| |
| |||||||
Log-Analyse und Auswertung: Bundestrojaner Windows 7 blockiertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.04.2012, 17:10
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Bundestrojaner Windows 7 blockiert Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-3247393173-1513715297-1201314939-1001\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-3247393173-1513715297-1201314939-1001\..\SearchScopes\Plasmoo: "URL" = http://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Sarah\AppData\Roaming\toolplugin\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3247393173-1513715297-1201314939-1001\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [IMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe (Iminent)
O4 - HKLM..\Run: [Iminent.Notifier] C:\Program Files (x86)\Iminent\SearchTheWeb\Iminent.Notifier.exe (Iminent)
O4 - HKU\S-1-5-21-3247393173-1513715297-1201314939-1001..\Run: [SkypePM] C:\Users\Sarah\AppData\Local\Skype\SkypePM.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3247393173-1513715297-1201314939-1001..\RunOnce: [.IMinentUpdate] C:\Users\Sarah\AppData\Local\Temp\NotifierSetup.exe File not found
O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_20.06.2011_10-58.lnk = C:\Users\Sarah\Desktop\Neuer Ordner (3)\Virus Removal Tool\setup_9.0.0.722_20.06.2011_10-58\startup.exe ()
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:D05E7A8B
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:390B30B4
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.04.2012, 20:52
| #17 |
 | Bundestrojaner Windows 7 blockiert Hier:
__________________Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ not found.
Registry key HKEY_USERS\S-1-5-21-3247393173-1513715297-1201314939-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}\ not found.
Registry key HKEY_USERS\S-1-5-21-3247393173-1513715297-1201314939-1001\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ deleted successfully.
C:\Program Files (x86)\Lexmark Toolbar\toolband.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ deleted successfully.
C:\Program Files (x86)\Iminent\IMBooster4Web\Iminent.WebBooster.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files (x86)\Yontoo\YontooIEClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found.
File C:\Program Files (x86)\Lexmark Toolbar\toolband.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-89AF-189327213627} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}\ deleted successfully.
C:\Users\Sarah\AppData\Roaming\toolplugin\toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3247393173-1513715297-1201314939-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}\ not found.
File C:\Program Files (x86)\Lexmark Toolbar\toolband.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IMBooster deleted successfully.
C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Iminent.Notifier deleted successfully.
C:\Program Files (x86)\Iminent\SearchTheWeb\Iminent.Notifier.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-3247393173-1513715297-1201314939-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SkypePM deleted successfully.
C:\Users\Sarah\AppData\Local\Skype\SkypePM.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3247393173-1513715297-1201314939-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\.IMinentUpdate deleted successfully.
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_20.06.2011_10-58.lnk moved successfully.
C:\Users\Sarah\Desktop\Neuer Ordner (3)\Virus Removal Tool\setup_9.0.0.722_20.06.2011_10-58\startup.exe moved successfully.
ADS C:\ProgramData\Temp:D05E7A8B deleted successfully.
ADS C:\ProgramData\Temp:1A60DE96 deleted successfully.
ADS C:\ProgramData\Temp:390B30B4 deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Sarah
->Temp folder emptied: 1200333863 bytes
->Temporary Internet Files folder emptied: 1640266810 bytes
->Java cache emptied: 69815023 bytes
->Google Chrome cache emptied: 420448778 bytes
->Flash cache emptied: 65047 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 189582186 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 408363 bytes
Total Files Cleaned = 3.358,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Sarah
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.39.2 log created on 04062012_213429
|
|
06.04.2012, 21:00
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundestrojaner Windows 7 blockiert Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
06.04.2012, 21:38
| #19 |
| | Bundestrojaner Windows 7 blockiertCode:
ATTFilter 22:33:04.0000 1524 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
22:33:04.0124 1524 ============================================================
22:33:04.0124 1524 Current date / time: 2012/04/06 22:33:04.0124
22:33:04.0124 1524 SystemInfo:
22:33:04.0124 1524
22:33:04.0124 1524 OS Version: 6.1.7601 ServicePack: 1.0
22:33:04.0124 1524 Product type: Workstation
22:33:04.0124 1524 ComputerName: SARAH-PC
22:33:04.0124 1524 UserName: Sarah
22:33:04.0124 1524 Windows directory: C:\Windows
22:33:04.0124 1524 System windows directory: C:\Windows
22:33:04.0124 1524 Running under WOW64
22:33:04.0124 1524 Processor architecture: Intel x64
22:33:04.0124 1524 Number of processors: 4
22:33:04.0124 1524 Page size: 0x1000
22:33:04.0124 1524 Boot type: Safe boot with network
22:33:04.0124 1524 ============================================================
22:33:04.0546 1524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:04.0546 1524 \Device\Harddisk0\DR0:
22:33:04.0546 1524 MBR used
22:33:04.0546 1524 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
22:33:04.0546 1524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
22:33:04.0561 1524 Initialize success
22:33:04.0561 1524 ============================================================
22:33:14.0810 0472 ============================================================
22:33:14.0810 0472 Scan started
22:33:14.0810 0472 Mode: Manual; SigCheck; TDLFS;
22:33:14.0810 0472 ============================================================
22:33:15.0122 0472 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:33:15.0185 0472 1394ohci - ok
22:33:15.0294 0472 73770521 (6c5461eeb3ffa1b1dcf9a07f8c3b3afe) C:\Windows\system32\DRIVERS\73770521.sys
22:33:15.0310 0472 73770521 - ok
22:33:15.0419 0472 73770522 (3ec7dfda521b4fb22ce9f76df15db099) C:\Windows\system32\DRIVERS\73770522.sys
22:33:15.0419 0472 73770522 - ok
22:33:15.0528 0472 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:33:15.0544 0472 ACPI - ok
22:33:15.0637 0472 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:33:15.0715 0472 AcpiPmi - ok
22:33:15.0824 0472 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:33:15.0824 0472 AdobeARMservice - ok
22:33:15.0934 0472 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:33:15.0949 0472 adp94xx - ok
22:33:16.0074 0472 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:33:16.0090 0472 adpahci - ok
22:33:16.0168 0472 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:33:16.0183 0472 adpu320 - ok
22:33:16.0246 0472 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:33:16.0370 0472 AeLookupSvc - ok
22:33:16.0464 0472 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:33:16.0511 0472 AFD - ok
