| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Gesperrtes System_Trojaner Bundespolizei_Win7 32bitWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.09.2012, 08:59
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
05.09.2012, 22:19
| #17 |
 | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Hier das Log zu TDSS:
__________________Code:
ATTFilter 23:06:42.0220 0240 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
23:06:42.0283 0240 ============================================================
23:06:42.0283 0240 Current date / time: 2012/09/05 23:06:42.0283
23:06:42.0283 0240 SystemInfo:
23:06:42.0283 0240
23:06:42.0283 0240 OS Version: 6.1.7601 ServicePack: 1.0
23:06:42.0283 0240 Product type: Workstation
23:06:42.0283 0240 ComputerName: ***-PC
23:06:42.0283 0240 UserName: Anwender
23:06:42.0283 0240 Windows directory: C:\Windows
23:06:42.0283 0240 System windows directory: C:\Windows
23:06:42.0283 0240 Processor architecture: Intel x86
23:06:42.0283 0240 Number of processors: 2
23:06:42.0283 0240 Page size: 0x1000
23:06:42.0283 0240 Boot type: Normal boot
23:06:42.0283 0240 ============================================================
23:06:43.0718 0240 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:06:43.0718 0240 ============================================================
23:06:43.0718 0240 \Device\Harddisk0\DR0:
23:06:43.0733 0240 MBR partitions:
23:06:43.0733 0240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:06:43.0733 0240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D190800
23:06:43.0733 0240 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1D1C3000, BlocksNum 0x1D1C2000
23:06:43.0733 0240 ============================================================
23:06:43.0765 0240 C: <-> \Device\Harddisk0\DR0\Partition2
23:06:43.0796 0240 D: <-> \Device\Harddisk0\DR0\Partition3
23:06:43.0796 0240 ============================================================
23:06:43.0796 0240 Initialize success
23:06:43.0796 0240 ============================================================
23:07:29.0785 2544 ============================================================
23:07:29.0785 2544 Scan started
23:07:29.0785 2544 Mode: Manual; SigCheck; TDLFS;
23:07:29.0785 2544 ============================================================
23:07:30.0253 2544 ================ Scan system memory ========================
23:07:30.0253 2544 System memory - ok
23:07:30.0253 2544 ================ Scan services =============================
23:07:30.0939 2544 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:07:31.0048 2544 1394ohci - ok
23:07:31.0126 2544 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Professional.9.0 C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
23:07:31.0157 2544 ABBYY.Licensing.FineReader.Professional.9.0 - ok
23:07:31.0189 2544 [ E6F53D6C0DEA3D375362265E175CA638 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
23:07:31.0438 2544 acedrv11 - ok
23:07:31.0454 2544 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:07:31.0469 2544 ACPI - ok
23:07:31.0485 2544 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:07:31.0547 2544 AcpiPmi - ok
23:07:31.0594 2544 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:07:31.0610 2544 AdobeARMservice - ok
23:07:31.0657 2544 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:07:31.0672 2544 AdobeFlashPlayerUpdateSvc - ok
23:07:31.0719 2544 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:07:31.0735 2544 adp94xx - ok
23:07:31.0750 2544 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:07:31.0766 2544 adpahci - ok
23:07:31.0766 2544 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:07:31.0781 2544 adpu320 - ok
23:07:31.0797 2544 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:07:31.0828 2544 AeLookupSvc - ok
23:07:31.0906 2544 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
23:07:31.0953 2544 AFD - ok
23:07:31.0984 2544 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
23:07:32.0000 2544 agp440 - ok
23:07:32.0031 2544 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
23:07:32.0047 2544 aic78xx - ok
23:07:32.0109 2544 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:07:32.0140 2544 ALG - ok
23:07:32.0156 2544 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
23:07:32.0171 2544 aliide - ok
23:07:32.0187 2544 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:07:32.0203 2544 amdagp - ok
23:07:32.0203 2544 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
23:07:32.0218 2544 amdide - ok
23:07:32.0249 2544 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:07:32.0281 2544 AmdK8 - ok
23:07:32.0296 2544 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:07:32.0327 2544 AmdPPM - ok
23:07:32.0359 2544 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:07:32.0374 2544 amdsata - ok
23:07:32.0374 2544 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:07:32.0405 2544 amdsbs - ok
23:07:32.0421 2544 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:07:32.0421 2544 amdxata - ok
23:07:32.0468 2544 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:07:32.0468 2544 AntiVirSchedulerService - ok
23:07:32.0499 2544 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:07:32.0515 2544 AntiVirService - ok
23:07:32.0515 2544 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
23:07:32.0608 2544 AppID - ok
23:07:32.0639 2544 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:07:32.0686 2544 AppIDSvc - ok
23:07:32.0717 2544 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
23:07:32.0733 2544 Appinfo - ok
23:07:32.0764 2544 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:07:32.0780 2544 arc - ok
23:07:32.0780 2544 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:07:32.0780 2544 arcsas - ok
23:07:32.0811 2544 [ 6C0B68F7CF64A3D4BC2D81F82BFBBB96 ] asahci32 C:\Windows\system32\DRIVERS\asahci32.sys
23:07:32.0827 2544 asahci32 - ok
23:07:32.0842 2544 [ 42DC01802E752E4A29702E4F9F095045 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
23:07:32.0873 2544 asmthub3 - ok
23:07:32.0905 2544 [ ED5A68031DABDF981A418A34B35A9CE6 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
23:07:32.0951 2544 asmtxhci - ok
23:07:32.0967 2544 [ 46658EE12F6924E832697581FDD0E659 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
23:07:32.0983 2544 AsrAppCharger - ok
23:07:33.0014 2544 AsrCDDrv - ok
23:07:33.0061 2544 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:07:33.0139 2544 AsyncMac - ok
23:07:33.0154 2544 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
23:07:33.0154 2544 atapi - ok
23:07:33.0185 2544 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:07:33.0232 2544 AudioEndpointBuilder - ok
23:07:33.0232 2544 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:07:33.0263 2544 Audiosrv - ok
23:07:33.0279 2544 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:07:33.0295 2544 avgntflt - ok
23:07:33.0310 2544 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:07:33.0310 2544 avipbb - ok
23:07:33.0326 2544 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:07:33.0326 2544 avkmgr - ok
23:07:33.0357 2544 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:07:33.0419 2544 AxInstSV - ok
23:07:33.0451 2544 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
23:07:33.0482 2544 b06bdrv - ok
23:07:33.0497 2544 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:07:33.0513 2544 b57nd60x - ok
23:07:33.0544 2544 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:07:33.0560 2544 BDESVC - ok
23:07:33.0591 2544 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:07:33.0607 2544 Beep - ok
23:07:33.0638 2544 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
23:07:33.0669 2544 BFE - ok
23:07:33.0700 2544 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
23:07:33.0731 2544 BITS - ok
23:07:33.0778 2544 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:07:33.0794 2544 blbdrive - ok
23:07:33.0809 2544 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:07:33.0856 2544 bowser - ok
23:07:33.0856 2544 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:07:33.0919 2544 BrFiltLo - ok
23:07:33.0934 2544 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:07:33.0950 2544 BrFiltUp - ok
23:07:33.0981 2544 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
23:07:34.0012 2544 Browser - ok
23:07:34.0028 2544 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:07:34.0059 2544 Brserid - ok
23:07:34.0075 2544 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:07:34.0090 2544 BrSerWdm - ok
23:07:34.0106 2544 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:07:34.0121 2544 BrUsbMdm - ok
23:07:34.0137 2544 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:07:34.0153 2544 BrUsbSer - ok
23:07:34.0168 2544 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:07:34.0199 2544 BTHMODEM - ok
23:07:34.0231 2544 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:07:34.0277 2544 bthserv - ok
23:07:34.0309 2544 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:07:34.0340 2544 cdfs - ok
23:07:34.0355 2544 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:07:34.0371 2544 cdrom - ok
23:07:34.0418 2544 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
23:07:34.0449 2544 CertPropSvc - ok
23:07:34.0465 2544 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:07:34.0480 2544 circlass - ok
23:07:34.0511 2544 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:07:34.0527 2544 CLFS - ok
23:07:34.0589 2544 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:07:34.0605 2544 clr_optimization_v2.0.50727_32 - ok
23:07:34.0730 2544 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:07:34.0792 2544 clr_optimization_v4.0.30319_32 - ok
23:07:34.0808 2544 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:07:34.0839 2544 CmBatt - ok
23:07:34.0855 2544 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:07:34.0855 2544 cmdide - ok
23:07:34.0901 2544 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
23:07:34.0917 2544 CNG - ok
23:07:34.0964 2544 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:07:34.0964 2544 Compbatt - ok
23:07:34.0995 2544 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:07:35.0026 2544 CompositeBus - ok
23:07:35.0042 2544 COMSysApp - ok
23:07:35.0104 2544 [ 7730B883EBB41A576E62E42692395ABA ] cphs C:\Windows\system32\IntelCpHeciSvc.exe
23:07:35.0120 2544 cphs - ok
23:07:35.0135 2544 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:07:35.0135 2544 crcdisk - ok
23:07:35.0182 2544 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:07:35.0213 2544 CryptSvc - ok
23:07:35.0260 2544 [ 5A639B2B630B572FFE9B72448A8A514D ] DBService C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
23:07:35.0276 2544 DBService - ok
23:07:35.0307 2544 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
23:07:35.0354 2544 DcomLaunch - ok
23:07:35.0385 2544 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:07:35.0416 2544 defragsvc - ok
23:07:35.0463 2544 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:07:35.0494 2544 DfsC - ok
23:07:35.0525 2544 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:07:35.0572 2544 Dhcp - ok
