5076 mountmgr - ok
22:40:22.0760 5076 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:40:22.0775 5076 MozillaMaintenance - ok
22:40:22.0807 5076 [ 609d1d87649ecc19796f4d76d4c15cea ] mpio C:\Windows\system32\DRIVERS\mpio.sys
22:40:22.0838 5076 mpio - ok
22:40:22.0853 5076 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:40:22.0916 5076 mpsdrv - ok
22:40:22.0931 5076 [ 30524261bb51d96d6fcbac20c810183c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:40:22.0978 5076 MRxDAV - ok
22:40:23.0025 5076 [ 040d62a9d8ad28922632137acdd984f2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:40:23.0041 5076 mrxsmb - ok
22:40:23.0103 5076 [ f0067552f8f9b33d7c59403ab808a3cb ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:40:23.0134 5076 mrxsmb10 - ok
22:40:23.0165 5076 [ 3c142d31de9f2f193218a53fe2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:40:23.0212 5076 mrxsmb20 - ok
22:40:23.0259 5076 [ 5c37497276e3b3a5488b23a326a754b7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
22:40:23.0290 5076 msahci - ok
22:40:23.0290 5076 [ 8d27b597229aed79430fb9db3bcbfbd0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
22:40:23.0321 5076 msdsm - ok
22:40:23.0337 5076 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
22:40:23.0384 5076 MSDTC - ok
22:40:23.0431 5076 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:40:23.0493 5076 Msfs - ok
22:40:23.0509 5076 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:40:23.0555 5076 mshidkmdf - ok
22:40:23.0555 5076 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
22:40:23.0571 5076 msisadrv - ok
22:40:23.0602 5076 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:40:23.0633 5076 MSiSCSI - ok
22:40:23.0633 5076 msiserver - ok
22:40:23.0696 5076 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:40:23.0743 5076 MSKSSRV - ok
22:40:23.0774 5076 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:40:23.0852 5076 MSPCLOCK - ok
22:40:23.0883 5076 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:40:23.0961 5076 MSPQM - ok
22:40:23.0992 5076 [ 89cb141aa8616d8c6a4610fa26c60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:40:24.0023 5076 MsRPC - ok
22:40:24.0039 5076 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:40:24.0055 5076 mssmbios - ok
22:40:24.0086 5076 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:40:24.0164 5076 MSTEE - ok
22:40:24.0195 5076 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:40:24.0242 5076 MTConfig - ok
22:40:24.0273 5076 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:40:24.0304 5076 Mup - ok
22:40:24.0335 5076 [ 6ffecc25b39dc7652a0cec0ada9db589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:40:24.0351 5076 mwlPSDFilter - ok
22:40:24.0351 5076 [ 0befe32ca56d6ee89d58175725596a85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:40:24.0367 5076 mwlPSDNServ - ok
22:40:24.0382 5076 [ d43bc633b8660463e446e28e14a51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:40:24.0398 5076 mwlPSDVDisk - ok
22:40:24.0491 5076 [ 0036634e5c92be109056f7e2380103a9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
22:40:24.0507 5076 MWLService - ok
22:40:24.0538 5076 [ 4987e079a4530fa737a128be54b63b12 ] napagent C:\Windows\system32\qagentRT.dll
22:40:24.0632 5076 napagent - ok
22:40:24.0694 5076 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:40:24.0757 5076 NativeWifiP - ok
22:40:24.0819 5076 [ cad515dbd07d082bb317d9928ce8962c ] NDIS C:\Windows\system32\drivers\ndis.sys
22:40:24.0897 5076 NDIS - ok
22:40:24.0913 5076 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:40:24.0991 5076 NdisCap - ok
22:40:25.0053 5076 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:40:25.0131 5076 NdisTapi - ok
22:40:25.0178 5076 [ f105ba1e22bf1f2ee8f005d4305e4bec ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:40:25.0256 5076 Ndisuio - ok
22:40:25.0287 5076 [ 557dfab9ca1fcb036ac77564c010dad3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:40:25.0334 5076 NdisWan - ok
22:40:25.0365 5076 [ 659b74fb74b86228d6338d643cd3e3cf ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:40:25.0427 5076 NDProxy - ok
22:40:25.0459 5076 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:40:25.0521 5076 NetBIOS - ok
22:40:25.0568 5076 [ 9162b273a44ab9dce5b44362731d062a ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:40:25.0646 5076 NetBT - ok
22:40:25.0661 5076 [ 156f6159457d0aa7e59b62681b56eb90 ] Netlogon C:\Windows\system32\lsass.exe
22:40:25.0677 5076 Netlogon - ok
22:40:25.0724 5076 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
22:40:25.0786 5076 Netman - ok
22:40:25.0786 5076 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
22:40:25.0880 5076 netprofm - ok
22:40:25.0911 5076 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:40:25.0927 5076 NetTcpPortSharing - ok
22:40:26.0129 5076 [ 24f64343f14a119308456e1ca7507b26 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
22:40:26.0395 5076 NETw5s64 - ok
22:40:26.0457 5076 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:40:26.0473 5076 nfrd960 - ok
22:40:26.0519 5076 [ d9a0ce66046d6efa0c61baa885cba0a8 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:40:26.0613 5076 NlaSvc - ok
22:40:26.0629 5076 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:40:26.0707 5076 Npfs - ok
22:40:26.0738 5076 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:40:26.0847 5076 nsi - ok
22:40:26.0878 5076 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:40:26.0941 5076 nsiproxy - ok
22:40:27.0034 5076 [ 378e0e0dfea67d98ae6ea53adbbd76bc ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:40:27.0143 5076 Ntfs - ok
22:40:27.0206 5076 [ 5b3ce960c62dbe864be9a0bd043a3e30 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
22:40:27.0253 5076 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - warning
22:40:27.0253 5076 NTI IScheduleSvc - detected UnsignedFile.Multi.Generic (1)
22:40:27.0331 5076 [ 15221dd637d9d0ffc60848ebbf1df538 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
22:40:27.0346 5076 NTIBackupSvc - ok
22:40:27.0377 5076 [ 64ddd0dee976302f4bd93e5efcc2f013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
22:40:27.0393 5076 NTIDrvr - ok
22:40:27.0424 5076 [ b5071e15d4c3f5ef5018aff7e85a85e5 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
22:40:27.0440 5076 NTISchedulerSvc - ok
22:40:27.0471 5076 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
22:40:27.0565 5076 Null - ok
22:40:27.0596 5076 [ a4d9c9a608a97f59307c2f2600edc6a4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:40:27.0611 5076 nvraid - ok
22:40:27.0689 5076 [ 6c1d5f70e7a6a3fd1c90d840edc048b9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:40:27.0705 5076 nvstor - ok
22:40:27.0752 5076 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
22:40:27.0783 5076 nv_agp - ok
22:40:27.0845 5076 [ ba7dac1b8a86d9402c3e04e1fcaa600d ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
22:40:27.0861 5076 ODDPwrSvc - ok
22:40:27.0892 5076 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:40:27.0939 5076 ohci1394 - ok
22:40:28.0033 5076 [ daf5d6b1696d42140839cd557336efc8 ] OXSDIDRV_x64 C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys
22:40:28.0048 5076 OXSDIDRV_x64 - ok
22:40:28.0095 5076 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:40:28.0157 5076 p2pimsvc - ok
22:40:28.0204 5076 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:40:28.0235 5076 p2psvc - ok
22:40:28.0267 5076 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:40:28.0298 5076 Parport - ok