22:33:16.0620 0472 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:33:16.0636 0472 agp440 - ok
22:33:16.0714 0472 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:33:16.0776 0472 ALG - ok
22:33:16.0870 0472 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:33:16.0885 0472 aliide - ok
22:33:16.0994 0472 AMD External Events Utility (ff779f9de1cdf477033858b7681ceda8) C:\Windows\system32\atiesrxx.exe
22:33:17.0041 0472 AMD External Events Utility - ok
22:33:17.0150 0472 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:33:17.0166 0472 amdide - ok
22:33:17.0260 0472 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:33:17.0306 0472 AmdK8 - ok
22:33:17.0525 0472 amdkmdag (ef2b99dcee397b45f50594696d7b5339) C:\Windows\system32\DRIVERS\atikmdag.sys
22:33:17.0712 0472 amdkmdag - ok
22:33:17.0806 0472 amdkmdap (239dce60bee6e1576c803948ab4d54c5) C:\Windows\system32\DRIVERS\atikmpag.sys
22:33:17.0837 0472 amdkmdap - ok
22:33:17.0915 0472 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:33:17.0946 0472 AmdPPM - ok
22:33:18.0055 0472 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:33:18.0071 0472 amdsata - ok
22:33:18.0180 0472 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:33:18.0196 0472 amdsbs - ok
22:33:18.0305 0472 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:33:18.0320 0472 amdxata - ok
22:33:18.0430 0472 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:33:18.0601 0472 AppID - ok
22:33:18.0664 0472 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:33:18.0726 0472 AppIDSvc - ok
22:33:18.0835 0472 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:33:18.0882 0472 Appinfo - ok
22:33:18.0991 0472 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:33:18.0991 0472 arc - ok
22:33:19.0054 0472 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:33:19.0069 0472 arcsas - ok
22:33:19.0163 0472 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:33:19.0210 0472 AsyncMac - ok
22:33:19.0350 0472 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:33:19.0350 0472 atapi - ok
22:33:19.0506 0472 athr (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
22:33:19.0537 0472 athr - ok
22:33:19.0678 0472 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:33:19.0740 0472 AudioEndpointBuilder - ok
22:33:19.0771 0472 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:33:19.0802 0472 AudioSrv - ok
22:33:19.0912 0472 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:33:19.0990 0472 AxInstSV - ok
22:33:20.0146 0472 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:33:20.0192 0472 b06bdrv - ok
22:33:20.0317 0472 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:33:20.0364 0472 b57nd60a - ok
22:33:20.0489 0472 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:33:20.0520 0472 BDESVC - ok
22:33:20.0645 0472 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:33:20.0707 0472 Beep - ok
22:33:20.0879 0472 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:33:20.0941 0472 BFE - ok
22:33:21.0035 0472 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:33:21.0191 0472 BITS - ok
22:33:21.0316 0472 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:33:21.0331 0472 blbdrive - ok
22:33:21.0456 0472 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:33:21.0487 0472 bowser - ok
22:33:21.0596 0472 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:33:21.0659 0472 BrFiltLo - ok
22:33:21.0768 0472 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:33:21.0799 0472 BrFiltUp - ok
22:33:21.0893 0472 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:33:21.0924 0472 Browser - ok
22:33:22.0018 0472 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:33:22.0064 0472 Brserid - ok
22:33:22.0189 0472 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:33:22.0205 0472 BrSerWdm - ok
22:33:22.0252 0472 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:33:22.0314 0472 BrUsbMdm - ok
22:33:22.0423 0472 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:33:22.0454 0472 BrUsbSer - ok
22:33:22.0501 0472 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:33:22.0548 0472 BTHMODEM - ok
22:33:22.0626 0472 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:33:22.0657 0472 bthserv - ok
22:33:22.0751 0472 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:33:22.0798 0472 cdfs - ok
22:33:22.0922 0472 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:33:22.0954 0472 cdrom - ok
22:33:23.0047 0472 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:33:23.0094 0472 CertPropSvc - ok
22:33:23.0219 0472 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:33:23.0234 0472 circlass - ok
22:33:23.0312 0472 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:33:23.0328 0472 CLFS - ok
22:33:23.0390 0472 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:33:23.0390 0472 clr_optimization_v2.0.50727_32 - ok
22:33:23.0422 0472 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:33:23.0422 0472 clr_optimization_v2.0.50727_64 - ok
22:33:23.0546 0472 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:33:23.0578 0472 clr_optimization_v4.0.30319_32 - ok
22:33:23.0702 0472 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:33:23.0702 0472 clr_optimization_v4.0.30319_64 - ok
22:33:23.0796 0472 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:33:23.0827 0472 CmBatt - ok
22:33:23.0890 0472 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:33:23.0905 0472 cmdide - ok
22:33:23.0968 0472 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
22:33:24.0014 0472 CNG - ok
22:33:24.0108 0472 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:33:24.0124 0472 Compbatt - ok
22:33:24.0217 0472 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:33:24.0233 0472 CompositeBus - ok
22:33:24.0311 0472 COMSysApp - ok
22:33:24.0358 0472 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:33:24.0358 0472 crcdisk - ok
22:33:24.0467 0472 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
22:33:24.0529 0472 CryptSvc - ok
22:33:24.0638 0472 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:33:24.0654 0472 cvhsvc - ok
22:33:24.0748 0472 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:33:24.0810 0472 DcomLaunch - ok
22:33:24.0904 0472 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:33:24.0966 0472 defragsvc - ok
22:33:25.0013 0472 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:33:25.0060 0472 DfsC - ok
22:33:25.0106 0472 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:33:25.0153 0472 Dhcp - ok
22:33:25.0200 0472 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:33:25.0247 0472 discache - ok
22:33:25.0294 0472 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:33:25.0294 0472 Disk - ok
22:33:25.0387 0472 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:33:25.0434 0472 Dnscache - ok
22:33:25.0543 0472 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:33:25.0590 0472 dot3svc - ok
22:33:25.0699 0472 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
22:33:25.0730 0472 Dot4 - ok
22:33:25.0824 0472 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:33:25.0855 0472 Dot4Print - ok
22:33:25.0886 0472 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