23:07:35.0603 2544 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:07:35.0650 2544 discache - ok
23:07:35.0666 2544 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:07:35.0666 2544 Disk - ok
23:07:35.0681 2544 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:07:35.0713 2544 Dnscache - ok
23:07:35.0744 2544 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
23:07:35.0775 2544 dot3svc - ok
23:07:35.0806 2544 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
23:07:35.0853 2544 DPS - ok
23:07:35.0884 2544 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:07:35.0915 2544 drmkaud - ok
23:07:35.0947 2544 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:07:35.0962 2544 DXGKrnl - ok
23:07:35.0978 2544 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:07:36.0025 2544 EapHost - ok
23:07:36.0103 2544 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
23:07:36.0196 2544 ebdrv - ok
23:07:36.0212 2544 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
23:07:36.0227 2544 EFS - ok
23:07:36.0259 2544 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:07:36.0305 2544 ehRecvr - ok
23:07:36.0321 2544 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:07:36.0352 2544 ehSched - ok
23:07:36.0399 2544 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:07:36.0415 2544 elxstor - ok
23:07:36.0430 2544 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:07:36.0446 2544 ErrDev - ok
23:07:36.0477 2544 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:07:36.0508 2544 EventSystem - ok
23:07:36.0539 2544 [ E66710639A292F6341D63B01EE8E8037 ] ewsercd C:\Windows\system32\DRIVERS\ewsercd.sys
23:07:36.0555 2544 ewsercd - ok
23:07:36.0586 2544 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:07:36.0617 2544 exfat - ok
23:07:36.0649 2544 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:07:36.0680 2544 fastfat - ok
23:07:36.0711 2544 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
23:07:36.0742 2544 Fax - ok
23:07:36.0758 2544 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:07:36.0773 2544 fdc - ok
23:07:36.0789 2544 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:07:36.0836 2544 fdPHost - ok
23:07:36.0836 2544 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:07:36.0867 2544 FDResPub - ok
23:07:36.0883 2544 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:07:36.0883 2544 FileInfo - ok
23:07:36.0883 2544 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:07:36.0914 2544 Filetrace - ok
23:07:36.0945 2544 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:07:36.0945 2544 flpydisk - ok
23:07:36.0976 2544 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:07:36.0976 2544 FltMgr - ok
23:07:37.0007 2544 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
23:07:37.0039 2544 FontCache - ok
23:07:37.0085 2544 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:07:37.0101 2544 FontCache3.0.0.0 - ok
23:07:37.0117 2544 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:07:37.0132 2544 FsDepends - ok
23:07:37.0148 2544 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:07:37.0148 2544 Fs_Rec - ok
23:07:37.0179 2544 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:07:37.0195 2544 fvevol - ok
23:07:37.0210 2544 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:07:37.0226 2544 gagp30kx - ok
23:07:37.0241 2544 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
23:07:37.0273 2544 gpsvc - ok
23:07:37.0304 2544 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:07:37.0335 2544 hcw85cir - ok
23:07:37.0366 2544 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:07:37.0382 2544 HdAudAddService - ok
23:07:37.0413 2544 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:07:37.0429 2544 HDAudBus - ok
23:07:37.0460 2544 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:07:37.0475 2544 HidBatt - ok
23:07:37.0491 2544 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:07:37.0507 2544 HidBth - ok
23:07:37.0522 2544 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:07:37.0569 2544 HidIr - ok
23:07:37.0585 2544 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
23:07:37.0616 2544 hidserv - ok
23:07:37.0663 2544 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:07:37.0678 2544 HidUsb - ok
23:07:37.0694 2544 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:07:37.0741 2544 hkmsvc - ok
23:07:37.0772 2544 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:07:37.0803 2544 HomeGroupListener - ok
23:07:37.0834 2544 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:07:37.0865 2544 HomeGroupProvider - ok
23:07:37.0897 2544 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:07:37.0897 2544 HpSAMD - ok
23:07:37.0943 2544 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:07:37.0975 2544 HTTP - ok
23:07:38.0006 2544 [ A89423D0132C8AB69BA621B6CE191714 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:07:38.0021 2544 hwdatacard - ok
23:07:38.0037 2544 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:07:38.0053 2544 hwpolicy - ok
23:07:38.0068 2544 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:07:38.0084 2544 i8042prt - ok
23:07:38.0115 2544 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:07:38.0131 2544 iaStor - ok
23:07:38.0193 2544 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:07:38.0193 2544 IAStorDataMgrSvc - ok
23:07:38.0224 2544 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:07:38.0240 2544 iaStorV - ok
23:07:38.0287 2544 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:07:38.0318 2544 idsvc - ok
23:07:38.0521 2544 [ 1A8CBB05037285B76389FB9441AB42F6 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
23:07:38.0817 2544 igfx - ok
23:07:38.0848 2544 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:07:38.0864 2544 iirsp - ok
23:07:38.0911 2544 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
23:07:38.0957 2544 IKEEXT - ok
23:07:39.0051 2544 [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:07:39.0098 2544 IntcAzAudAddService - ok
23:07:39.0145 2544 [ 7081EFE4EBF9CBBFF4EB5A3AC478DDC5 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
23:07:39.0160 2544 IntcDAud - ok
23:07:39.0191 2544 [ CD0943496A57B1DCDBDDA588FA432A2F ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:07:39.0223 2544 Intel(R) Capability Licensing Service Interface - ok
23:07:39.0238 2544 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
23:07:39.0238 2544 intelide - ok
23:07:39.0269 2544 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:07:39.0285 2544 intelppm - ok
23:07:39.0301 2544 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:07:39.0332 2544 IPBusEnum - ok
23:07:39.0347 2544 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:07:39.0363 2544 IpFilterDriver - ok
23:07:39.0394 2544 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:07:39.0441 2544 iphlpsvc - ok
23:07:39.0457 2544 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:07:39.0472 2544 IPMIDRV - ok
23:07:39.0488 2544 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:07:39.0519 2544 IPNAT - ok
23:07:39.0550 2544 [ 9F7E491FB0BA0F9E370163834FC1FE31 ] irda C:\Windows\system32\DRIVERS\irda.sys
23:07:39.0581 2544 irda - ok
23:07:39.0597 2544 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:07:39.0628 2544 IRENUM - ok
23:07:39.0644 2544 [ 4220D2F03D5C4226D0A1AA4B84025E45 ] Irmon C:\Windows\System32\irmon.dll
23:07:39.0659 2544 Irmon - ok
23:07:39.0691 2544 [ D04DA73127FFED720DFC4EB673A23E04 ] irsir C:\Windows\system32\DRIVERS\irsir.sys
23:07:39.0706 2544 irsir - ok
23:07:39.0722 2544 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:07:39.0737 2544 isapnp - ok
23:07:39.0737 2544 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:07:39.0753 2544 iScsiPrt - ok
23:07:39.0784 2544 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:07:39.0784 2544 kbdclass - ok
23:07:39.0800 2544 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:07:39.0831 2544 kbdhid - ok
23:07:39.0862 2544 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
23:07:39.0878 2544 KeyIso - ok
23:07:39.0893 2544 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:07:39.0909 2544 KSecDD - ok
23:07:39.0909 2544 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:07:39.0925 2544 KSecPkg - ok
23:07:39.0956 2544 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:07:39.0987 2544 KtmRm - ok
23:07:40.0018 2544 [ AF87B68B1C23FE8C69808C4FFBD13ED7 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
23:07:40.0018 2544 L1C - ok
23:07:40.0049 2544 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
23:07:40.0081 2544 LanmanServer - ok
23:07:40.0127 2544 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:07:40.0174 2544 LanmanWorkstation - ok
23:07:40.0205 2544 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:07:40.0221 2544 lltdio - ok
23:07:40.0252 2544 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:07:40.0268 2544 lltdsvc - ok
23:07:40.0283 2544 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:07:40.0315 2544 lmhosts - ok
23:07:40.0330 2544 [ 1536D1C328E1B32E962DDBCEA70C74A6 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:07:40.0346 2544 LMS - ok
23:07:40.0377 2544 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:07:40.0377 2544 LSI_FC - ok
23:07:40.0377 2544 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:07:40.0393 2544 LSI_SAS - ok
23:07:40.0408 2544 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:07:40.0408 2544 LSI_SAS2 - ok
23:07:40.0424 2544 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:07:40.0424 2544 LSI_SCSI - ok
23:07:40.0439 2544 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:07:40.0471 2544 luafv - ok
23:07:40.0486 2544 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:07:40.0502 2544 MBAMProtector - ok
23:07:40.0533 2544 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:07:40.0549 2544 MBAMService - ok
23:07:40.0595 2544 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
23:07:40.0611 2544 McComponentHostService - ok
23:07:40.0642 2544 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:07:40.0673 2544 Mcx2Svc - ok
23:07:40.0689 2544 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:07:40.0705 2544 megasas - ok
23:07:40.0720 2544 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:07:40.0736 2544 MegaSR - ok
23:07:40.0767 2544 [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
23:07:40.0814 2544 MEI - ok
23:07:40.0861 2544 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:07:40.0876 2544 Microsoft Office Groove Audit Service - ok
23:07:40.0892 2544 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:07:40.0923 2544 MMCSS - ok
23:07:40.0939 2544 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:07:40.0970 2544 Modem - ok
23:07:41.0001 2544 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:07:41.0017 2544 monitor - ok
23:07:41.0032 2544 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:07:41.0032 2544 mouclass - ok
23:07:41.0048 2544 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:07:41.0079 2544 mouhid - ok
23:07:41.0095 2544 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:07:41.0110 2544 mountmgr - ok