22:40:28.0360 5076 [ 90061b1acfe8ccaa5345750ffe08d8b8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:40:28.0376 5076 partmgr - ok
22:40:28.0391 5076 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:40:28.0454 5076 PcaSvc - ok
22:40:28.0469 5076 [ f36f6504009f2fb0dfd1b17a116ad74b ] pci C:\Windows\system32\DRIVERS\pci.sys
22:40:28.0501 5076 pci - ok
22:40:28.0516 5076 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\DRIVERS\pciide.sys
22:40:28.0532 5076 pciide - ok
22:40:28.0532 5076 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:40:28.0563 5076 pcmcia - ok
22:40:28.0579 5076 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:40:28.0594 5076 pcw - ok
22:40:28.0610 5076 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:40:28.0688 5076 PEAUTH - ok
22:40:28.0813 5076 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:40:28.0859 5076 PerfHost - ok
22:40:28.0922 5076 [ 557e9a86f65f0de18c9b6751dfe9d3f1 ] pla C:\Windows\system32\pla.dll
22:40:29.0047 5076 pla - ok
22:40:29.0140 5076 [ 98b1721b8718164293b9701b98c52d77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:40:29.0171 5076 PlugPlay - ok
22:40:29.0187 5076 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:40:29.0234 5076 PNRPAutoReg - ok
22:40:29.0265 5076 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:40:29.0296 5076 PNRPsvc - ok
22:40:29.0343 5076 [ 166eb40d1f5b47e615de3d0fffe5f243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:40:29.0421 5076 PolicyAgent - ok
22:40:29.0468 5076 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
22:40:29.0515 5076 Power - ok
22:40:29.0546 5076 [ 27cc19e81ba5e3403c48302127bda717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:40:29.0624 5076 PptpMiniport - ok
22:40:29.0655 5076 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:40:29.0702 5076 Processor - ok
22:40:29.0749 5076 [ 97293447431311c06703368ad0f6c4be ] ProfSvc C:\Windows\system32\profsvc.dll
22:40:29.0811 5076 ProfSvc - ok
22:40:29.0827 5076 [ 156f6159457d0aa7e59b62681b56eb90 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:40:29.0842 5076 ProtectedStorage - ok
22:40:29.0873 5076 [ ee992183bd8eaefd9973f352e587a299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:40:29.0951 5076 Psched - ok
22:40:30.0029 5076 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:40:30.0123 5076 ql2300 - ok
22:40:30.0139 5076 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:40:30.0154 5076 ql40xx - ok
22:40:30.0201 5076 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
22:40:30.0232 5076 QWAVE - ok
22:40:30.0263 5076 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:40:30.0310 5076 QWAVEdrv - ok
22:40:30.0341 5076 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:40:30.0388 5076 RasAcd - ok
22:40:30.0419 5076 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:40:30.0466 5076 RasAgileVpn - ok
22:40:30.0482 5076 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
22:40:30.0529 5076 RasAuto - ok
22:40:30.0560 5076 [ 87a6e852a22991580d6d39adc4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:40:30.0638 5076 Rasl2tp - ok
22:40:30.0700 5076 [ 47394ed3d16d053f5906efe5ab51cc83 ] RasMan C:\Windows\System32\rasmans.dll
22:40:30.0794 5076 RasMan - ok
22:40:30.0825 5076 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:40:30.0919 5076 RasPppoe - ok
22:40:30.0950 5076 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:40:31.0028 5076 RasSstp - ok
22:40:31.0059 5076 [ 3bac8142102c15d59a87757c1d41dce5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:40:31.0153 5076 rdbss - ok
22:40:31.0184 5076 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:40:31.0215 5076 rdpbus - ok
22:40:31.0246 5076 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:40:31.0309 5076 RDPCDD - ok
22:40:31.0309 5076 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:40:31.0387 5076 RDPENCDD - ok
22:40:31.0418 5076 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:40:31.0449 5076 RDPREFMP - ok
22:40:31.0496 5076 [ 447de7e3dea39d422c1504f245b668b1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:40:31.0558 5076 RDPWD - ok
22:40:31.0589 5076 [ 634b9a2181d98f15941236886164ec8b ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:40:31.0621 5076 rdyboost - ok
22:40:31.0652 5076 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:40:31.0714 5076 RemoteAccess - ok
22:40:31.0745 5076 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:40:31.0839 5076 RemoteRegistry - ok
22:40:31.0901 5076 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:40:31.0948 5076 RFCOMM - ok
22:40:32.0011 5076 [ f12a68ed55053940cadd59ca5e3468dd ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
22:40:32.0042 5076 RichVideo ( UnsignedFile.Multi.Generic ) - warning
22:40:32.0042 5076 RichVideo - detected UnsignedFile.Multi.Generic (1)
22:40:32.0073 5076 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:40:32.0151 5076 RpcEptMapper - ok
22:40:32.0182 5076 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
22:40:32.0198 5076 RpcLocator - ok
22:40:32.0213 5076 [ 7266972e86890e2b30c0c322e906b027 ] RpcSs C:\Windows\system32\rpcss.dll
22:40:32.0260 5076 RpcSs - ok
22:40:32.0276 5076 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:40:32.0369 5076 rspndr - ok
22:40:32.0447 5076 [ 7cb9f0fdd730f4a4ecf6cde15ea12e8a ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
22:40:32.0479 5076 RS_Service - ok
22:40:32.0494 5076 [ 156f6159457d0aa7e59b62681b56eb90 ] SamSs C:\Windows\system32\lsass.exe
22:40:32.0510 5076 SamSs - ok
22:40:32.0525 5076 [ e3bbb89983daf5622c1d50cf49f28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
22:40:32.0557 5076 sbp2port - ok
22:40:32.0572 5076 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:40:32.0635 5076 SCardSvr - ok
22:40:32.0681 5076 [ c94da20c7e3ba1dca269bc8460d98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:40:32.0759 5076 scfilter - ok
22:40:32.0837 5076 [ 624d0f5ff99428bb90a5b8a4123e918e ] Schedule C:\Windows\system32\schedsvc.dll
22:40:32.0947 5076 Schedule - ok
22:40:32.0978 5076 [ 312e2f82af11e79906898ac3e3d58a1f ] SCPolicySvc C:\Windows\System32\certprop.dll
22:40:33.0025 5076 SCPolicySvc - ok
22:40:33.0071 5076 [ 765a27c3279ce11d14cb9e4f5869fca5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:40:33.0134 5076 SDRSVC - ok
22:40:33.0165 5076 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:40:33.0243 5076 secdrv - ok
22:40:33.0274 5076 [ 463b386ebc70f98da5dff85f7e654346 ] seclogon C:\Windows\system32\seclogon.dll
22:40:33.0337 5076 seclogon - ok
22:40:33.0383 5076 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
22:40:33.0446 5076 SENS - ok
22:40:33.0461 5076 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:40:33.0524 5076 SensrSvc - ok
22:40:33.0555 5076 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:40:33.0571 5076 Serenum - ok
22:40:33.0602 5076 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:40:33.0649 5076 Serial - ok
22:40:33.0680 5076 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:40:33.0711 5076 sermouse - ok
22:40:33.0758 5076 [ c3bc61ce47ff6f4e88ab8a3b429a36af ] SessionEnv C:\Windows\system32\sessenv.dll
22:40:33.0805 5076 SessionEnv - ok
22:40:33.0836 5076 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:40:33.0883 5076 sffdisk - ok
22:40:33.0914 5076 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:40:33.0961 5076 sffp_mmc - ok
22:40:33.0992 5076 [ 5588b8c6193eb1522490c122eb94dffa ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:40:34.0007 5076 sffp_sd - ok