22:33:25.0918 0472 dot4usb - ok
22:33:26.0027 0472 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:33:26.0074 0472 DPS - ok
22:33:26.0120 0472 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:33:26.0136 0472 drmkaud - ok
22:33:26.0214 0472 DsiWMIService (9cf46fdf163e06b83d03ff929ef2296c) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:33:26.0214 0472 DsiWMIService - ok
22:33:26.0339 0472 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:33:26.0354 0472 DXGKrnl - ok
22:33:26.0479 0472 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:33:26.0526 0472 EapHost - ok
22:33:26.0651 0472 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:33:26.0744 0472 ebdrv - ok
22:33:26.0838 0472 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:33:26.0900 0472 EFS - ok
22:33:26.0963 0472 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:33:27.0010 0472 ehRecvr - ok
22:33:27.0072 0472 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:33:27.0134 0472 ehSched - ok
22:33:27.0228 0472 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:33:27.0244 0472 elxstor - ok
22:33:27.0353 0472 ePowerSvc (3ea2c4f68a782839d97b3c83595575b6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
22:33:27.0384 0472 ePowerSvc - ok
22:33:27.0478 0472 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:33:27.0493 0472 ErrDev - ok
22:33:27.0602 0472 ETD (0975bf32399a24117e317b5bf1d5d0aa) C:\Windows\system32\DRIVERS\ETD.sys
22:33:27.0602 0472 ETD - ok
22:33:27.0665 0472 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:33:27.0712 0472 EventSystem - ok
22:33:27.0774 0472 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:33:27.0805 0472 exfat - ok
22:33:27.0836 0472 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:33:27.0883 0472 fastfat - ok
22:33:27.0946 0472 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:33:27.0992 0472 Fax - ok
22:33:28.0086 0472 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:33:28.0117 0472 fdc - ok
22:33:28.0148 0472 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:33:28.0211 0472 fdPHost - ok
22:33:28.0273 0472 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:33:28.0320 0472 FDResPub - ok
22:33:28.0367 0472 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:33:28.0367 0472 FileInfo - ok
22:33:28.0382 0472 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:33:28.0445 0472 Filetrace - ok
22:33:28.0538 0472 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:33:28.0554 0472 FLEXnet Licensing Service - ok
22:33:28.0648 0472 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:33:28.0663 0472 flpydisk - ok
22:33:28.0772 0472 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:33:28.0788 0472 FltMgr - ok
22:33:28.0835 0472 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:33:28.0897 0472 FontCache - ok
22:33:28.0991 0472 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:33:28.0991 0472 FontCache3.0.0.0 - ok
22:33:29.0053 0472 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:33:29.0053 0472 FsDepends - ok
22:33:29.0131 0472 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:33:29.0147 0472 Fs_Rec - ok
22:33:29.0209 0472 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:33:29.0225 0472 fvevol - ok
22:33:29.0318 0472 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:33:29.0318 0472 gagp30kx - ok
22:33:29.0381 0472 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:33:29.0459 0472 gpsvc - ok
22:33:29.0521 0472 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
22:33:29.0521 0472 GREGService - ok
22:33:29.0584 0472 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:33:29.0599 0472 gupdate - ok
22:33:29.0630 0472 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:33:29.0630 0472 gupdatem - ok
22:33:29.0724 0472 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:33:29.0755 0472 hcw85cir - ok
22:33:29.0864 0472 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:33:29.0880 0472 HdAudAddService - ok
22:33:29.0942 0472 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:33:29.0974 0472 HDAudBus - ok
22:33:30.0083 0472 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
22:33:30.0083 0472 HECIx64 - ok
22:33:30.0145 0472 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:33:30.0161 0472 HidBatt - ok
22:33:30.0239 0472 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:33:30.0270 0472 HidBth - ok
22:33:30.0348 0472 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:33:30.0364 0472 HidIr - ok
22:33:30.0457 0472 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:33:30.0488 0472 hidserv - ok
22:33:30.0629 0472 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
22:33:30.0644 0472 HidUsb - ok
22:33:30.0676 0472 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:33:30.0722 0472 hkmsvc - ok
22:33:30.0816 0472 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:33:30.0847 0472 HomeGroupListener - ok
22:33:30.0894 0472 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:33:30.0894 0472 HomeGroupProvider - ok
22:33:31.0034 0472 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
22:33:31.0034 0472 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
22:33:31.0034 0472 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
22:33:31.0066 0472 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
22:33:31.0081 0472 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
22:33:31.0081 0472 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
22:33:31.0190 0472 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:33:31.0190 0472 HpSAMD - ok
22:33:31.0315 0472 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
22:33:31.0346 0472 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
22:33:31.0346 0472 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
22:33:31.0471 0472 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:33:31.0518 0472 HTTP - ok
22:33:31.0580 0472 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:33:31.0596 0472 hwpolicy - ok
22:33:31.0643 0472 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:33:31.0658 0472 i8042prt - ok
22:33:31.0705 0472 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
22:33:31.0721 0472 iaStor - ok
22:33:31.0814 0472 IAStorDataMgrSvc (6b24d1c3096de796d15571079ea5e98c) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:33:31.0830 0472 IAStorDataMgrSvc - ok
22:33:31.0970 0472 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:33:31.0986 0472 iaStorV - ok
22:33:32.0126 0472 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:33:32.0158 0472 idsvc - ok
22:33:32.0251 0472 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:33:32.0267 0472 iirsp - ok
22:33:32.0376 0472 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:33:32.0423 0472 IKEEXT - ok
22:33:32.0548 0472 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
22:33:32.0594 0472 Impcd - ok
22:33:32.0719 0472 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
22:33:32.0782 0472 IntcAzAudAddService - ok
22:33:32.0906 0472 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:33:32.0906 0472 intelide - ok
22:33:32.0969 0472 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:33:32.0984 0472 intelppm - ok
22:33:33.0062 0472 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:33:33.0094 0472 IPBusEnum - ok