23:07:41.0141 2544 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:07:41.0157 2544 MozillaMaintenance - ok
23:07:41.0173 2544 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
23:07:41.0188 2544 mpio - ok
23:07:41.0204 2544 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:07:41.0235 2544 mpsdrv - ok
23:07:41.0266 2544 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:07:41.0297 2544 MpsSvc - ok
23:07:41.0313 2544 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:07:41.0329 2544 MRxDAV - ok
23:07:41.0344 2544 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:07:41.0375 2544 mrxsmb - ok
23:07:41.0407 2544 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:07:41.0422 2544 mrxsmb10 - ok
23:07:41.0438 2544 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:07:41.0453 2544 mrxsmb20 - ok
23:07:41.0469 2544 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
23:07:41.0469 2544 msahci - ok
23:07:41.0500 2544 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:07:41.0500 2544 msdsm - ok
23:07:41.0531 2544 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:07:41.0547 2544 MSDTC - ok
23:07:41.0578 2544 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:07:41.0609 2544 Msfs - ok
23:07:41.0641 2544 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:07:41.0672 2544 mshidkmdf - ok
23:07:41.0687 2544 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:07:41.0703 2544 msisadrv - ok
23:07:41.0734 2544 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:07:41.0765 2544 MSiSCSI - ok
23:07:41.0765 2544 msiserver - ok
23:07:41.0781 2544 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:07:41.0812 2544 MSKSSRV - ok
23:07:41.0828 2544 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:07:41.0859 2544 MSPCLOCK - ok
23:07:41.0859 2544 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:07:41.0890 2544 MSPQM - ok
23:07:41.0906 2544 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:07:41.0906 2544 MsRPC - ok
23:07:41.0921 2544 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:07:41.0921 2544 mssmbios - ok
23:07:41.0937 2544 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:07:41.0953 2544 MSTEE - ok
23:07:41.0968 2544 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:07:41.0968 2544 MTConfig - ok
23:07:41.0968 2544 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:07:41.0984 2544 Mup - ok
23:07:41.0999 2544 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
23:07:42.0046 2544 napagent - ok
23:07:42.0077 2544 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:07:42.0093 2544 NativeWifiP - ok
23:07:42.0124 2544 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:07:42.0140 2544 NDIS - ok
23:07:42.0155 2544 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:07:42.0171 2544 NdisCap - ok
23:07:42.0187 2544 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:07:42.0233 2544 NdisTapi - ok
23:07:42.0265 2544 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:07:42.0280 2544 Ndisuio - ok
23:07:42.0296 2544 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:07:42.0327 2544 NdisWan - ok
23:07:42.0343 2544 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:07:42.0358 2544 NDProxy - ok
23:07:42.0421 2544 [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
23:07:42.0452 2544 Nero BackItUp Scheduler 3 - ok
23:07:42.0467 2544 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:07:42.0499 2544 NetBIOS - ok
23:07:42.0530 2544 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:07:42.0561 2544 NetBT - ok
23:07:42.0577 2544 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
23:07:42.0592 2544 Netlogon - ok
23:07:42.0608 2544 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:07:42.0670 2544 Netman - ok
23:07:42.0670 2544 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:07:42.0717 2544 netprofm - ok
23:07:42.0733 2544 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:07:42.0733 2544 NetTcpPortSharing - ok
23:07:42.0764 2544 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:07:42.0764 2544 nfrd960 - ok
23:07:42.0795 2544 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:07:42.0811 2544 NlaSvc - ok
23:07:42.0857 2544 [ D36107465E716CF2335A25C54B6D11C2 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
23:07:42.0873 2544 NMIndexingService - ok
23:07:42.0889 2544 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:07:42.0920 2544 Npfs - ok
23:07:42.0935 2544 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:07:42.0967 2544 nsi - ok
23:07:42.0967 2544 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:07:42.0998 2544 nsiproxy - ok
23:07:43.0045 2544 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:07:43.0091 2544 Ntfs - ok
23:07:43.0107 2544 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:07:43.0138 2544 Null - ok
23:07:43.0154 2544 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:07:43.0154 2544 nvraid - ok
23:07:43.0185 2544 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:07:43.0185 2544 nvstor - ok
23:07:43.0216 2544 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:07:43.0216 2544 nv_agp - ok
23:07:43.0294 2544 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:07:43.0325 2544 odserv - ok
23:07:43.0341 2544 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:07:43.0357 2544 ohci1394 - ok
23:07:43.0403 2544 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:07:43.0419 2544 ose - ok
23:07:43.0435 2544 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:07:43.0481 2544 p2pimsvc - ok
23:07:43.0513 2544 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:07:43.0544 2544 p2psvc - ok
23:07:43.0559 2544 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:07:43.0591 2544 Parport - ok
23:07:43.0606 2544 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:07:43.0622 2544 partmgr - ok
23:07:43.0622 2544 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
23:07:43.0653 2544 Parvdm - ok
23:07:43.0669 2544 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:07:43.0700 2544 PcaSvc - ok
23:07:43.0700 2544 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
23:07:43.0715 2544 pci - ok
23:07:43.0747 2544 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
23:07:43.0762 2544 pciide - ok
23:07:43.0778 2544 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:07:43.0793 2544 pcmcia - ok
23:07:43.0809 2544 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:07:43.0825 2544 pcw - ok
23:07:43.0856 2544 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:07:43.0871 2544 PEAUTH - ok
23:07:43.0918 2544 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
23:07:43.0981 2544 pla - ok
23:07:44.0027 2544 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:07:44.0059 2544 PlugPlay - ok
23:07:44.0074 2544 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:07:44.0105 2544 PNRPAutoReg - ok
23:07:44.0137 2544 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:07:44.0168 2544 PNRPsvc - ok
23:07:44.0183 2544 [ 896D916DE06F5502D301E8C4DC442AE8 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
23:07:44.0183 2544 Point32 - ok
23:07:44.0215 2544 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:07:44.0261 2544 PolicyAgent - ok
23:07:44.0277 2544 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
23:07:44.0308 2544 Power - ok
23:07:44.0339 2544 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:07:44.0371 2544 PptpMiniport - ok
23:07:44.0371 2544 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:07:44.0386 2544 Processor - ok
23:07:44.0417 2544 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
23:07:44.0433 2544 ProfSvc - ok
23:07:44.0449 2544 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:07:44.0464 2544 ProtectedStorage - ok
23:07:44.0480 2544 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:07:44.0495 2544 Psched - ok
23:07:44.0542 2544 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:07:44.0589 2544 ql2300 - ok
23:07:44.0620 2544 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:07:44.0636 2544 ql40xx - ok
23:07:44.0651 2544 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:07:44.0667 2544 QWAVE - ok
23:07:44.0683 2544 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:07:44.0698 2544 QWAVEdrv - ok
23:07:44.0714 2544 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:07:44.0745 2544 RasAcd - ok
23:07:44.0761 2544 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:07:44.0792 2544 RasAgileVpn - ok
23:07:44.0792 2544 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:07:44.0823 2544 RasAuto - ok
23:07:44.0839 2544 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:07:44.0854 2544 Rasl2tp - ok
23:07:44.0885 2544 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
23:07:44.0901 2544 RasMan - ok
23:07:44.0901 2544 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:07:44.0932 2544 RasPppoe - ok
23:07:44.0948 2544 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:07:44.0963 2544 RasSstp - ok
23:07:44.0995 2544 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:07:45.0010 2544 rdbss - ok
23:07:45.0010 2544 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:07:45.0041 2544 rdpbus - ok
23:07:45.0041 2544 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:07:45.0073 2544 RDPCDD - ok
23:07:45.0104 2544 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:07:45.0135 2544 RDPENCDD - ok
23:07:45.0151 2544 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:07:45.0182 2544 RDPREFMP - ok
23:07:45.0213 2544 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:07:45.0244 2544 RDPWD - ok
23:07:45.0275 2544 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:07:45.0291 2544 rdyboost - ok
23:07:45.0322 2544 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:07:45.0338 2544 RemoteAccess - ok
23:07:45.0353 2544 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:07:45.0385 2544 RemoteRegistry - ok
23:07:45.0400 2544 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:07:45.0431 2544 RpcEptMapper - ok
23:07:45.0447 2544 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:07:45.0463 2544 RpcLocator - ok
23:07:45.0463 2544 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
23:07:45.0494 2544 RpcSs - ok
23:07:45.0509 2544 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:07:45.0525 2544 rspndr - ok
23:07:45.0556 2544 [ 83E64D86A4D888D973DE824780567518 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
23:07:45.0572 2544 RTL8192su - ok
23:07:45.0587 2544 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
23:07:45.0587 2544 SamSs - ok
23:07:45.0619 2544 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:07:45.0619 2544 sbp2port - ok
23:07:45.0650 2544 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:07:45.0665 2544 SCardSvr - ok
23:07:45.0681 2544 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:07:45.0712 2544 scfilter - ok
23:07:45.0743 2544 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
23:07:45.0775 2544 Schedule - ok
23:07:45.0790 2544 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:07:45.0821 2544 SCPolicySvc - ok