22:40:34.0023 5076 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:40:34.0054 5076 sfloppy - ok
22:40:34.0101 5076 [ 0298ac45d0efffb2db4baa7dd186e7bf ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:40:34.0163 5076 ShellHWDetection - ok
22:40:34.0210 5076 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:40:34.0226 5076 SiSRaid2 - ok
22:40:34.0226 5076 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:40:34.0257 5076 SiSRaid4 - ok
22:40:34.0273 5076 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:40:34.0351 5076 Smb - ok
22:40:34.0413 5076 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:40:34.0460 5076 SNMPTRAP - ok
22:40:34.0569 5076 [ 4945020bc094c322571184a6e8056b3a ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
22:40:34.0600 5076 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:40:34.0600 5076 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:40:34.0616 5076 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:40:34.0631 5076 spldr - ok
22:40:34.0709 5076 [ 567977dc43cc13c4c35ed7084c0b84d5 ] Spooler C:\Windows\System32\spoolsv.exe
22:40:34.0756 5076 Spooler - ok
22:40:34.0850 5076 [ 913d843498553a1bc8f8dbad6358e49f ] sppsvc C:\Windows\system32\sppsvc.exe
22:40:34.0990 5076 sppsvc - ok
22:40:35.0021 5076 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:40:35.0084 5076 sppuinotify - ok
22:40:35.0146 5076 [ 2408c0366d96bcdf63e8f1c78e4a29c5 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:40:35.0224 5076 srv - ok
22:40:35.0240 5076 [ 76548f7b818881b47d8d1ae1be9c11f8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:40:35.0287 5076 srv2 - ok
22:40:35.0349 5076 [ 0af6e19d39c70844c5caa8fb0183c36e ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:40:35.0380 5076 srvnet - ok
22:40:35.0443 5076 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:40:35.0536 5076 SSDPSRV - ok
22:40:35.0552 5076 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:40:35.0599 5076 SstpSvc - ok
22:40:35.0630 5076 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:40:35.0630 5076 stexstor - ok
22:40:35.0661 5076 [ 52d0e33b681bd0f33fdc08812fee4f7d ] stisvc C:\Windows\System32\wiaservc.dll
22:40:35.0708 5076 stisvc - ok
22:40:35.0723 5076 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:40:35.0739 5076 swenum - ok
22:40:35.0770 5076 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
22:40:35.0833 5076 swprv - ok
22:40:35.0879 5076 [ ed6d1424e5b0c21a57b28dd8508d6843 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:40:35.0911 5076 SynTP - ok
22:40:35.0957 5076 [ 3c1284516a62078fb68f768de4f1a7be ] SysMain C:\Windows\system32\sysmain.dll
22:40:36.0082 5076 SysMain - ok
22:40:36.0160 5076 [ 140afc0a32ef1da0f5d14ba79ef179ee ] ta2avs C:\Windows\system32\Drivers\ta2avs.sys
22:40:36.0191 5076 ta2avs - ok
22:40:36.0269 5076 [ c344ade71831237f77b955bdc187fbcb ] ta2usb_svc C:\Windows\system32\Drivers\ta2usb.sys
22:40:36.0285 5076 ta2usb_svc - ok
22:40:36.0316 5076 [ 238935c3cf2854886dc7cbb2a0e2cc66 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:40:36.0363 5076 TabletInputService - ok
22:40:36.0394 5076 [ 884264ac597b690c5707c89723bb8e7b ] TapiSrv C:\Windows\System32\tapisrv.dll
22:40:36.0457 5076 TapiSrv - ok
22:40:36.0472 5076 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
22:40:36.0519 5076 TBS - ok
22:40:36.0613 5076 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:40:36.0706 5076 Tcpip - ok
22:40:36.0737 5076 [ 624c5b3aa4c99b3184bb922d9ece3ff0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:40:36.0784 5076 TCPIP6 - ok
22:40:36.0815 5076 [ 76d078af6f587b162d50210f761eb9ed ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:40:36.0862 5076 tcpipreg - ok
22:40:36.0878 5076 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:40:36.0925 5076 TDPIPE - ok
22:40:36.0987 5076 [ 7518f7bcfd4b308abc9192bacaf6c970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:40:37.0049 5076 TDTCP - ok
22:40:37.0081 5076 [ 079125c4b17b01fcaeebce0bcb290c0f ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:40:37.0143 5076 tdx - ok
22:40:37.0190 5076 [ c448651339196c0e869a355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:40:37.0205 5076 TermDD - ok
22:40:37.0237 5076 [ 0f05ec2887bfe197ad82a13287d2f404 ] TermService C:\Windows\System32\termsrv.dll
22:40:37.0330 5076 TermService - ok
22:40:37.0346 5076 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
22:40:37.0377 5076 Themes - ok
22:40:37.0408 5076 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
22:40:37.0455 5076 THREADORDER - ok
22:40:37.0517 5076 TPkd - ok
22:40:37.0549 5076 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
22:40:37.0642 5076 TrkWks - ok
22:40:37.0705 5076 [ 840f7fb849f5887a49ba18c13b2da920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:40:37.0767 5076 TrustedInstaller - ok
22:40:37.0798 5076 [ 61b96c26131e37b24e93327a0bd1fb95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:40:37.0876 5076 tssecsrv - ok
22:40:37.0907 5076 [ 3836171a2cdf3af8ef10856db9835a70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:40:37.0985 5076 tunnel - ok
22:40:38.0017 5076 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:40:38.0032 5076 uagp35 - ok
22:40:38.0063 5076 [ 2e22c1fd397a5a9ffef55e9d1fc96c00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
22:40:38.0079 5076 UBHelper - ok
22:40:38.0095 5076 [ d47baead86c65d4f4069d7ce0a4edceb ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:40:38.0188 5076 udfs - ok
22:40:38.0282 5076 [ 13bff97e926bf8d9c1230cecc371a0c0 ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
22:40:38.0297 5076 UI Assistant Service - ok
22:40:38.0329 5076 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:40:38.0344 5076 UI0Detect - ok
22:40:38.0391 5076 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
22:40:38.0407 5076 uliagpkx - ok
22:40:38.0438 5076 [ eab6c35e62b1b0db0d1b48b671d3a117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:40:38.0469 5076 umbus - ok
22:40:38.0516 5076 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:40:38.0531 5076 UmPass - ok
22:40:38.0672 5076 [ 41118d920b2b268c0adc36421248cdcf ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:40:38.0781 5076 UNS ( UnsignedFile.Multi.Generic ) - warning
22:40:38.0781 5076 UNS - detected UnsignedFile.Multi.Generic (1)
22:40:38.0859 5076 [ f9ec9acd504d823d9b9ca98a4f8d3ca2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:40:38.0890 5076 Updater Service - ok
22:40:38.0937 5076 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
22:40:39.0031 5076 upnphost - ok
22:40:39.0093 5076 [ 537a4e03d7103c12d42dfd8ffdb5bdc9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:40:39.0171 5076 usbccgp - ok
22:40:39.0202 5076 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
22:40:39.0233 5076 usbcir - ok
22:40:39.0296 5076 [ fbb21ebe49f6d560db37ac25fbc68e66 ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:40:39.0311 5076 usbehci - ok
22:40:39.0343 5076 [ 6b7a8a99c4a459e73c286a6763ea24cc ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:40:39.0358 5076 usbhub - ok
22:40:39.0405 5076 [ 8c88aa7617b4cbc2e4bed61d26b33a27 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:40:39.0436 5076 usbohci - ok
22:40:39.0467 5076 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:40:39.0514 5076 usbprint - ok
22:40:39.0561 5076 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:40:39.0592 5076 usbscan - ok
22:40:39.0592 5076 [ f39983647bc1f3e6100778ddfe9dce29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:40:39.0655 5076 USBSTOR - ok