22:33:33.0125 0472 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:33:33.0172 0472 IpFilterDriver - ok
22:33:33.0234 0472 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:33:33.0281 0472 iphlpsvc - ok
22:33:33.0328 0472 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:33:33.0359 0472 IPMIDRV - ok
22:33:33.0437 0472 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:33:33.0484 0472 IPNAT - ok
22:33:33.0608 0472 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:33:33.0640 0472 IRENUM - ok
22:33:33.0749 0472 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:33:33.0764 0472 isapnp - ok
22:33:33.0874 0472 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:33:33.0889 0472 iScsiPrt - ok
22:33:34.0030 0472 k57nd60a (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys
22:33:34.0045 0472 k57nd60a - ok
22:33:34.0186 0472 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:33:34.0201 0472 kbdclass - ok
22:33:34.0326 0472 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:33:34.0342 0472 kbdhid - ok
22:33:34.0435 0472 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:33:34.0451 0472 KeyIso - ok
22:33:34.0498 0472 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
22:33:34.0498 0472 KSecDD - ok
22:33:34.0560 0472 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
22:33:34.0576 0472 KSecPkg - ok
22:33:34.0716 0472 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:33:34.0763 0472 ksthunk - ok
22:33:34.0888 0472 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:33:34.0934 0472 KtmRm - ok
22:33:35.0090 0472 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:33:35.0137 0472 LanmanServer - ok
22:33:35.0278 0472 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:33:35.0324 0472 LanmanWorkstation - ok
22:33:35.0480 0472 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:33:35.0527 0472 lltdio - ok
22:33:35.0636 0472 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:33:35.0699 0472 lltdsvc - ok
22:33:35.0824 0472 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:33:35.0870 0472 lmhosts - ok
22:33:35.0980 0472 LMS (dbc1136a62bd4decc3632df650284c2e) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:33:35.0980 0472 LMS - ok
22:33:36.0120 0472 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:33:36.0136 0472 LSI_FC - ok
22:33:36.0260 0472 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:33:36.0276 0472 LSI_SAS - ok
22:33:36.0416 0472 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:33:36.0416 0472 LSI_SAS2 - ok
22:33:36.0557 0472 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:33:36.0572 0472 LSI_SCSI - ok
22:33:36.0697 0472 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:33:36.0744 0472 luafv - ok
22:33:36.0838 0472 lxcr_device - ok
22:33:36.0931 0472 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
22:33:36.0947 0472 MBAMProtector - ok
22:33:37.0025 0472 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:33:37.0040 0472 MBAMService - ok
22:33:37.0118 0472 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
22:33:37.0134 0472 McComponentHostService - ok
22:33:37.0212 0472 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:33:37.0243 0472 Mcx2Svc - ok
22:33:37.0337 0472 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:33:37.0337 0472 megasas - ok
22:33:37.0477 0472 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:33:37.0493 0472 MegaSR - ok
22:33:37.0618 0472 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:33:37.0664 0472 MMCSS - ok
22:33:37.0805 0472 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:33:37.0852 0472 Modem - ok
22:33:37.0992 0472 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:33:38.0023 0472 monitor - ok
22:33:38.0179 0472 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
22:33:38.0179 0472 mouclass - ok
22:33:38.0351 0472 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:33:38.0351 0472 mouhid - ok
22:33:38.0476 0472 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:33:38.0491 0472 mountmgr - ok
22:33:38.0554 0472 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:33:38.0569 0472 mpio - ok
22:33:38.0710 0472 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:33:38.0741 0472 mpsdrv - ok
22:33:38.0850 0472 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:33:38.0897 0472 MpsSvc - ok
22:33:38.0990 0472 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:33:39.0006 0472 MRxDAV - ok
22:33:39.0100 0472 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:33:39.0115 0472 mrxsmb - ok
22:33:39.0224 0472 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:33:39.0256 0472 mrxsmb10 - ok
22:33:39.0334 0472 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:33:39.0365 0472 mrxsmb20 - ok
22:33:39.0505 0472 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:33:39.0521 0472 msahci - ok
22:33:39.0661 0472 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:33:39.0661 0472 msdsm - ok
22:33:39.0786 0472 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:33:39.0802 0472 MSDTC - ok
22:33:39.0942 0472 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:33:39.0973 0472 Msfs - ok
22:33:40.0098 0472 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:33:40.0145 0472 mshidkmdf - ok
22:33:40.0285 0472 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:33:40.0301 0472 msisadrv - ok
22:33:40.0426 0472 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:33:40.0472 0472 MSiSCSI - ok
22:33:40.0566 0472 msiserver - ok
22:33:40.0675 0472 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:33:40.0706 0472 MSKSSRV - ok
22:33:40.0847 0472 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:33:40.0878 0472 MSPCLOCK - ok
22:33:41.0018 0472 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:33:41.0065 0472 MSPQM - ok
22:33:41.0190 0472 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:33:41.0190 0472 MsRPC - ok
22:33:41.0252 0472 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:33:41.0268 0472 mssmbios - ok
22:33:41.0315 0472 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:33:41.0362 0472 MSTEE - ok
22:33:41.0455 0472 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:33:41.0486 0472 MTConfig - ok
22:33:41.0611 0472 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:33:41.0627 0472 Mup - ok
22:33:41.0752 0472 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:33:41.0752 0472 mwlPSDFilter - ok
22:33:41.0798 0472 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:33:41.0798 0472 mwlPSDNServ - ok
22:33:41.0892 0472 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:33:41.0908 0472 mwlPSDVDisk - ok
22:33:42.0001 0472 MWLService (3e5e20817259f7328c8f3be5421f35b9) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
22:33:42.0017 0472 MWLService - ok
22:33:42.0126 0472 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:33:42.0173 0472 napagent - ok
22:33:42.0344 0472 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:33:42.0391 0472 NativeWifiP - ok
22:33:42.0516 0472 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
22:33:42.0516 0472 NAUpdate - ok
22:33:42.0672 0472 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:33:42.0688 0472 NDIS - ok