23:07:45.0837 2544 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:07:45.0853 2544 SDRSVC - ok
23:07:45.0884 2544 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:07:45.0899 2544 secdrv - ok
23:07:45.0915 2544 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:07:45.0946 2544 seclogon - ok
23:07:45.0962 2544 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
23:07:45.0993 2544 SENS - ok
23:07:46.0009 2544 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:07:46.0040 2544 SensrSvc - ok
23:07:46.0055 2544 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:07:46.0087 2544 Serenum - ok
23:07:46.0102 2544 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:07:46.0118 2544 Serial - ok
23:07:46.0133 2544 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:07:46.0165 2544 sermouse - ok
23:07:46.0196 2544 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
23:07:46.0243 2544 SessionEnv - ok
23:07:46.0258 2544 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:07:46.0289 2544 sffdisk - ok
23:07:46.0289 2544 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:07:46.0305 2544 sffp_mmc - ok
23:07:46.0321 2544 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:07:46.0336 2544 sffp_sd - ok
23:07:46.0352 2544 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:07:46.0383 2544 sfloppy - ok
23:07:46.0399 2544 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:07:46.0430 2544 SharedAccess - ok
23:07:46.0445 2544 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:07:46.0477 2544 ShellHWDetection - ok
23:07:46.0492 2544 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:07:46.0508 2544 sisagp - ok
23:07:46.0523 2544 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:07:46.0523 2544 SiSRaid2 - ok
23:07:46.0555 2544 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:07:46.0570 2544 SiSRaid4 - ok
23:07:46.0586 2544 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:07:46.0617 2544 Smb - ok
23:07:46.0648 2544 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:07:46.0664 2544 SNMPTRAP - ok
23:07:46.0679 2544 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:07:46.0679 2544 spldr - ok
23:07:46.0695 2544 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
23:07:46.0726 2544 Spooler - ok
23:07:46.0789 2544 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
23:07:46.0867 2544 sppsvc - ok
23:07:46.0882 2544 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:07:46.0929 2544 sppuinotify - ok
23:07:46.0960 2544 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:07:46.0991 2544 srv - ok
23:07:47.0007 2544 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:07:47.0023 2544 srv2 - ok
23:07:47.0023 2544 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:07:47.0038 2544 srvnet - ok
23:07:47.0054 2544 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:07:47.0085 2544 SSDPSRV - ok
23:07:47.0101 2544 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:07:47.0101 2544 ssmdrv - ok
23:07:47.0116 2544 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:07:47.0147 2544 SstpSvc - ok
23:07:47.0147 2544 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:07:47.0163 2544 stexstor - ok
23:07:47.0194 2544 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
23:07:47.0225 2544 StiSvc - ok
23:07:47.0241 2544 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
23:07:47.0241 2544 swenum - ok
23:07:47.0272 2544 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:07:47.0303 2544 swprv - ok
23:07:47.0335 2544 [ CD77FD9B0071D2F36B14CC23DDE1AAD0 ] SXDS10 C:\Program Files\Common Files\soft Xpansion\sxds10.exe
23:07:47.0335 2544 SXDS10 ( UnsignedFile.Multi.Generic ) - warning
23:07:47.0335 2544 SXDS10 - detected UnsignedFile.Multi.Generic (1)
23:07:47.0366 2544 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
23:07:47.0413 2544 SysMain - ok
23:07:47.0413 2544 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:07:47.0444 2544 TabletInputService - ok
23:07:47.0459 2544 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
23:07:47.0491 2544 TapiSrv - ok
23:07:47.0506 2544 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:07:47.0522 2544 TBS - ok
23:07:47.0553 2544 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:07:47.0600 2544 Tcpip - ok
23:07:47.0631 2544 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:07:47.0647 2544 TCPIP6 - ok
23:07:47.0678 2544 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:07:47.0725 2544 tcpipreg - ok
23:07:47.0740 2544 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:07:47.0771 2544 TDPIPE - ok
23:07:47.0787 2544 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:07:47.0818 2544 TDTCP - ok
23:07:47.0834 2544 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:07:47.0865 2544 tdx - ok
23:07:47.0896 2544 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:07:47.0896 2544 TermDD - ok
23:07:47.0927 2544 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
23:07:47.0959 2544 TermService - ok
23:07:47.0974 2544 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:07:48.0005 2544 Themes - ok
23:07:48.0005 2544 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:07:48.0021 2544 THREADORDER - ok
23:07:48.0052 2544 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:07:48.0083 2544 TrkWks - ok
23:07:48.0115 2544 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:07:48.0161 2544 TrustedInstaller - ok
23:07:48.0193 2544 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:07:48.0208 2544 tssecsrv - ok
23:07:48.0224 2544 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:07:48.0255 2544 TsUsbFlt - ok
23:07:48.0271 2544 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:07:48.0302 2544 tunnel - ok
23:07:48.0317 2544 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:07:48.0317 2544 uagp35 - ok
23:07:48.0349 2544 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:07:48.0380 2544 udfs - ok
23:07:48.0395 2544 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:07:48.0411 2544 UI0Detect - ok
23:07:48.0442 2544 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:07:48.0458 2544 uliagpkx - ok
23:07:48.0473 2544 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:07:48.0473 2544 umbus - ok
23:07:48.0489 2544 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:07:48.0505 2544 UmPass - ok
23:07:48.0551 2544 [ 3D9D81B434031EB92744AFB329D6E4F1 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:07:48.0567 2544 UNS - ok
23:07:48.0583 2544 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:07:48.0645 2544 upnphost - ok
23:07:48.0661 2544 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:07:48.0692 2544 usbccgp - ok
23:07:48.0723 2544 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:07:48.0739 2544 usbcir - ok
23:07:48.0754 2544 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:07:48.0770 2544 usbehci - ok
23:07:48.0801 2544 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:07:48.0817 2544 usbhub - ok
23:07:48.0832 2544 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:07:48.0832 2544 usbohci - ok
23:07:48.0848 2544 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:07:48.0879 2544 usbprint - ok
23:07:48.0895 2544 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:07:48.0910 2544 usbscan - ok
23:07:48.0926 2544 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:07:48.0941 2544 USBSTOR - ok
23:07:48.0957 2544 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:07:48.0957 2544 usbuhci - ok
23:07:48.0973 2544 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:07:49.0004 2544 UxSms - ok
23:07:49.0004 2544 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
23:07:49.0019 2544 VaultSvc - ok
23:07:49.0035 2544 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:07:49.0051 2544 vdrvroot - ok
23:07:49.0066 2544 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
23:07:49.0113 2544 vds - ok
23:07:49.0113 2544 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:07:49.0144 2544 vga - ok
23:07:49.0160 2544 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:07:49.0191 2544 VgaSave - ok
23:07:49.0222 2544 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:07:49.0238 2544 vhdmp - ok
23:07:49.0253 2544 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:07:49.0269 2544 viaagp - ok
23:07:49.0269 2544 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
23:07:49.0300 2544 ViaC7 - ok
23:07:49.0316 2544 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
23:07:49.0316 2544 viaide - ok
23:07:49.0331 2544 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:07:49.0331 2544 volmgr - ok
23:07:49.0347 2544 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:07:49.0363 2544 volmgrx - ok
23:07:49.0378 2544 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:07:49.0378 2544 volsnap - ok
23:07:49.0409 2544 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:07:49.0425 2544 vsmraid - ok
23:07:49.0456 2544 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
23:07:49.0487 2544 VSS - ok
23:07:49.0487 2544 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:07:49.0519 2544 vwifibus - ok
23:07:49.0519 2544 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:07:49.0534 2544 vwififlt - ok
23:07:49.0565 2544 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:07:49.0597 2544 W32Time - ok
23:07:49.0628 2544 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:07:49.0659 2544 WacomPen - ok
23:07:49.0690 2544 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:07:49.0737 2544 WANARP - ok
23:07:49.0737 2544 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:07:49.0753 2544 Wanarpv6 - ok
23:07:49.0784 2544 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
23:07:49.0831 2544 wbengine - ok
23:07:49.0862 2544 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:07:49.0877 2544 WbioSrvc - ok
23:07:49.0909 2544 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:07:49.0924 2544 wcncsvc - ok
23:07:49.0940 2544 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:07:49.0955 2544 WcsPlugInService - ok
23:07:49.0971 2544 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:07:49.0987 2544 Wd - ok
23:07:50.0002 2544 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:07:50.0018 2544 Wdf01000 - ok
23:07:50.0033 2544 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:07:50.0049 2544 WdiServiceHost - ok
23:07:50.0065 2544 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:07:50.0065 2544 WdiSystemHost - ok
23:07:50.0096 2544 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
23:07:50.0127 2544 WebClient - ok
23:07:50.0143 2544 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:07:50.0174 2544 Wecsvc - ok
23:07:50.0205 2544 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:07:50.0221 2544 wercplsupport - ok
23:07:50.0252 2544 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:07:50.0283 2544 WerSvc - ok
23:07:50.0314 2544 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:07:50.0345 2544 WfpLwf - ok
23:07:50.0345 2544 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:07:50.0361 2544 WIMMount - ok