22:40:39.0717 5076 [ 0b5b3b2df3fd1709618acfa50b8392b0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:40:39.0748 5076 usbuhci - ok
22:40:39.0826 5076 [ 7cb8c573c6e4a2714402cc0a36eab4fe ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:40:39.0904 5076 usbvideo - ok
22:40:39.0935 5076 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
22:40:39.0982 5076 UxSms - ok
22:40:39.0998 5076 [ 156f6159457d0aa7e59b62681b56eb90 ] VaultSvc C:\Windows\system32\lsass.exe
22:40:40.0013 5076 VaultSvc - ok
22:40:40.0076 5076 [ fd911873c0bb6945fa38c16e9a2b58f9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
22:40:40.0107 5076 VClone - ok
22:40:40.0138 5076 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
22:40:40.0154 5076 vdrvroot - ok
22:40:40.0185 5076 [ 44d73e0bbc1d3c8981304ba15135c2f2 ] vds C:\Windows\System32\vds.exe
22:40:40.0216 5076 vds - ok
22:40:40.0247 5076 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:40:40.0263 5076 vga - ok
22:40:40.0279 5076 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
22:40:40.0357 5076 VgaSave - ok
22:40:40.0388 5076 [ c82e748660f62a242b2dfac1442f22a4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
22:40:40.0403 5076 vhdmp - ok
22:40:40.0419 5076 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
22:40:40.0419 5076 viaide - ok
22:40:40.0435 5076 [ 2b1a3dae2b4e70dbba822b7a03fbd4a3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
22:40:40.0450 5076 volmgr - ok
22:40:40.0466 5076 [ 99b0cbb569ca79acaed8c91461d765fb ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:40:40.0481 5076 volmgrx - ok
22:40:40.0513 5076 [ 58f82eed8ca24b461441f9c3e4f0bf5c ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
22:40:40.0528 5076 volsnap - ok
22:40:40.0559 5076 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:40:40.0575 5076 vsmraid - ok
22:40:40.0653 5076 [ 787898bf9fb6d7bd87a36e2d95c899ba ] VSS C:\Windows\system32\vssvc.exe
22:40:40.0762 5076 VSS - ok
22:40:40.0793 5076 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:40:40.0809 5076 vwifibus - ok
22:40:40.0871 5076 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:40:40.0918 5076 vwififlt - ok
22:40:40.0965 5076 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:40:40.0996 5076 vwifimp - ok
22:40:41.0027 5076 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
22:40:41.0090 5076 W32Time - ok
22:40:41.0105 5076 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:40:41.0137 5076 WacomPen - ok
22:40:41.0215 5076 [ 47ca49400643effd3f1c9a27e1d69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:40:41.0277 5076 WANARP - ok
22:40:41.0293 5076 [ 47ca49400643effd3f1c9a27e1d69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:40:41.0355 5076 Wanarpv6 - ok
22:40:41.0417 5076 [ 5ab1bb85bd8b5089cc5d64200dedae68 ] wbengine C:\Windows\system32\wbengine.exe
22:40:41.0511 5076 wbengine - ok
22:40:41.0527 5076 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:40:41.0558 5076 WbioSrvc - ok
22:40:41.0620 5076 [ dd1bae8ebfc653824d29ccf8c9054d68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:40:41.0683 5076 wcncsvc - ok
22:40:41.0698 5076 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:40:41.0729 5076 WcsPlugInService - ok
22:40:41.0745 5076 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:40:41.0761 5076 Wd - ok
22:40:41.0792 5076 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:40:41.0823 5076 Wdf01000 - ok
22:40:41.0870 5076 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:40:41.0917 5076 WdiServiceHost - ok
22:40:41.0917 5076 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:40:41.0963 5076 WdiSystemHost - ok
22:40:42.0010 5076 [ 733006127f235be7c35354ebee7b9a7b ] WebClient C:\Windows\System32\webclnt.dll
22:40:42.0088 5076 WebClient - ok
22:40:42.0119 5076 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:40:42.0182 5076 Wecsvc - ok
22:40:42.0197 5076 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:40:42.0244 5076 wercplsupport - ok
22:40:42.0291 5076 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:40:42.0369 5076 WerSvc - ok
22:40:42.0416 5076 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:40:42.0478 5076 WfpLwf - ok
22:40:42.0494 5076 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:40:42.0509 5076 WIMMount - ok
22:40:42.0509 5076 WinHttpAutoProxySvc - ok
22:40:42.0587 5076 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:40:42.0650 5076 Winmgmt - ok
22:40:42.0728 5076 [ 41fbb751936b387f9179e7f03a74fe29 ] WinRM C:\Windows\system32\WsmSvc.dll
22:40:42.0884 5076 WinRM - ok
22:40:42.0946 5076 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
22:40:43.0009 5076 Wlansvc - ok
22:40:43.0024 5076 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:40:43.0040 5076 WmiAcpi - ok
22:40:43.0087 5076 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:40:43.0149 5076 wmiApSrv - ok
22:40:43.0180 5076 WMPNetworkSvc - ok
22:40:43.0211 5076 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:40:43.0243 5076 WPCSvc - ok
22:40:43.0258 5076 [ 2e57ddf2880a7e52e76f41c7e96d327b ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:40:43.0336 5076 WPDBusEnum - ok
22:40:43.0367 5076 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:40:43.0445 5076 ws2ifsl - ok
22:40:43.0445 5076 WSearch - ok
22:40:43.0555 5076 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:40:43.0695 5076 wuauserv - ok
22:40:43.0726 5076 [ 7cadc74271dd6461c452c271b30bd378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:40:43.0789 5076 WudfPf - ok
22:40:43.0804 5076 [ 3b197af0fff08aa66b6b2241ca538d64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:40:43.0898 5076 WUDFRd - ok
22:40:43.0945 5076 [ b551d6637aa0e132c18ac6e504f7b79b ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:40:44.0038 5076 wudfsvc - ok
22:40:44.0069 5076 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
22:40:44.0116 5076 WwanSvc - ok
22:40:44.0194 5076 [ ff5a03a65b68db7e02a12880399d40d4 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
22:40:44.0241 5076 ZTEusbmdm6k - ok
22:40:44.0272 5076 [ ff5a03a65b68db7e02a12880399d40d4 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
22:40:44.0288 5076 ZTEusbnmea - ok
22:40:44.0366 5076 [ ff5a03a65b68db7e02a12880399d40d4 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
22:40:44.0397 5076 ZTEusbser6k - ok
22:40:44.0428 5076 ================ Scan global ===============================
22:40:44.0459 5076 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
22:40:44.0506 5076 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
22:40:44.0522 5076 (0cb6ebf4b461a6043353c570bd72a1e1) C:\Windows\system32\winsrv.dll
22:40:44.0537 5076 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
22:40:44.0600 5076 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
22:40:44.0615 5076 [Global] - ok
22:40:44.0615 5076 ================ Scan MBR ==================================
22:40:44.0631 5076 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:40:45.0115 5076 \Device\Harddisk0\DR0 - ok
22:40:45.0115 5076 ================ Scan VBR ==================================
22:40:45.0146 5076 Boot (0x1200) (4c9f7de35c874245a6a8b83a8b2fb664) \Device\Harddisk0\DR0\Partition1
22:40:45.0146 5076 \Device\Harddisk0\DR0\Partition1 - ok
22:40:45.0161 5076 Boot (0x1200) (01880942b2e45cd854870b6e27736731) \Device\Harddisk0\DR0\Partition2
22:40:45.0161 5076 \Device\Harddisk0\DR0\Partition2 - ok
22:40:45.0161 5076 ============================================================
22:40:45.0161 5076 Scan finished