22:33:42.0828 0472 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:33:42.0859 0472 NdisCap - ok
22:33:42.0984 0472 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:33:43.0015 0472 NdisTapi - ok
22:33:43.0171 0472 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:33:43.0218 0472 Ndisuio - ok
22:33:43.0390 0472 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:33:43.0436 0472 NdisWan - ok
22:33:43.0592 0472 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:33:43.0624 0472 NDProxy - ok
22:33:43.0811 0472 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
22:33:43.0811 0472 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:33:43.0811 0472 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:33:43.0967 0472 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:33:44.0014 0472 NetBIOS - ok
22:33:44.0154 0472 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:33:44.0201 0472 NetBT - ok
22:33:44.0341 0472 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:33:44.0357 0472 Netlogon - ok
22:33:44.0482 0472 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:33:44.0544 0472 Netman - ok
22:33:44.0684 0472 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:33:44.0747 0472 netprofm - ok
22:33:44.0872 0472 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:33:44.0887 0472 NetTcpPortSharing - ok
22:33:45.0043 0472 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:33:45.0043 0472 nfrd960 - ok
22:33:45.0215 0472 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:33:45.0262 0472 NlaSvc - ok
22:33:45.0418 0472 NOBU (f5f03fabef7df53a1c78ee6cd8e7ae41) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
22:33:45.0558 0472 NOBU - ok
22:33:45.0698 0472 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:33:45.0745 0472 Npfs - ok
22:33:45.0886 0472 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:33:45.0932 0472 nsi - ok
22:33:46.0088 0472 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:33:46.0135 0472 nsiproxy - ok
22:33:46.0322 0472 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:33:46.0369 0472 Ntfs - ok
22:33:46.0478 0472 NTI IScheduleSvc (9a308fcdcca98a15b6f62d36a272160e) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
22:33:46.0478 0472 NTI IScheduleSvc - ok
22:33:46.0603 0472 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
22:33:46.0603 0472 NTIDrvr - ok
22:33:46.0744 0472 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:33:46.0790 0472 Null - ok
22:33:46.0946 0472 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:33:46.0962 0472 nvraid - ok
22:33:47.0134 0472 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:33:47.0149 0472 nvstor - ok
22:33:47.0321 0472 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:33:47.0336 0472 nv_agp - ok
22:33:47.0492 0472 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:33:47.0524 0472 ohci1394 - ok
22:33:47.0664 0472 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:33:47.0680 0472 ose - ok
22:33:47.0804 0472 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:33:47.0960 0472 osppsvc - ok
22:33:48.0070 0472 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:33:48.0101 0472 p2pimsvc - ok
22:33:48.0226 0472 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:33:48.0257 0472 p2psvc - ok
22:33:48.0366 0472 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:33:48.0382 0472 Parport - ok
22:33:48.0475 0472 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
22:33:48.0491 0472 partmgr - ok
22:33:48.0600 0472 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:33:48.0631 0472 PcaSvc - ok
22:33:48.0756 0472 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:33:48.0772 0472 pci - ok
22:33:48.0896 0472 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:33:48.0896 0472 pciide - ok
22:33:48.0990 0472 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:33:49.0006 0472 pcmcia - ok
22:33:49.0099 0472 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:33:49.0115 0472 pcw - ok
22:33:49.0240 0472 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:33:49.0286 0472 PEAUTH - ok
22:33:49.0396 0472 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:33:49.0458 0472 PerfHost - ok
22:33:49.0598 0472 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:33:49.0676 0472 pla - ok
22:33:49.0817 0472 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:33:49.0848 0472 PlugPlay - ok
22:33:49.0973 0472 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
22:33:49.0988 0472 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:33:49.0988 0472 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:33:50.0035 0472 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:33:50.0051 0472 PNRPAutoReg - ok
22:33:50.0066 0472 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:33:50.0082 0472 PNRPsvc - ok
22:33:50.0207 0472 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:33:50.0254 0472 PolicyAgent - ok
22:33:50.0300 0472 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:33:50.0332 0472 Power - ok
22:33:50.0378 0472 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:33:50.0410 0472 PptpMiniport - ok
22:33:50.0503 0472 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:33:50.0519 0472 Processor - ok
22:33:50.0644 0472 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
22:33:50.0675 0472 ProfSvc - ok
22:33:50.0706 0472 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:33:50.0706 0472 ProtectedStorage - ok
22:33:50.0784 0472 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:33:50.0831 0472 Psched - ok
22:33:51.0002 0472 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:33:51.0049 0472 ql2300 - ok
22:33:51.0158 0472 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:33:51.0174 0472 ql40xx - ok
22:33:51.0236 0472 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:33:51.0252 0472 QWAVE - ok
22:33:51.0377 0472 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:33:51.0392 0472 QWAVEdrv - ok
22:33:51.0470 0472 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:33:51.0517 0472 RasAcd - ok
22:33:51.0642 0472 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:33:51.0673 0472 RasAgileVpn - ok
22:33:51.0720 0472 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:33:51.0767 0472 RasAuto - ok
22:33:51.0907 0472 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:33:51.0938 0472 Rasl2tp - ok
22:33:52.0016 0472 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:33:52.0079 0472 RasMan - ok
22:33:52.0219 0472 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:33:52.0250 0472 RasPppoe - ok
22:33:52.0391 0472 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:33:52.0438 0472 RasSstp - ok
22:33:52.0578 0472 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:33:52.0625 0472 rdbss - ok
22:33:52.0750 0472 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:33:52.0750 0472 rdpbus - ok
22:33:52.0874 0472 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:33:52.0921 0472 RDPCDD - ok
22:33:53.0062 0472 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:33:53.0093 0472 RDPENCDD - ok
22:33:53.0171 0472 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:33:53.0233 0472 RDPREFMP - ok
22:33:53.0342 0472 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