23:07:50.0392 2544 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:07:50.0423 2544 WinDefend - ok
23:07:50.0423 2544 WinHttpAutoProxySvc - ok
23:07:50.0455 2544 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:07:50.0486 2544 Winmgmt - ok
23:07:50.0517 2544 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
23:07:50.0595 2544 WinRM - ok
23:07:50.0642 2544 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:07:50.0673 2544 Wlansvc - ok
23:07:50.0689 2544 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:07:50.0704 2544 WmiAcpi - ok
23:07:50.0720 2544 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:07:50.0751 2544 wmiApSrv - ok
23:07:50.0798 2544 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:07:50.0829 2544 WMPNetworkSvc - ok
23:07:50.0845 2544 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:07:50.0891 2544 WPCSvc - ok
23:07:50.0891 2544 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:07:50.0907 2544 WPDBusEnum - ok
23:07:50.0923 2544 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:07:50.0969 2544 ws2ifsl - ok
23:07:51.0001 2544 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
23:07:51.0032 2544 wscsvc - ok
23:07:51.0032 2544 WSearch - ok
23:07:51.0063 2544 [ 534C2D3D81B066FA24A075C224045654 ] WTGService C:\Program Files\Verbindungsassistent\WTGService.exe
23:07:51.0079 2544 WTGService - ok
23:07:51.0141 2544 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:07:51.0235 2544 wuauserv - ok
23:07:51.0250 2544 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:07:51.0297 2544 WudfPf - ok
23:07:51.0313 2544 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:07:51.0328 2544 WUDFRd - ok
23:07:51.0359 2544 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:07:51.0375 2544 wudfsvc - ok
23:07:51.0391 2544 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:07:51.0422 2544 WwanSvc - ok
23:07:51.0453 2544 [ AD9DEE1257C7659083268F298890CE16 ] X6XSEx C:\Program Files\Free Ride Games\X6XSEx.Sys
23:07:51.0469 2544 X6XSEx - ok
23:07:51.0469 2544 ================ Scan global ===============================
23:07:51.0500 2544 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:07:51.0531 2544 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:07:51.0531 2544 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
23:07:51.0562 2544 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:07:51.0578 2544 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:07:51.0593 2544 [Global] - ok
23:07:51.0593 2544 ================ Scan MBR ==================================
23:07:51.0593 2544 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:07:51.0859 2544 \Device\Harddisk0\DR0 - ok
23:07:51.0859 2544 ================ Scan VBR ==================================
23:07:51.0859 2544 [ 96C33EFEFCFAFC19C1F96A2450C30AB0 ] \Device\Harddisk0\DR0\Partition1
23:07:51.0859 2544 \Device\Harddisk0\DR0\Partition1 - ok
23:07:51.0890 2544 [ AF5AB8BFCEB76DFE588778FB09E5B3FE ] \Device\Harddisk0\DR0\Partition2
23:07:51.0890 2544 \Device\Harddisk0\DR0\Partition2 - ok
23:07:51.0921 2544 [ 65B67FC9219CEA115AEC11438613FDA3 ] \Device\Harddisk0\DR0\Partition3
23:07:51.0921 2544 \Device\Harddisk0\DR0\Partition3 - ok
23:07:51.0921 2544 ============================================================
23:07:51.0921 2544 Scan finished
23:07:51.0921 2544 ============================================================
23:07:51.0937 0248 Detected object count: 1
23:07:51.0937 0248 Actual detected object count: 1
23:11:09.0792 0248 SXDS10 ( UnsignedFile.Multi.Generic ) - skipped by user
23:11:09.0792 0248 SXDS10 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
06.09.2012, 14:33
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
06.09.2012, 17:03
| #19 |
| | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Hier das Combofix Log: Code:
ATTFilter ComboFix 12-09-06.01 - Anwender 06.09.2012 17:48:30.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3050.2045 [GMT 2:00]
ausgeführt von:: c:\users\Anwender\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-06 bis 2012-09-06 ))))))))))))))))))))))))))))))
.
.
2012-09-06 15:52 . 2012-09-06 15:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-03 13:25 . 2012-09-03 13:25 -------- d-----w- c:\program files\ESET
2012-08-31 15:01 . 2012-08-31 15:01 -------- d-----w- c:\users\Anwender\AppData\Roaming\Malwarebytes
2012-08-31 15:01 . 2012-08-31 15:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-31 15:01 . 2012-08-31 15:01 -------- d-----w- c:\programdata\Malwarebytes
2012-08-31 15:01 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-31 06:35 . 2012-08-31 14:52 -------- d-----w- c:\programdata\AVAST Software
2012-08-31 06:35 . 2012-08-31 06:35 -------- d-----w- c:\program files\AVAST Software
2012-08-31 06:30 . 2010-11-20 02:17 302592 ----a-w- c:\windows\system32\utilman.exe
2012-08-30 19:40 . 2012-08-30 19:40 -------- d-----w- c:\program files\Belkin
2012-08-30 19:40 . 2012-08-30 19:40 -------- d-----w- c:\windows\{113016FE-E013-4FAF-85FB-8649DEED76B2}
2012-08-29 20:27 . 2012-08-31 16:18 -------- d-----w- c:\users\Anwender\AppData\Roaming\Uurlrr
2012-08-29 08:46 . 2012-08-30 06:56 -------- d-----w- c:\users\Anwender\Zrrlshn
2012-08-15 15:01 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 15:01 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 15:01 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 15:01 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 15:00 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 15:00 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 15:00 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 10:38 . 2012-07-07 15:26 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-15 10:38 . 2012-07-07 15:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-07 15:13 . 2012-07-07 15:13 257376 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sxppdf6_p.dll
2012-07-07 07:24 . 2012-07-07 07:24 100224 ----a-w- c:\windows\system32\drivers\ewsercd.sys
2012-07-04 14:29 . 2012-07-04 14:29 65536 ----a-r- c:\users\Anwender\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2012-07-04 09:30 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-07-04 08:24 . 2012-07-04 08:24 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-07-04 08:24 . 2012-07-04 08:24 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-07-04 08:24 . 2012-07-04 08:24 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-07-04 08:24 . 2012-07-04 08:24 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-07-04 08:24 . 2012-07-04 08:24 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-07-04 08:24 . 2012-07-04 08:24 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-07-04 08:24 . 2012-07-04 08:24 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-07-04 08:24 . 2012-07-04 08:24 367104 ----a-w- c:\windows\system32\html.iec
2012-07-04 08:24 . 2012-07-04 08:24 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-07-04 08:24 . 2012-07-04 08:24 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-04 08:24 . 2012-07-04 08:24 161792 ----a-w- c:\windows\system32\msls31.dll
2012-07-04 08:24 . 2012-07-04 08:24 152064 ----a-w- c:\windows\system32\wextract.exe
2012-07-04 08:24 . 2012-07-04 08:24 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-07-04 08:24 . 2012-07-04 08:24 11776 ----a-w- c:\windows\system32\mshta.exe
2012-07-04 08:24 . 2012-07-04 08:24 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-07-04 08:24 . 2012-07-04 08:24 101888 ----a-w- c:\windows\system32\admparse.dll
2012-06-19 14:54 . 2012-07-23 20:28 3240400 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2012-06-18 01:14 . 2012-07-04 08:22 6762896 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60FF4548-1A1F-4F18-A56F-FBC726E7A54B}\mpengine.dll
2012-08-02 11:09 . 2012-07-07 07:47 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BDA33FF0-AD30-4335-9082-D5967EADB37D}"= "c:\program files\DATA BECKER\PDF Genie 5.0\iexp32.dll" [2012-07-07 510608]
.
[HKEY_CLASSES_ROOT\clsid\{bda33ff0-ad30-4335-9082-d5967eadb37d}]
[HKEY_CLASSES_ROOT\PDF6IE.IEBarBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{1EB97E8E-33AC-4872-B9EC-B9F0B91DE35B}]
[HKEY_CLASSES_ROOT\PDF6IE.IEBarBand]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"Exetender"="c:\program files\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-09 348664]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-21 144704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-21 180544]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-21 188224]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-12-04 665424]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"="c:\program files\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logons]
2009-07-14 01:14 147456 ----a-w- c:\users\Anwender\AppData\Roaming\logons.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AsrCDDrv;AsrCDDrv;c:\windows\system32\Drivers\AsrCDDrv.sys [x]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\system32\IntelCpHeciSvc.exe [x]
R3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\DRIVERS\ewsercd.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 SXDS10;soft Xpansion Dispatch Service;c:\program files\Common Files\soft Xpansion\sxds10.exe \Service [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 asahci32;asahci32;c:\windows\system32\DRIVERS\asahci32.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 DBService;DATA BECKER Update Service;c:\program files\Common Files\DATA BECKER Shared\DBService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WTGService;WTGService;c:\program files\Verbindungsassistent\WTGService.exe [x]
S2 X6XSEx;X6XSEx;c:\program files\Free Ride Games\X6XSEx.Sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 10:38]
.
2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-857302832-1272101758-2402345916-1000Core.job
- c:\users\Anwender\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 11:05]
.
2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-857302832-1272101758-2402345916-1000UA.job
- c:\users\Anwender\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 11:05]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://mystart.incredimail.com/mb135?a=6OyHcmxOed
mStart Page = hxxp://www.google.com
mWindow Title = Arcor AG & Co. KG
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\sbo2ndgd.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/mb135?a=6PQIEfbfVV
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/mb134/?loc=ff_address_bar&a=6OyHcmxOed&search=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Arcor Online - (no file)
HKLM-Run-TaskTray - (no file)
HKLM-Run-Arcor Online - (no file)
MSConfigStartUp-4E5B272F - c:\users\Anwender\AppData\Roaming\Uurlrr\eueplelblu.exe
AddRemove-_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91} - c:\program files\Corel\CorelDRAW Graphics Suite 13\Programs\MSILauncher {7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-06 17:54:19
ComboFix-quarantined-files.txt 2012-09-06 15:54
.
Vor Suchlauf: 8 Verzeichnis(se), 212.368.490.496 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 213.100.015.616 Bytes frei
.