22:40:45.0161 5076 ============================================================
22:40:45.0177 4748 Detected object count: 8
22:40:45.0177 4748 Actual detected object count: 8
22:43:02.0332 4748 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:43:02.0332 4748 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:43:02.0348 4748 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:43:02.0348 4748 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:43:02.0348 4748 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:43:02.0348 4748 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:43:02.0348 4748 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
22:43:02.0348 4748 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:43:02.0348 4748 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:43:02.0348 4748 NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:43:02.0348 4748 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:43:02.0348 4748 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:43:02.0348 4748 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:43:02.0348 4748 SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:43:02.0348 4748 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
22:43:02.0348 4748 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
Regina |
|
18.08.2012, 13:11
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.08.2012, 07:54
| #21 |
| | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Hallo Arne, hier das Ergebnis von Combofix: Code:
ATTFilter ComboFix 12-08-20.02 - Regina 20.08.2012 22:55:04.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3767.2374 [GMT 2:00]
ausgeführt von:: c:\users\Regina\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HOSTS Anti-PUPs
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-20 bis 2012-08-20 ))))))))))))))))))))))))))))))
.
.
2012-08-20 21:08 . 2012-08-20 21:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-16 15:29 . 2012-08-16 15:29 -------- d-----w- C:\_OTL
2012-08-16 10:36 . 2012-08-16 10:35 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-08-16 10:35 . 2012-08-16 10:35 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-16 10:35 . 2012-08-16 10:35 -------- d-----w- c:\program files (x86)\Java
2012-08-16 08:57 . 2012-07-06 19:58 552448 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-10 12:29 . 2012-08-10 12:29 -------- d-----w- c:\program files (x86)\Hosts_Anti_Adwares_PUPs
2012-08-09 17:12 . 2012-08-09 17:12 -------- d-----w- c:\users\Regina\AppData\Roaming\Simfy
2012-08-09 17:12 . 2012-08-09 17:12 -------- d-----w- c:\program files (x86)\simfy
2012-08-07 16:27 . 2012-08-07 18:24 -------- d-----w- c:\users\Regina\AppData\Local\.elfohilfe
2012-08-06 21:02 . 2012-08-06 21:02 -------- d-----w- c:\program files (x86)\ESET
2012-08-06 21:00 . 2012-08-06 21:01 -------- d--h--w- c:\windows\AxInstSV
2012-08-06 08:59 . 2012-08-06 08:59 -------- d-----w- c:\users\Regina\AppData\Roaming\Malwarebytes
2012-08-06 08:59 . 2012-08-06 08:59 -------- d-----w- c:\programdata\Malwarebytes
2012-08-06 08:59 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-06 08:59 . 2012-08-06 08:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-02 10:47 . 2012-08-02 10:47 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-02 10:46 . 2012-08-02 10:46 -------- d-----w- c:\windows\system32\Macromed
2012-07-31 21:35 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CA03D7F1-145A-439A-9834-A3317B1E6C3D}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 10:35 . 2012-04-14 20:38 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-16 08:52 . 2010-08-23 18:46 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-02 13:24 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-08-02 10:47 . 2011-07-01 20:11 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-05 11:02 . 2012-07-12 06:38 95744 ----a-w- c:\windows\system32\pdfcmon.dll
2012-06-09 05:30 . 2012-07-11 10:46 14165504 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 05:50 . 2012-07-11 10:46 2003968 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:50 . 2012-07-11 10:46 1880064 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:09 . 2012-07-11 10:46 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:09 . 2012-07-11 10:46 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-02 22:19 . 2012-06-25 08:05 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-25 08:05 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-25 08:05 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-25 08:05 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-25 08:05 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-25 08:05 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-25 08:05 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-25 08:05 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-25 08:05 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:38 . 2012-07-11 10:46 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:38 . 2012-07-11 10:46 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:37 . 2012-07-11 10:46 459216 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:27 . 2012-07-11 10:46 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:27 . 2012-07-11 10:46 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:48 . 2012-07-11 10:46 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:48 . 2012-07-11 10:46 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:47 . 2012-07-11 10:46 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:42 . 2012-07-11 10:46 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2010-06-11 18:37 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Greenshot"="c:\program files (x86)\Greenshot\Greenshot.exe" [2010-07-12 548864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-21 98304]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"UIExec"="c:\program files (x86)\1&1 Surf-Stick\UIExec.exe" [2010-09-30 139088]
"HOSTS Anti-Adware_PUPs"="c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe" [2012-08-10 302961]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-11 136176]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-05 335400]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 39464]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-11 136176]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-10-29 11776]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-03-17 7680512]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);c:\windows\system32\DRIVERS\OXSDIDRV_x64.sys [2009-09-28 51760]
R3 ta2avs;Traktor Audio 2 WDM Audio;c:\windows\system32\Drivers\ta2avs.sys [2010-12-15 358480]
R3 ta2usb_svc;Traktor Audio 2;c:\windows\system32\Drivers\ta2usb.sys [2010-12-15 75856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-19 27760]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2010-09-27 75648]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-20 202752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-12 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-12 465360]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-04-23 820768]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe [2010-09-27 4180576]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\1&1 Surf-Stick\AssistantServices.exe [2010-09-30 253264]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-20 188928]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-04-20 10322848]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-11 18:46]
.