22:33:53.0374 0472 RDPWD - ok
22:33:53.0498 0472 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:33:53.0514 0472 rdyboost - ok
22:33:53.0576 0472 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:33:53.0623 0472 RemoteAccess - ok
22:33:53.0748 0472 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:33:53.0810 0472 RemoteRegistry - ok
22:33:53.0935 0472 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:33:53.0982 0472 RpcEptMapper - ok
22:33:54.0107 0472 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:33:54.0138 0472 RpcLocator - ok
22:33:54.0278 0472 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:33:54.0310 0472 RpcSs - ok
22:33:54.0466 0472 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:33:54.0512 0472 rspndr - ok
22:33:54.0684 0472 RSUSBSTOR (763ae0c6d9df4c24b7e2c26036a8188a) C:\Windows\system32\Drivers\RtsUStor.sys
22:33:54.0684 0472 RSUSBSTOR - ok
22:33:54.0856 0472 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
22:33:54.0871 0472 RTHDMIAzAudService - ok
22:33:54.0980 0472 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:33:54.0996 0472 SamSs - ok
22:33:55.0121 0472 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:33:55.0121 0472 sbp2port - ok
22:33:55.0246 0472 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:33:55.0277 0472 SCardSvr - ok
22:33:55.0417 0472 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:33:55.0448 0472 scfilter - ok
22:33:55.0573 0472 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:33:55.0620 0472 Schedule - ok
22:33:55.0698 0472 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:33:55.0729 0472 SCPolicySvc - ok
22:33:55.0792 0472 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:33:55.0823 0472 SDRSVC - ok
22:33:55.0948 0472 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:33:55.0994 0472 secdrv - ok
22:33:56.0057 0472 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:33:56.0088 0472 seclogon - ok
22:33:56.0166 0472 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:33:56.0197 0472 SENS - ok
22:33:56.0322 0472 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:33:56.0369 0472 SensrSvc - ok
22:33:56.0494 0472 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:33:56.0509 0472 Serenum - ok
22:33:56.0650 0472 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:33:56.0665 0472 Serial - ok
22:33:56.0806 0472 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:33:56.0821 0472 sermouse - ok
22:33:56.0962 0472 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:33:57.0008 0472 SessionEnv - ok
22:33:57.0196 0472 setup_9.0.0.722_20.06.2011_10-58drv (8423db42808e94847ec4e53efda6bee2) C:\Windows\system32\DRIVERS\7377052.sys
22:33:57.0196 0472 setup_9.0.0.722_20.06.2011_10-58drv - ok
22:33:57.0336 0472 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:33:57.0367 0472 sffdisk - ok
22:33:57.0508 0472 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:33:57.0539 0472 sffp_mmc - ok
22:33:57.0664 0472 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:33:57.0695 0472 sffp_sd - ok
22:33:57.0835 0472 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:33:57.0851 0472 sfloppy - ok
22:33:58.0022 0472 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
22:33:58.0038 0472 Sftfs - ok
22:33:58.0132 0472 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:33:58.0147 0472 sftlist - ok
22:33:58.0241 0472 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:33:58.0256 0472 Sftplay - ok
22:33:58.0366 0472 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:33:58.0366 0472 Sftredir - ok
22:33:58.0444 0472 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
22:33:58.0459 0472 Sftvol - ok
22:33:58.0537 0472 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:33:58.0553 0472 sftvsa - ok
22:33:58.0646 0472 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:33:58.0693 0472 SharedAccess - ok
22:33:58.0818 0472 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:33:58.0849 0472 ShellHWDetection - ok
22:33:58.0896 0472 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:33:58.0912 0472 SiSRaid2 - ok
22:33:59.0021 0472 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:33:59.0021 0472 SiSRaid4 - ok
22:33:59.0161 0472 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:33:59.0192 0472 Smb - ok
22:33:59.0333 0472 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:33:59.0348 0472 SNMPTRAP - ok
22:33:59.0489 0472 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:33:59.0489 0472 spldr - ok
22:33:59.0629 0472 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:33:59.0660 0472 Spooler - ok
22:33:59.0848 0472 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:33:59.0972 0472 sppsvc - ok
22:34:00.0082 0472 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:34:00.0128 0472 sppuinotify - ok
22:34:00.0269 0472 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:34:00.0316 0472 srv - ok
22:34:00.0472 0472 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:34:00.0487 0472 srv2 - ok
22:34:00.0659 0472 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:34:00.0659 0472 srvnet - ok
22:34:00.0815 0472 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:34:00.0846 0472 SSDPSRV - ok
22:34:00.0986 0472 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:34:01.0033 0472 SstpSvc - ok
22:34:01.0189 0472 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:34:01.0205 0472 stexstor - ok
22:34:01.0345 0472 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:34:01.0392 0472 stisvc - ok
22:34:01.0564 0472 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:34:01.0564 0472 swenum - ok
22:34:01.0735 0472 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:34:01.0782 0472 swprv - ok
22:34:01.0954 0472 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:34:02.0032 0472 SysMain - ok
22:34:02.0156 0472 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:34:02.0188 0472 TabletInputService - ok
22:34:02.0312 0472 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:34:02.0359 0472 TapiSrv - ok
22:34:02.0484 0472 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:34:02.0531 0472 TBS - ok
22:34:02.0702 0472 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
22:34:02.0765 0472 Tcpip - ok
22:34:02.0936 0472 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
22:34:02.0968 0472 TCPIP6 - ok
22:34:03.0108 0472 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:34:03.0155 0472 tcpipreg - ok
22:34:03.0295 0472 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:34:03.0311 0472 TDPIPE - ok
22:34:03.0436 0472 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:34:03.0451 0472 TDTCP - ok
22:34:03.0607 0472 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:34:03.0654 0472 tdx - ok
22:34:03.0810 0472 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:34:03.0810 0472 TermDD - ok
22:34:03.0966 0472 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:34:04.0013 0472 TermService - ok
22:34:04.0153 0472 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:34:04.0184 0472 Themes - ok
22:34:04.0340 0472 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:34:04.0372 0472 THREADORDER - ok
22:34:04.0512 0472 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:34:04.0574 0472 TrkWks - ok