- - End Of File - - 47EA3A3A385DA7F4F4C00D9EA4549EF1
Kann ich zwischenzeitlich schon mal die verschlüsselten Dateien wiederherstellen (mittels Schattenkopien) oder ist das nicht so günstig...? |
|
06.09.2012, 20:17
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Mach dich an die Entschlüsselung ran wenn wir durch sind! Und bevor du irgendwas versuchst zu reparieren Backup der verschlüsselten Dateien machen bevor du noch mehr kaputtmachst! Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter Folder::
c:\users\Anwender\AppData\Roaming\Uurlrr
c:\users\Anwender\Zrrlshn
Firefox::
FF - ProfilePath - c:\users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\sbo2ndgd.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - http://mystart.incredimail.com/mb135?a=6PQIEfbfVV
FF - prefs.js: keyword.URL - http://mystart.incredimail.com/mb134/?loc=ff_address_bar&a=6OyHcmxOed&search=
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2012, 22:28
| #21 | |
| | Gesperrtes System_Trojaner Bundespolizei_Win7 32bitZitat:
 Aber das konntest Du ja nicht wissen! ;-) Hier also das Log: Code:
ATTFilter ComboFix 12-09-06.02 - Anwender 06.09.2012 22:58:00.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3050.2084 [GMT 2:00]
ausgeführt von:: c:\users\Anwender\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Anwender\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Anwender\AppData\Roaming\Uurlrr
c:\users\Anwender\Zrrlshn
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-06 bis 2012-09-06 ))))))))))))))))))))))))))))))
.
.
2012-09-06 21:01 . 2012-09-06 21:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-03 13:25 . 2012-09-03 13:25 -------- d-----w- c:\program files\ESET
2012-08-31 15:01 . 2012-08-31 15:01 -------- d-----w- c:\users\Anwender\AppData\Roaming\Malwarebytes
2012-08-31 15:01 . 2012-08-31 15:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-31 15:01 . 2012-08-31 15:01 -------- d-----w- c:\programdata\Malwarebytes
2012-08-31 15:01 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-31 06:35 . 2012-08-31 14:52 -------- d-----w- c:\programdata\AVAST Software
2012-08-31 06:35 . 2012-08-31 06:35 -------- d-----w- c:\program files\AVAST Software
2012-08-31 06:30 . 2010-11-20 02:17 302592 ----a-w- c:\windows\system32\utilman.exe
2012-08-30 19:40 . 2012-08-30 19:40 -------- d-----w- c:\program files\Belkin
2012-08-30 19:40 . 2012-08-30 19:40 -------- d-----w- c:\windows\{113016FE-E013-4FAF-85FB-8649DEED76B2}
2012-08-15 15:01 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 15:01 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 15:01 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 15:01 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 15:00 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 15:00 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 15:00 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 10:38 . 2012-07-07 15:26 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-15 10:38 . 2012-07-07 15:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-07 15:13 . 2012-07-07 15:13 257376 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sxppdf6_p.dll
2012-07-07 07:24 . 2012-07-07 07:24 100224 ----a-w- c:\windows\system32\drivers\ewsercd.sys
2012-07-04 14:29 . 2012-07-04 14:29 65536 ----a-r- c:\users\Anwender\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2012-07-04 09:30 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-07-04 08:24 . 2012-07-04 08:24 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-07-04 08:24 . 2012-07-04 08:24 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-07-04 08:24 . 2012-07-04 08:24 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-07-04 08:24 . 2012-07-04 08:24 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-07-04 08:24 . 2012-07-04 08:24 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-07-04 08:24 . 2012-07-04 08:24 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-07-04 08:24 . 2012-07-04 08:24 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-07-04 08:24 . 2012-07-04 08:24 367104 ----a-w- c:\windows\system32\html.iec
2012-07-04 08:24 . 2012-07-04 08:24 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-07-04 08:24 . 2012-07-04 08:24 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-04 08:24 . 2012-07-04 08:24 161792 ----a-w- c:\windows\system32\msls31.dll
2012-07-04 08:24 . 2012-07-04 08:24 152064 ----a-w- c:\windows\system32\wextract.exe
2012-07-04 08:24 . 2012-07-04 08:24 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-07-04 08:24 . 2012-07-04 08:24 11776 ----a-w- c:\windows\system32\mshta.exe
2012-07-04 08:24 . 2012-07-04 08:24 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-07-04 08:24 . 2012-07-04 08:24 101888 ----a-w- c:\windows\system32\admparse.dll
2012-06-19 14:54 . 2012-07-23 20:28 3240400 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2012-06-18 01:14 . 2012-07-04 08:22 6762896 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60FF4548-1A1F-4F18-A56F-FBC726E7A54B}\mpengine.dll
2012-08-02 11:09 . 2012-07-07 07:47 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BDA33FF0-AD30-4335-9082-D5967EADB37D}"= "c:\program files\DATA BECKER\PDF Genie 5.0\iexp32.dll" [2012-07-07 510608]
.
[HKEY_CLASSES_ROOT\clsid\{bda33ff0-ad30-4335-9082-d5967eadb37d}]
[HKEY_CLASSES_ROOT\PDF6IE.IEBarBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{1EB97E8E-33AC-4872-B9EC-B9F0B91DE35B}]
[HKEY_CLASSES_ROOT\PDF6IE.IEBarBand]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"Exetender"="c:\program files\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-09 348664]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-21 144704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-21 180544]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-21 188224]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-12-04 665424]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-11 10996368]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Exetender"="c:\program files\Free Ride Games\GPlayer.exe" [2012-03-21 4862384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logons]
2009-07-14 01:14 147456 ----a-w- c:\users\Anwender\AppData\Roaming\logons.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AsrCDDrv;AsrCDDrv;c:\windows\system32\Drivers\AsrCDDrv.sys [x]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\system32\IntelCpHeciSvc.exe [x]
R3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\DRIVERS\ewsercd.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 SXDS10;soft Xpansion Dispatch Service;c:\program files\Common Files\soft Xpansion\sxds10.exe \Service [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 asahci32;asahci32;c:\windows\system32\DRIVERS\asahci32.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 DBService;DATA BECKER Update Service;c:\program files\Common Files\DATA BECKER Shared\DBService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WTGService;WTGService;c:\program files\Verbindungsassistent\WTGService.exe [x]
S2 X6XSEx;X6XSEx;c:\program files\Free Ride Games\X6XSEx.Sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-07 10:38]
.
2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-857302832-1272101758-2402345916-1000Core.job
- c:\users\Anwender\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 11:05]
.
2012-09-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-857302832-1272101758-2402345916-1000UA.job
- c:\users\Anwender\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-22 11:05]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://mystart.incredimail.com/mb135?a=6OyHcmxOed
mStart Page = hxxp://www.google.com
mWindow Title = Arcor AG & Co. KG
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\sbo2ndgd.default\
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-06 23:03:02
ComboFix-quarantined-files.txt 2012-09-06 21:03
ComboFix2.txt 2012-09-06 15:54
.
Vor Suchlauf: 11 Verzeichnis(se), 213.193.719.808 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 212.906.954.752 Bytes frei
.
- - End Of File - - AA3C53E862C818ABA566555EC247D879
|
|
07.09.2012, 10:51
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gesperrtes System_Trojaner Bundespolizei_Win7 32bitZitat:
Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.09.2012, 12:55
| #23 | |
| | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Lieber cosinus, Das "ungerecht" bezog sich auf diesen Teil Deiner Antwort: Zitat:
- ich habe ja nur vorsichtig nachgefragt, ob ich mit dem Entschlüsseln schon anfangen kann - ich habe das in keinster Weise böse gemeint, nur spassig (hast Du den ";-)" nicht gesehen? - ich weiss Deine Hilfe durchaus zu würdigen und bin Dir auch sehr dankbar dafür!!! Also, "Nix für Ungut"! Hier nun die Logs: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-07 13:02:08
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST500DM002-1BD142 rev.KC45
Running: pdy6m005.exe; Driver: C:\Users\Anwender\AppData\Local\Temp\pwlcruob.sys
---- System - GMER 1.0.15 ----
SSDT 913C7EC6 ZwCreateSection
SSDT 913C7ED0 ZwRequestWaitReplyPort
SSDT 913C7ECB ZwSetContextThread
SSDT 913C7ED5 ZwSetSecurityObject
SSDT 913C7EDA ZwSystemDebugControl
SSDT 913C7E67 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!ZwRollbackEnlistment + 1409 8307A989 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 8309A4E2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntoskrnl.exe!KeRemoveQueueEx + 14BF 830A187C 4 Bytes [C6, 7E, 3C, 91]
.text ntoskrnl.exe!KeRemoveQueueEx + 181B 830A1BD8 4 Bytes [D0, 7E, 3C, 91] {SAR BYTE [ESI+0x3c], 0x1; XCHG ECX, EAX}
.text ntoskrnl.exe!KeRemoveQueueEx + 185F 830A1C1C 4 Bytes [CB, 7E, 3C, 91] {RETF ; JLE 0x3f; XCHG ECX, EAX}
.text ntoskrnl.exe!KeRemoveQueueEx + 18DB 830A1C98 4 Bytes [D5, 7E, 3C, 91] {AAD 0x7e; CMP AL, 0x91}
.text ntoskrnl.exe!KeRemoveQueueEx + 192F 830A1CEC 4 Bytes [DA, 7E, 3C, 91] {FIDIVR DWORD [ESI+0x3c]; XCHG ECX, EAX}
.text ...