2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-11 18:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-04-23 496160]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-06 2114376]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-12-11 722256]
"combofix"="c:\combofix\CF27924.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_4820tg&r=27360610k416l0443z185t5631j131
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Regina\AppData\Roaming\Mozilla\Firefox\Profiles\p1y5cce8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-vProt - c:\program files (x86)\AVG Secure Search\vprot.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-HASP HL Device Driver - c:\windows\System32\UNWISE.EXE
AddRemove-HASP License Manager - c:\windows\System32\UNWISE.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-20 23:27:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-20 21:27
.
Vor Suchlauf: 14 Verzeichnis(se), 122.976.509.952 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 122.295.291.904 Bytes frei
.
- - End Of File - - 0C2F9BE8E351CBBB454DEFB705DD7D64
Regina |
|
21.08.2012, 13:39
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.08.2012, 22:36
| #23 |
| | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Hallo Arne, anbei das Gmer-Ergebniss: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-21 23:40:27
Windows 6.1.7600
Running: otspei38.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313b813d1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313b813d1@001963941cd4 0xF2 0x30 0xC5 0x68 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313b813d1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313b813d1@001963941cd4 0xF2 0x30 0xC5 0x68 ...
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 23:50:31 on 21.08.2012 OS: Windows 7 Home Premium Edition (Build 7600), 64-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "NTIDrvr" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\system32\drivers\NTIDrvr.sys "Oxford Semi eSATA Filter (x64)" (OXSDIDRV_x64) - ? - C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys "TPkd" (TPkd) - ? - C:\Windows\system32\drivers\TPkd.sys (File not found) "UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Technology Inc." - C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll {21D928D4-4850-45E3-9982-AD57051ECD42} "EdrawingThumbNailProvider Class" - "Dassault Systèmes SolidWorks Corp." - C:\Program Files (x86)\Common Files\eDrawings2011\edrwthumbnailprovider.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll "Senden an Bluetooth" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {AE7CD045-E861-484f-8273-0445EE161910} "AcroIEToolbarHelper Class" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Plug-In" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Greenshot" - ? - "C:\Program Files (x86)\Greenshot\Greenshot.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "HOSTS Anti-Adware_PUPs" - ? - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe "IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe "LManager" - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\LManager.exe "NeroFilterCheck" - ? - C:\Windows\system32\NeroCheck.exe (File not found) "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "UIExec" - ? - "C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe" (File found, but it contains no detailed information) [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "pdfcmon" - "pdfforge GbR" - C:\Windows\system32\pdfcmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##" (Bonjour Service) - "Apple Computer, Inc." - C:\Program Files (x86)\Bonjour\mDNSResponder.exe "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe "Acer ODD Power Service" (ODDPwrSvc) - "Acer Incorporated" - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe "Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe "Dritek WMI Service" (DsiWMIService) - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\dsiwmis.exe "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GREGService" (GREGService) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Intel(R) Management & Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "MyWinLocker Service" (MWLService) - "Egis Technology Inc." - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe "NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe "NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe "NTI IScheduleSvc" (NTI IScheduleSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe "Raw Socket Service" (RS_Service) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe "SolidWorks Licensing Service" (SolidWorks Licensing Service) - "SolidWorks" - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe "UI Assistant Service" (UI Assistant Service) - ? - C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe (File found, but it contains no detailed information) "Updater Service" (Updater Service) - "Acer Group" - C:\Program Files\Acer\Acer Updater\UpdaterService.exe [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - ? - C:\PROGRA~2\STANDA~1\STANDA~1\STTime.scr (File found, but it contains no detailed information) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Computer, Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-22 21:46:15
-----------------------------
21:46:15.465 OS Version: Windows x64 6.1.7600
21:46:15.465 Number of processors: 4 586 0x2505
21:46:15.465 ComputerName: REGINA-PC UserName: Regina
21:46:20.130 Initialize success
21:50:15.289 AVAST engine defs: 12082201
21:54:55.922 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:54:55.930 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
21:54:55.947 Disk 0 MBR read successfully
21:54:55.952 Disk 0 MBR scan
21:54:55.995 Disk 0 Windows 7 default MBR code
21:54:56.001 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
21:54:56.036 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
21:54:56.053 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 597066 MB offset 27469824
21:54:56.098 Disk 0 scanning C:\Windows\system32\drivers
21:55:14.004 Service scanning
21:55:58.935 Modules scanning
21:55:58.948 Disk 0 trace - called modules:
21:55:58.992 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:55:59.002 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c6a060]
21:55:59.011 3 CLASSPNP.SYS[fffff88001b0c43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004967050]
21:56:01.193 AVAST engine scan C:\Windows
21:56:09.425 AVAST engine scan C:\Windows\system32
22:02:49.132 AVAST engine scan C:\Windows\system32\drivers
22:03:08.665 AVAST engine scan C:\Users\Regina
22:09:16.488 AVAST engine scan C:\ProgramData
22:10:58.109 Scan finished successfully
23:33:43.175 Disk 0 MBR has been saved successfully to "C:\Users\Regina\Desktop\MBR.dat"
23:33:43.183 The log file has been saved successfully to "C:\Users\Regina\Desktop\aswMBR.txt"
Regina |
|
30.08.2012, 13:13
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.09.2012, 09:00
| #25 |
| | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Hallo Arne, ich war auch im Urlaub, bin jetzt aber wieder voll dabei bei unserer Reinigungsaktion. Hier das Log von Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.11.04 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Regina :: REGINA-PC [Administrator] 11.09.2012 10:24:50 mbam-log-2012-09-11 (10-24-50).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 771229 Laufzeit: 8 Stunde(n), 54 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/13/2012 at 08:35 AM
Application Version : 5.5.1016
Core Rules Database Version : 9213
Trace Rules Database Version: 7025
Scan type : Complete Scan
Total Scan Time : 14:26:36
Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User
Memory items scanned : 711
Memory threats detected : 0
Registry items scanned : 66205
Registry threats detected : 0
File items scanned : 433604
File threats detected : 203
Adware.Tracking Cookie