22:34:04.0668 0472 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:34:04.0715 0472 TrustedInstaller - ok
22:34:04.0793 0472 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:34:04.0840 0472 tssecsrv - ok
22:34:04.0996 0472 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:34:05.0042 0472 TsUsbFlt - ok
22:34:05.0198 0472 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:34:05.0245 0472 tunnel - ok
22:34:05.0386 0472 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
22:34:05.0386 0472 TurboB - ok
22:34:05.0464 0472 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
22:34:05.0479 0472 TurboBoost - ok
22:34:05.0620 0472 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:34:05.0620 0472 uagp35 - ok
22:34:05.0760 0472 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
22:34:05.0760 0472 UBHelper - ok
22:34:05.0900 0472 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:34:05.0947 0472 udfs - ok
22:34:06.0072 0472 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:34:06.0088 0472 UI0Detect - ok
22:34:06.0244 0472 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:34:06.0259 0472 uliagpkx - ok
22:34:06.0400 0472 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:34:06.0431 0472 umbus - ok
22:34:06.0587 0472 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:34:06.0602 0472 UmPass - ok
22:34:06.0712 0472 UNS (7466809e6da561d60c2f1ce8ede3c73f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:34:06.0790 0472 UNS - ok
22:34:06.0836 0472 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:34:06.0836 0472 Updater Service - ok
22:34:06.0946 0472 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:34:06.0977 0472 upnphost - ok
22:34:07.0055 0472 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:34:07.0070 0472 usbccgp - ok
22:34:07.0211 0472 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:34:07.0226 0472 usbcir - ok
22:34:07.0320 0472 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
22:34:07.0336 0472 usbehci - ok
22:34:07.0476 0472 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:34:07.0492 0472 usbhub - ok
22:34:07.0632 0472 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:34:07.0648 0472 usbohci - ok
22:34:07.0788 0472 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:34:07.0819 0472 usbprint - ok
22:34:07.0960 0472 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:34:07.0975 0472 usbscan - ok
22:34:08.0116 0472 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:34:08.0147 0472 USBSTOR - ok
22:34:08.0287 0472 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:34:08.0303 0472 usbuhci - ok
22:34:08.0459 0472 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
22:34:08.0490 0472 usbvideo - ok
22:34:08.0630 0472 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:34:08.0677 0472 UxSms - ok
22:34:08.0818 0472 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:34:08.0818 0472 VaultSvc - ok
22:34:08.0958 0472 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:34:08.0958 0472 vdrvroot - ok
22:34:09.0098 0472 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:34:09.0145 0472 vds - ok
22:34:09.0301 0472 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:34:09.0317 0472 vga - ok
22:34:09.0442 0472 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:34:09.0473 0472 VgaSave - ok
22:34:09.0629 0472 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:34:09.0644 0472 vhdmp - ok
22:34:09.0769 0472 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:34:09.0785 0472 viaide - ok
22:34:09.0878 0472 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:34:09.0878 0472 volmgr - ok
22:34:09.0972 0472 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:34:09.0988 0472 volmgrx - ok
22:34:10.0097 0472 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:34:10.0112 0472 volsnap - ok
22:34:10.0206 0472 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:34:10.0222 0472 vsmraid - ok
22:34:10.0362 0472 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:34:10.0456 0472 VSS - ok
22:34:10.0565 0472 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:34:10.0596 0472 vwifibus - ok
22:34:10.0736 0472 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:34:10.0752 0472 vwififlt - ok
22:34:10.0892 0472 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:34:10.0908 0472 vwifimp - ok
22:34:11.0002 0472 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:34:11.0033 0472 W32Time - ok
22:34:11.0126 0472 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:34:11.0142 0472 WacomPen - ok
22:34:11.0298 0472 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:34:11.0345 0472 WANARP - ok
22:34:11.0360 0472 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:34:11.0392 0472 Wanarpv6 - ok
22:34:11.0532 0472 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:34:11.0594 0472 wbengine - ok
22:34:11.0719 0472 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:34:11.0766 0472 WbioSrvc - ok
22:34:11.0891 0472 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:34:11.0906 0472 wcncsvc - ok
22:34:11.0984 0472 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:34:12.0031 0472 WcsPlugInService - ok
22:34:12.0140 0472 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:34:12.0156 0472 Wd - ok
22:34:12.0312 0472 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:34:12.0343 0472 Wdf01000 - ok
22:34:12.0484 0472 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:34:12.0562 0472 WdiServiceHost - ok
22:34:12.0577 0472 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:34:12.0577 0472 WdiSystemHost - ok
22:34:12.0702 0472 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:34:12.0718 0472 WebClient - ok
22:34:12.0796 0472 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:34:12.0842 0472 Wecsvc - ok
22:34:12.0936 0472 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:34:12.0998 0472 wercplsupport - ok
22:34:13.0108 0472 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:34:13.0154 0472 WerSvc - ok
22:34:13.0279 0472 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:34:13.0310 0472 WfpLwf - ok
22:34:13.0435 0472 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:34:13.0435 0472 WIMMount - ok
22:34:13.0482 0472 WinDefend - ok
22:34:13.0498 0472 WinHttpAutoProxySvc - ok
22:34:13.0591 0472 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:34:13.0638 0472 Winmgmt - ok
22:34:13.0794 0472 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:34:13.0872 0472 WinRM - ok
22:34:14.0012 0472 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:34:14.0028 0472 Wlansvc - ok
22:34:14.0184 0472 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:34:14.0184 0472 WmiAcpi - ok
22:34:14.0309 0472 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:34:14.0340 0472 wmiApSrv - ok
22:34:14.0402 0472 WMPNetworkSvc - ok
22:34:14.0480 0472 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:34:14.0496 0472 WPCSvc - ok
22:34:14.0590 0472 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:34:14.0621 0472 WPDBusEnum - ok
22:34:14.0746 0472 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:34:14.0761 0472 ws2ifsl - ok
22:34:14.0886 0472 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