.vmp2 C:\Windows\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0x98D8B69D]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[364] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[364] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[364] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[364] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7545FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device Ntfs.sys (NT-Dateisystemtreiber/Microsoft Corporation)
AttachedDevice X6XSEx.Sys
Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004d halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 13:27:47 on 07.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskUserS-1-5-21-857302832-1272101758-2402345916-1000Core.job" - "Google Inc." - C:\Users\Anwender\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-857302832-1272101758-2402345916-1000UA.job" - "Google Inc." - C:\Users\Anwender\AppData\Local\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "ISUSPM.cpl" - "InstallShield Software Corporation" - C:\Windows\system32\ISUSPM.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "acedrv11" (acedrv11) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv11.sys "AsrAppCharger" (AsrAppCharger) - "Windows (R) Win 7 DDK provider" - C:\Windows\System32\DRIVERS\AsrAppCharger.sys "AsrCDDrv" (AsrCDDrv) - ? - C:\Windows\system32\Drivers\AsrCDDrv.sys (File not found) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\Anwender\AppData\Local\Temp\catchme.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "X6XSEx" (X6XSEx) - "Exent Technologies Ltd." - C:\Program Files\Free Ride Games\X6XSEx.Sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {653DCCC2-13DB-45B2-A389-427885776CFE} "Activities Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplact.dll {124597D8-850A-41AE-849C-017A4FA99CA2} "Buttons Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplbtn.dll {10E72E6C-F89F-44AA-91AE-9FB5C88C6760} "ControlsExt Class" - "DATA BECKER" - C:\Program Files\DATA BECKER\PDF Genie 5.0\iexp32.dll {59A3380E-5305-4cea-BD99-4F2FF510C91F} "FineReader9.FRContextMenu.1" - "ABBYY" - C:\Program Files\ABBYY FineReader 9.0\FRIntegration.dll {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {3BEABCC1-BF31-42df-88D9-A2955D6B8528} "IntelliPoint Sensitivity Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplsens.dll {ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} "IntelliType Pro Key Settings Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliType Pro\itcplkey.dll {111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} "IntelliType Pro Scrolling Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliType Pro\itcplwhl.dll {1825D0FA-5B0C-4e20-A929-3EFD15B6DF71} "IntelliType Pro Touchpad Control Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliType Pro\itcpltp.dll {A2569D1F-4E06-43EC-9825-0088B471BE47} "IntelliType Pro Wireless Control Panel Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliType Pro\itcplwir.dll {97FA8AA2-EE77-4FF2-9449-424D8924EF21} "IntelliType Pro Zooming Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliType Pro\itcplzm.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll {B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll {7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {8F652E6E-8313-419E-8D5A-E932C64A6767} "SX_PDF6_CONV WEThumbnail Class" - "DATA BECKER" - C:\Program Files\DATA BECKER\PDF Genie 5.0\weprvw32.dll {18357DE3-1BFC-45E4-A215-73709054847A} "SX_PDF6_CONV.ShellExt" - "DATA BECKER" - C:\Program Files\DATA BECKER\PDF Genie 5.0\sx_shell32.dll {C533AB49-9805-4972-8326-A084696B00F0} "Touch Mouse Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcpltouchmouse.dll {1184D0ED-DBCE-4170-8DBB-4D0C3905DA85} "Touch Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcpltouch.dll {7834E880-F0CC-4FA7-B4F3-FDB0F4E816A5} "Touch Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcpltouchstrip.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} "Wheel Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplwhl.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {20082881-FC36-4E47-9A7A-644C95FF749F} "Wireless Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft IntelliPoint\ipcplwir.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {6A060448-60F9-11D5-A6CD-0002B31F7455} "ExentInf Class" - "Exent Technologies Ltd." - C:\Windows\Downloaded Program Files\ExentCtl.ocx / {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_3_300_271.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - "SEIKO EPSON CORPORATION / CyCom Technology Corp." - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll {BDA33FF0-AD30-4335-9082-D5967EADB37D} "PDF Genie 5.0" - "DATA BECKER" - C:\Program Files\DATA BECKER\PDF Genie 5.0\iexp32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - "SEIKO EPSON CORPORATION / CyCom Technology Corp." - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Exetender" - "Exent Technologies Ltd." - "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup "ISUSPM Startup" - "InstallShield Software Corporation" - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "EEventManager" - "SEIKO EPSON CORPORATION" - C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "IAStorIcon" - "Intel Corporation" - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe "IntelliPoint" - "Microsoft Corporation" - "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" "ISUSScheduler" - "InstallShield Software Corporation" - "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start "itype" - "Microsoft Corporation" - "C:\Program Files\Microsoft IntelliType Pro\itype.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "NBKeyScan" - "Nero AG" - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ABBYY FineReader 9.0 PE Licensing Service" (ABBYY.Licensing.FineReader.Professional.9.0) - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "DATA BECKER Update Service" (DBService) - "DATA BECKER GmbH & Co KG" - C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe "Intel(R) Capability Licensing Service Interface" (Intel(R) Capability Licensing Service Interface) - "Intel(R) Corporation" - C:\Program Files\Intel\iCLS Client\HeciServer.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "soft Xpansion Dispatch Service" (SXDS10) - "soft Xpansion" - C:\Program Files\Common Files\soft Xpansion\sxds10.exe "WTGService" (WTGService) - ? - C:\Program Files\Verbindungsassistent\WTGService.exe (File found, but it contains no detailed information) ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-07 13:30:37
-----------------------------
13:30:37.264 OS Version: Windows 6.1.7601 Service Pack 1
13:30:37.264 Number of processors: 2 586 0x2A07
13:30:37.264 ComputerName: ***-PC UserName: Anwender
13:30:38.699 Initialize success
13:31:27.745 AVAST engine defs: 12090700
13:32:00.084 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:32:00.084 Disk 0 Vendor: ST500DM002-1BD142 KC45 Size: 476940MB BusType: 11
13:32:00.100 Disk 0 MBR read successfully
13:32:00.100 Disk 0 MBR scan
13:32:00.115 Disk 0 Windows 7 default MBR code
13:32:00.115 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:32:00.131 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238369 MB offset 206848
13:32:00.162 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 238468 MB offset 488386560
13:32:00.162 Disk 0 scanning sectors +976769024
13:32:00.240 Disk 0 scanning C:\Windows\system32\drivers
13:32:07.868 Service scanning
13:32:24.311 Modules scanning
13:32:30.286 Disk 0 trace - called modules:
13:32:30.816 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS asahci32.sys
13:32:30.832 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87a9c7c8]
13:32:30.832 3 CLASSPNP.SYS[8c65659e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86018030]
13:32:32.298 AVAST engine scan C:\Windows
13:32:34.654 AVAST engine scan C:\Windows\system32
13:34:29.548 AVAST engine scan C:\Windows\system32\drivers
13:34:39.423 AVAST engine scan C:\Users\Anwender
13:35:52.493 File: C:\Users\Anwender\AppData\Roaming\logons.exe **INFECTED** Win32:Trojan-gen
13:36:35.128 AVAST engine scan C:\ProgramData
13:37:02.069 Scan finished successfully
13:38:42.752 Disk 0 MBR has been saved successfully to "C:\Users\Anwender\Desktop\MBR.dat"
13:38:42.752 The log file has been saved successfully to "C:\Users\Anwender\Desktop\aswMBR.txt"
|
|
09.09.2012, 20:44
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.09.2012, 10:52
| #25 |
| | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit So hier die beiden Logs: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.09.10.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Anwender :: ***-PC [Administrator] Schutz: Aktiviert 10.09.2012 16:12:45 mbam-log-2012-09-10 (16-12-45).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 434810 Laufzeit: 1 Stunde(n), 42 Minute(n), 26 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!