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@ad.yieldmanager[3].txt [ /ad.yieldmanager ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@adx.chip[2].txt [ /adx.chip ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@content.yieldmanager[2].txt [ /content.yieldmanager ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@doubleclick[1].txt [ /doubleclick ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@statse.webtrendslive[2].txt [ /statse.webtrendslive ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\2THH3HMJ.txt [ /zanox-affiliate.de ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\BWBCIIHC.txt [ /mediaplex.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\DIKA4F21.txt [ /invitemedia.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\2J38VZBL.txt [ /ad.zanox.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\WDGQH8JQ.txt [ /adtech.de ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\1JZWDBJV.txt [ /atdmt.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\8RMS8E32.txt [ /unitymedia.de ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\O3BRVS1D.txt [ /imrworldwide.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\9EUU6BR4.txt [ /adfarm1.adition.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\5WMSB4T9.txt [ /fastclick.net ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\AJLSQGI1.txt [ /doubleclick.net ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\2SFKF6QM.txt [ /tracking.quisma.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\IARA8NM7.txt [ /dyntracker.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\OKDICOS2.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\2WQIS4Q9.txt [ /www.zanox-affiliate.de ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\LXQQ2KEP.txt [ /zanox.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\5COVWYXX.txt [ /smartadserver.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\ZUQ7RL93.txt [ /ads.creative-serving.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\BA2UD6FV.txt [ /apmebf.com ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@de.sitestat[1].txt [ Cookie:regina@de.sitestat.com/idgcom-de/pcwelt/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z939EPJ2.txt [ Cookie:regina@zanox-affiliate.de/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\12NVFX3B.txt [ Cookie:regina@tribalfusion.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@spylog[1].txt [ Cookie:regina@spylog.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@stats.duesseldorf[2].txt [ Cookie:regina@stats.duesseldorf.de/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\H0SIWKRB.txt [ Cookie:regina@amazon-adsystem.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\0GM0DYBM.txt [ Cookie:regina@atdmt.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\SA6NNK35.txt [ Cookie:regina@adfarm1.adition.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@tns-counter[1].txt [ Cookie:regina@tns-counter.ru/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\WSH9WFET.txt [ Cookie:regina@dyntracker.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\NZWFSG1Z.txt [ Cookie:regina@ad2.adfarm1.adition.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\XVXITTL3.txt [ Cookie:regina@zanox.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@yadro[2].txt [ Cookie:regina@yadro.ru/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\NJG9OWDX.txt [ Cookie:regina@apmebf.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@openstat[2].txt [ Cookie:regina@openstat.net/ ]
C:\USERS\REGINA\Cookies\2THH3HMJ.txt [ Cookie:regina@zanox-affiliate.de/ ]
C:\USERS\REGINA\Cookies\DIKA4F21.txt [ Cookie:regina@invitemedia.com/ ]
C:\USERS\REGINA\Cookies\WDGQH8JQ.txt [ Cookie:regina@adtech.de/ ]
C:\USERS\REGINA\Cookies\1JZWDBJV.txt [ Cookie:regina@atdmt.com/ ]
C:\USERS\REGINA\Cookies\8RMS8E32.txt [ Cookie:regina@unitymedia.de/ ]
C:\USERS\REGINA\Cookies\O3BRVS1D.txt [ Cookie:regina@imrworldwide.com/cgi-bin ]
C:\USERS\REGINA\Cookies\9EUU6BR4.txt [ Cookie:regina@adfarm1.adition.com/ ]
C:\USERS\REGINA\Cookies\5WMSB4T9.txt [ Cookie:regina@fastclick.net/ ]
C:\USERS\REGINA\Cookies\2SFKF6QM.txt [ Cookie:regina@tracking.quisma.com/ ]
C:\USERS\REGINA\Cookies\IARA8NM7.txt [ Cookie:regina@dyntracker.com/ ]
C:\USERS\REGINA\Cookies\OKDICOS2.txt [ Cookie:regina@ad1.adfarm1.adition.com/ ]
C:\USERS\REGINA\Cookies\2WQIS4Q9.txt [ Cookie:regina@www.zanox-affiliate.de/ ]
C:\USERS\REGINA\Cookies\LXQQ2KEP.txt [ Cookie:regina@zanox.com/ ]
C:\USERS\REGINA\Cookies\5COVWYXX.txt [ Cookie:regina@smartadserver.com/ ]
C:\USERS\REGINA\Cookies\BA2UD6FV.txt [ Cookie:regina@apmebf.com/ ]
C:\USERS\REGINA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\REGINA@MEDIALAND[1].TXT [ /MEDIALAND ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.philips.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkokkajmho.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4eodjcap.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
stats.viessmann.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nedstat.hostelbookers.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nedstat.hostelbookers.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkoeocjggp.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.decofinder.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.decofinder.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.decofinder.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.spicesofindia.co.uk [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.spicesofindia.co.uk [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.questioncopyright.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.dupont.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekoohajkap.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4okdpwdq.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.hearstdigital.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.travel.mediamatic.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.travel.mediamatic.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.travel.mediamatic.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
tracker.roitesting.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
s03.flagcounter.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mymediawelt.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mymediawelt.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mymediawelt.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.baurechtsexperte.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.avgtechnologies.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.brownshoe.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
stat.vattenfall.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
stat.vattenfall.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
vatrack.hinet.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.shinystat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.media.gira.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.media.gira.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.modepilot.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.modepilot.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.modepilot.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
tracking.qiez.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-Frauder
C:\PROGRAM FILES (X86)\1&1 SURF-STICK\COMPONENT\BIUSBSOUND.DLL
Grüße und Danke! Regina |
|
13.09.2012, 16:25
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Wie bitte hast du SUPERAntiSpyware gestartet? Einfach per Doppelklick?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.09.2012, 16:33
| #27 |
| | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Hallo Arne, ich mache immer alles so wie es in euren Anleitungen steht. Ich habe also "Benutzer mit Windows Vista und Windows 7 starten das Tool bitte wieder per Rechtsklick => als Administrator ausführen!" gemacht. Allerdings war diesmal das Programm zum ersten Mal anders als bei Euch beschrieben, da man sich zwischendrin (während der Installation) für eine kostenlose Testversion entscheiden musste. Grüße Regina Hallo Arne, entschuldige, mir ist gerade eingefallen, dass ich einmal den Rechner neu starten musste und beim zweiten Mal hab ich das wohl dann doch per Doppelklick gemacht. Mist. Soll ich noch mal scannen mit dem als Administrator ausführen? Regina |
|
13.09.2012, 22:49
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Naja, mach das eben nochmal 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.09.2012, 17:14
| #29 |
| | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen So, habs nochmal gemacht. Hier ist das Ergebnis: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/14/2012 at 06:07 PM
Application Version : 5.5.1016
Core Rules Database Version : 9226
Trace Rules Database Version: 7038
Scan type : Complete Scan
Total Scan Time : 08:13:36
Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User
Memory items scanned : 766
Memory threats detected : 0
Registry items scanned : 66209
Registry threats detected : 0
File items scanned : 436615
File threats detected : 203
Adware.Tracking Cookie