22:34:14.0902 0472 wscsvc - ok
22:34:14.0980 0472 WSearch - ok
22:34:15.0073 0472 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
22:34:15.0167 0472 wuauserv - ok
22:34:15.0307 0472 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:34:15.0354 0472 WudfPf - ok
22:34:15.0510 0472 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:34:15.0541 0472 WUDFRd - ok
22:34:15.0650 0472 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:34:15.0697 0472 wudfsvc - ok
22:34:15.0775 0472 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:34:15.0806 0472 WwanSvc - ok
22:34:15.0838 0472 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:34:16.0040 0472 \Device\Harddisk0\DR0 - ok
22:34:16.0040 0472 Boot (0x1200) (0de207c1471ada5485c1f858dc9974c4) \Device\Harddisk0\DR0\Partition0
22:34:16.0040 0472 \Device\Harddisk0\DR0\Partition0 - ok
22:34:16.0072 0472 Boot (0x1200) (75d3fadcc005e2d0d5a3a154b35cf132) \Device\Harddisk0\DR0\Partition1
22:34:16.0072 0472 \Device\Harddisk0\DR0\Partition1 - ok
22:34:16.0072 0472 ============================================================
22:34:16.0072 0472 Scan finished
22:34:16.0072 0472 ============================================================
22:34:16.0181 1268 Detected object count: 5
22:34:16.0181 1268 Actual detected object count: 5
22:35:00.0984 1268 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
22:35:00.0984 1268 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:35:01.0000 1268 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:35:01.0000 1268 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:35:01.0000 1268 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
22:35:01.0000 1268 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:35:01.0015 1268 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:35:01.0015 1268 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:35:01.0031 1268 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:35:01.0031 1268 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
06.04.2012, 21:52
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundestrojaner Windows 7 blockiert Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.04.2012, 22:24
| #21 |
| | Bundestrojaner Windows 7 blockiert Combofix Logfile: Code:
ATTFilter ComboFix 12-04-06.03 - Sarah 06.04.2012 23:03:00.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3959.3205 [GMT 2:00]
ausgeführt von:: c:\users\Sarah\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\boost_interprocess\20120406214325.109999
c:\programdata\boost_interprocess\20120406214325.109999\Nobu64AgentService
c:\programdata\boost_interprocess\20120406214325.109999\Nobu64TrayIcon
c:\programdata\FullRemove.exe
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico
c:\programdata\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setup.dll
c:\programdata\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll
c:\programdata\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\Setup.dat
c:\programdata\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\Setup.exe
c:\programdata\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\Setup.ico
c:\users\Sarah\4.0
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-06 bis 2012-04-06 ))))))))))))))))))))))))))))))
.
.
2012-04-06 21:08 . 2012-04-06 21:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-06 19:34 . 2012-04-06 19:34 -------- d-----w- C:\_OTL
2012-04-05 19:29 . 2012-04-05 19:29 -------- d-----w- c:\program files (x86)\ESET
2012-04-05 19:24 . 2012-04-05 19:24 -------- d-----w- c:\users\Sarah\AppData\Roaming\Malwarebytes
2012-04-05 19:24 . 2012-04-05 19:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-05 19:24 . 2012-04-05 19:24 -------- d-----w- c:\programdata\Malwarebytes
2012-04-05 19:24 . 2011-12-10 13:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 15:22 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{098944AE-0D0D-4F5B-98F9-95935CFB5127}\mpengine.dll
2012-04-01 22:05 . 2012-04-01 22:05 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-03-27 22:22 . 2012-03-27 22:22 -------- d-----w- c:\programdata\Electronic Arts
2012-03-27 22:22 . 2012-03-27 22:22 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-03-25 19:24 . 2012-03-25 19:24 -------- d-----w- c:\program files (x86)\Microsoft Reader
2012-03-25 19:24 . 2003-06-05 15:15 57436 ----a-w- c:\windows\DASShp.dll
2012-03-25 19:24 . 2003-05-22 22:15 217174 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ClearType\ctras.dll
2012-03-25 19:24 . 2000-10-05 13:55 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-03-25 19:24 . 2000-10-05 13:55 221184 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-03-25 19:24 . 2000-10-05 13:50 221184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-03-25 19:24 . 2000-10-05 13:49 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-03-25 19:24 . 2000-10-05 06:01 602244 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-03-25 19:15 . 2012-04-06 19:34 -------- d-----w- c:\program files (x86)\Yontoo
2012-03-25 19:10 . 2012-03-29 23:45 -------- d-----w- c:\program files (x86)\MWS Reader 4
2012-03-14 22:13 . 2012-03-14 22:13 -------- d-----w- c:\program files (x86)\SternTV_ARPGuard
2012-03-14 17:58 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 17:58 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 17:58 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 17:41 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 17:41 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 17:41 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 21:04 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 21:04 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 21:04 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 21:04 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 21:04 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 21:04 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 21:04 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-12 21:33 . 2011-05-17 17:10 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-06 20:26 . 2012-03-06 20:26 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-23 08:18 . 2011-11-13 02:52 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2011-10-12 3151000]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"lxcrmon.exe"="c:\program files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe" [2006-12-11 291760]
"EzPrint"="c:\program files (x86) (x86)\Lexmark 2400 Series\ezprint.exe" [2006-12-11 82864]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-10 135664]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S0 73770522;73770522 Boot Guard Driver;c:\windows\system32\DRIVERS\73770522.sys [x]
S1 73770521;73770521;c:\windows\system32\DRIVERS\73770521.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 setup_9.0.0.722_20.06.2011_10-58drv;setup_9.0.0.722_20.06.2011_10-58drv;c:\windows\system32\DRIVERS\7377052.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-10 135664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-10 21:20]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-10 21:20]
.
2012-04-01 c:\windows\Tasks\Norton Security Scan for Sarah.job
- c:\progra~2\NORTON~2\