Generated 09/11/2012 at 10:40 AM
Application Version : 5.5.1016
Core Rules Database Version : 9203
Trace Rules Database Version: 7015
Scan type : Complete Scan
Total Scan Time : 01:55:17
Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 675
Memory threats detected : 0
Registry items scanned : 35770
Registry threats detected : 0
File items scanned : 222880
File threats detected : 468
Adware.Tracking Cookie
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\CCLUNL4D.txt [ /track.adform.net ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\RSHM73EQ.txt [ /ad.zanox.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\GOG54BNY.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\RBKJV6VN.txt [ /apmebf.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\JDFK3EU5.txt [ /tribalfusion.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\YEYQP9Q3.txt [ /media.gan-online.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\MGP1NCJE.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\Q1QRP7O2.txt [ /adform.net ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\061XVB23.txt [ /adxpose.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\CZQ8ELUA.txt [ /zedo.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\YG2GDX4T.txt [ /vodafonegroup.122.2o7.net ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\YTA87HDN.txt [ /imrworldwide.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\E5HC2FNH.txt [ /ad.360yield.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\9N30HB1L.txt [ /mediaplex.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\5ZWOOAAK.txt [ /ad.yieldmanager.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\LRNAM9CY.txt [ /invitemedia.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\KFGTQIQZ.txt [ /casalemedia.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\CDBO95MQ.txt [ /zanox.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\JHIRNF8S.txt [ /ru4.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\IEA4B0HV.txt [ /atdmt.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\5PH22SPB.txt [ /lucidmedia.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\H6G04FPJ.txt [ /serving-sys.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\A9XODKUW.txt [ /bs.serving-sys.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\MDETS7WM.txt [ /ad3.adfarm1.adition.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\UWCI2OY3.txt [ /adbrite.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\V5C3QO0Q.txt [ /questionmarket.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\CANLJ91X.txt [ /ad.adition.net ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\T6UM2ZMA.txt [ /yieldmanager.net ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\ZI3CKGYV.txt [ /tradedoubler.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\WU43BBZA.txt [ /revsci.net ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\S510F0JG.txt [ /doubleclick.net ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\1Y6BU0V2.txt [ /fastclick.net ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\SVI43ZQM.txt [ /www.rambler.ru ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\9S6SO8W9.txt [ /adfarm1.adition.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\CQWGFPMP.txt [ /media6degrees.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\C0QS42T5.txt [ /smartadserver.com ]
C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Cookies\P65RU2AE.txt [ /rambler.ru ]
C:\USERS\ANWENDER\AppData\Roaming\Microsoft\Windows\Cookies\1SB26DE0.txt [ Cookie:anwender@clkads.com/adServe/banners ]
C:\USERS\ANWENDER\AppData\Roaming\Microsoft\Windows\Cookies\NO4RARXE.txt [ Cookie:anwender@clkads.com/adServe ]
C:\USERS\ANWENDER\AppData\Roaming\Microsoft\Windows\Cookies\Low\C15IP93K.txt [ Cookie:anwender@adform.net/ ]
C:\USERS\ANWENDER\AppData\Roaming\Microsoft\Windows\Cookies\Low\4V0ZPIQY.txt [ Cookie:anwender@statse.webtrendslive.com/ ]
C:\USERS\ANWENDER\AppData\Roaming\Microsoft\Windows\Cookies\Low\J6UKC720.txt [ Cookie:anwender@server.adform.net/ ]
C:\USERS\ANWENDER\AppData\Roaming\Microsoft\Windows\Cookies\Low\0LVZVZLD.txt [ Cookie:anwender@revsci.net/ ]
C:\USERS\ANWENDER\AppData\Roaming\Microsoft\Windows\Cookies\Low\TZ8INPA3.txt [ Cookie:anwender@doubleclick.net/ ]
C:\USERS\ANWENDER\Cookies\RSHM73EQ.txt [ Cookie:anwender@ad.zanox.com/ ]
C:\USERS\ANWENDER\Cookies\1SB26DE0.txt [ Cookie:anwender@clkads.com/adServe/banners ]
C:\USERS\ANWENDER\Cookies\RBKJV6VN.txt [ Cookie:anwender@apmebf.com/ ]
C:\USERS\ANWENDER\Cookies\JDFK3EU5.txt [ Cookie:anwender@tribalfusion.com/ ]
C:\USERS\ANWENDER\Cookies\MGP1NCJE.txt [ Cookie:anwender@ad2.adfarm1.adition.com/ ]
C:\USERS\ANWENDER\Cookies\Q1QRP7O2.txt [ Cookie:anwender@adform.net/ ]
C:\USERS\ANWENDER\Cookies\CZQ8ELUA.txt [ Cookie:anwender@zedo.com/ ]
C:\USERS\ANWENDER\Cookies\YG2GDX4T.txt [ Cookie:anwender@vodafonegroup.122.2o7.net/ ]
C:\USERS\ANWENDER\Cookies\YTA87HDN.txt [ Cookie:anwender@imrworldwide.com/cgi-bin ]
C:\USERS\ANWENDER\Cookies\NO4RARXE.txt [ Cookie:anwender@clkads.com/adServe ]
C:\USERS\ANWENDER\Cookies\5ZWOOAAK.txt [ Cookie:anwender@ad.yieldmanager.com/ ]
C:\USERS\ANWENDER\Cookies\LRNAM9CY.txt [ Cookie:anwender@invitemedia.com/ ]
C:\USERS\ANWENDER\Cookies\JHIRNF8S.txt [ Cookie:anwender@ru4.com/ ]
C:\USERS\ANWENDER\Cookies\IEA4B0HV.txt [ Cookie:anwender@atdmt.com/ ]
C:\USERS\ANWENDER\Cookies\5PH22SPB.txt [ Cookie:anwender@lucidmedia.com/ ]
C:\USERS\ANWENDER\Cookies\A9XODKUW.txt [ Cookie:anwender@bs.serving-sys.com/ ]
C:\USERS\ANWENDER\Cookies\V5C3QO0Q.txt [ Cookie:anwender@questionmarket.com/ ]
C:\USERS\ANWENDER\Cookies\CANLJ91X.txt [ Cookie:anwender@ad.adition.net/ ]
C:\USERS\ANWENDER\Cookies\T6UM2ZMA.txt [ Cookie:anwender@yieldmanager.net/ ]
C:\USERS\ANWENDER\Cookies\ZI3CKGYV.txt [ Cookie:anwender@tradedoubler.com/ ]
C:\USERS\ANWENDER\Cookies\WU43BBZA.txt [ Cookie:anwender@revsci.net/ ]
C:\USERS\ANWENDER\Cookies\S510F0JG.txt [ Cookie:anwender@doubleclick.net/ ]
C:\USERS\ANWENDER\Cookies\1Y6BU0V2.txt [ Cookie:anwender@fastclick.net/ ]
C:\USERS\ANWENDER\Cookies\SVI43ZQM.txt [ Cookie:anwender@www.rambler.ru/ ]
C:\USERS\ANWENDER\Cookies\CQWGFPMP.txt [ Cookie:anwender@media6degrees.com/ ]
C:\USERS\ANWENDER\Cookies\C0QS42T5.txt [ Cookie:anwender@smartadserver.com/ ]
.doubleclick.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.crsend.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.crsend.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.crsend.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas4.emediate.eu [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.libri.112.2o7.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.gan-online.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.chip.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracker.vinsight.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.guj.122.2o7.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a.revenuemax.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dealtime.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statsadv.dadapro.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lego.112.2o7.net [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.dealtime.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Ad-Track.de - Günstige Online Werbung direkt beim Erzeuger buchen [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\ANWENDER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.avanquest.upclick.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.avanquest.upclick.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.upclick.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
leads.383media.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
leads.383media.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.countomat.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
Angebote, Service, Beratung und mehr im Onlineshop und in Ihrem Markt vor Ort - Media Markt [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
UseNeXT | In vollem DSL-Speed aus dem Usenet downloaden! [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.Online Counter gratis - Kostenloser Besucherzhler mit Statistik [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
clickundflieg.com - Last Minute Reisen, Pauschalreisen, Lastminute Urlaub & Flge gnstig buchen [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.clickundflieg.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.clickundflieg.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.clickundflieg.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.mm.chitika.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
tomtailor.dyntracker.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
targeting.revenuemax.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
stats.crsend.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
Kostenloser Counter Besucherstatistik Besucherzhler Webstatistik [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.mmstat.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANWENDER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SBO2NDGD.DEFAULT\COOKIES.SQLITE ]
PotentiallyUnwanted.SoftonicDownloader
G:\ALLE DATEIEN BIS 10. FEBRUAR 2012\EIGENE DATEIEN 03.APRIL 2012\DOWNLOADS\SOFTONICDOWNLOADER_FUER_AVIRA-ANTIVIR.EXE
G:\ALLE DATEIEN BIS 10. FEBRUAR 2012\EIGENE DATEIEN20. 2.2012 NICHT LöSCHEN\DOWNLOADS\SOFTONICDOWNLOADER_FUER_AVIRA-ANTIVIR.EXE
G:\EIGENE DATEIEN AB 20.06.2011\EIGENE DATEIEN17.3.2012\DOWNLOADS\SOFTONICDOWNLOADER_FUER_AVIRA-ANTIVIR.EXE
Trojan.Agent/Gen-Multi
C:\WINDOWS\SYSTEM32\AMCBUTTON.OCX
Geändert von Elektritze (11.09.2012 um 10:54 Uhr) Grund: Formatierung |
|
11.09.2012, 16:21
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Sieht ok aus, da wurden nur Cookies gefunden. Außerdem Softonic-Müll und das mit AMCBUTTON sieht mir nach einem Fehlalarm aus. Alles löschen bis auf AMCBUTTON Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.09.2012, 22:58
| #27 |
| | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Scheint alles normal, außer das Avira immer noch diese logons.exe anmeckert: Siehe Bild im Anhang! Ich habe sie dann entfernen lassen, komischerweise steht aber immer noch die Verknüpfung im Systemstart... |
|
12.09.2012, 00:17
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Hö  hab ich die völlig übesehen   Einfachster Weg zuerst: Mit Avira in die Q verschieben. Neustart. Beobachten ob sie wieder auftaucht. Wenn ja, sind wir hier leider nicht so schnell fertig 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.09.2012, 13:21
| #29 |
| | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Taucht nicht mehr als Virenwarnung auf, nur die Verknüpfung im Systemstart bleibt! Ist ja deaktiviert und das Ziel ist ja nicht mehr vorhanden... Kann man die auch noch irgendwie weg kriegen? |
|
12.09.2012, 14:48
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gesperrtes System_Trojaner Bundespolizei_Win7 32bit Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":Files" in der ersten Zeile muss mitkopiert werden!!!) Code:
ATTFilter :Files
C:\Users\Anwender\AppData\Roaming\*.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Gesperrtes System_Trojaner Bundespolizei_Win7 32bit |
| antivir, avira, becker, bho, bildschirm, bundespolizei, desktop, driver genius, entfernen, error, excel, firefox, flash player, home, install.exe, installation, locker, mozilla, msiexec.exe, msiinstaller, nicht installiert, nicht sicher, ntdll.dll, object, office 2007, plug-in, problem, programm, realtek, registry, scan, security, senden, software, system, system gesperrt, trojan.inject, trojaner, usb 3.0, windows |
Linear-Darstellung