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@ad.yieldmanager[3].txt [ /ad.yieldmanager ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@adx.chip[2].txt [ /adx.chip ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@content.yieldmanager[2].txt [ /content.yieldmanager ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@doubleclick[1].txt [ /doubleclick ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\regina@statse.webtrendslive[2].txt [ /statse.webtrendslive ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\2THH3HMJ.txt [ /zanox-affiliate.de ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\YS9QWIMD.txt [ /mediaplex.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\DIKA4F21.txt [ /invitemedia.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\2J38VZBL.txt [ /ad.zanox.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\WDGQH8JQ.txt [ /adtech.de ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\1JZWDBJV.txt [ /atdmt.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\8RMS8E32.txt [ /unitymedia.de ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\O3BRVS1D.txt [ /imrworldwide.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\9EUU6BR4.txt [ /adfarm1.adition.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\WOW05OE2.txt [ /fastclick.net ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\AJLSQGI1.txt [ /doubleclick.net ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\2SFKF6QM.txt [ /tracking.quisma.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\IARA8NM7.txt [ /dyntracker.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\OKDICOS2.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\2WQIS4Q9.txt [ /www.zanox-affiliate.de ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\LXQQ2KEP.txt [ /zanox.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\5COVWYXX.txt [ /smartadserver.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\ZUQ7RL93.txt [ /ads.creative-serving.com ]
C:\Users\Regina\AppData\Roaming\Microsoft\Windows\Cookies\BA2UD6FV.txt [ /apmebf.com ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@de.sitestat[1].txt [ Cookie:regina@de.sitestat.com/idgcom-de/pcwelt/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z939EPJ2.txt [ Cookie:regina@zanox-affiliate.de/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\12NVFX3B.txt [ Cookie:regina@tribalfusion.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@spylog[1].txt [ Cookie:regina@spylog.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@stats.duesseldorf[2].txt [ Cookie:regina@stats.duesseldorf.de/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\H0SIWKRB.txt [ Cookie:regina@amazon-adsystem.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\0GM0DYBM.txt [ Cookie:regina@atdmt.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\SA6NNK35.txt [ Cookie:regina@adfarm1.adition.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@tns-counter[1].txt [ Cookie:regina@tns-counter.ru/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\WSH9WFET.txt [ Cookie:regina@dyntracker.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\NZWFSG1Z.txt [ Cookie:regina@ad2.adfarm1.adition.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\XVXITTL3.txt [ Cookie:regina@zanox.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@yadro[2].txt [ Cookie:regina@yadro.ru/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\NJG9OWDX.txt [ Cookie:regina@apmebf.com/ ]
C:\USERS\REGINA\AppData\Roaming\Microsoft\Windows\Cookies\Low\regina@openstat[2].txt [ Cookie:regina@openstat.net/ ]
C:\USERS\REGINA\Cookies\2THH3HMJ.txt [ Cookie:regina@zanox-affiliate.de/ ]
C:\USERS\REGINA\Cookies\DIKA4F21.txt [ Cookie:regina@invitemedia.com/ ]
C:\USERS\REGINA\Cookies\WDGQH8JQ.txt [ Cookie:regina@adtech.de/ ]
C:\USERS\REGINA\Cookies\1JZWDBJV.txt [ Cookie:regina@atdmt.com/ ]
C:\USERS\REGINA\Cookies\8RMS8E32.txt [ Cookie:regina@unitymedia.de/ ]
C:\USERS\REGINA\Cookies\O3BRVS1D.txt [ Cookie:regina@imrworldwide.com/cgi-bin ]
C:\USERS\REGINA\Cookies\9EUU6BR4.txt [ Cookie:regina@adfarm1.adition.com/ ]
C:\USERS\REGINA\Cookies\WOW05OE2.txt [ Cookie:regina@fastclick.net/ ]
C:\USERS\REGINA\Cookies\2SFKF6QM.txt [ Cookie:regina@tracking.quisma.com/ ]
C:\USERS\REGINA\Cookies\IARA8NM7.txt [ Cookie:regina@dyntracker.com/ ]
C:\USERS\REGINA\Cookies\OKDICOS2.txt [ Cookie:regina@ad1.adfarm1.adition.com/ ]
C:\USERS\REGINA\Cookies\2WQIS4Q9.txt [ Cookie:regina@www.zanox-affiliate.de/ ]
C:\USERS\REGINA\Cookies\LXQQ2KEP.txt [ Cookie:regina@zanox.com/ ]
C:\USERS\REGINA\Cookies\5COVWYXX.txt [ Cookie:regina@smartadserver.com/ ]
C:\USERS\REGINA\Cookies\BA2UD6FV.txt [ Cookie:regina@apmebf.com/ ]
C:\USERS\REGINA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\REGINA@MEDIALAND[1].TXT [ /MEDIALAND ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
track.webtrekk.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.philips.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.conrad.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wfkokkajmho.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4eodjcap.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
stats.viessmann.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.count24.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nedstat.hostelbookers.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nedstat.hostelbookers.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wgkoeocjggp.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.decofinder.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.decofinder.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.decofinder.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
nl.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.spicesofindia.co.uk [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.spicesofindia.co.uk [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.questioncopyright.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.dupont.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.nextag.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6aekoohajkap.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjk4okdpwdq.stats.esomniture.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.hearstdigital.122.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.travel.mediamatic.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.travel.mediamatic.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.travel.mediamatic.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
tracker.roitesting.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
s03.flagcounter.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mymediawelt.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mymediawelt.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.mymediawelt.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.baurechtsexperte.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.avgtechnologies.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
track.zalando.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.brownshoe.112.2o7.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
stat.vattenfall.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
stat.vattenfall.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
vatrack.hinet.net [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.shinystat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.media.gira.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.media.gira.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.4stats.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.modepilot.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.modepilot.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.modepilot.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
tracking.qiez.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
insight.torbit.com [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\REGINA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P1Y5CCE8.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-Frauder
C:\PROGRAM FILES (X86)\1&1 SURF-STICK\COMPONENT\BIUSBSOUND.DLL
Regina |
|
14.09.2012, 22:17
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen2 und TR/ATRAPS.Gen Er zeigt aber immer noch limited user an  egalSieht ok aus, da wurden nur Cookies gefunden, der angebliche Fund bei 1&1 ist ein Fehalarm. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu TR/ATRAPS.Gen2 und TR/ATRAPS.Gen |
| 800000cb.@, antivirus, autorun, avg secure search, avg security toolbar, avira, bho, bonjour, cid, desktop, error, erste mal, excel, fehler, firefox, flash player, google earth, home, igdpmd64.sys, install.exe, internet, launch, locker, logfile, mozilla, mywinlocker, pdfforge toolbar, plug-ins, realtek, registry, rundll, scan, secure search, security, software, system, tr/vundo.gen, vtoolbarupdater, windows |
Linear-Darstellung
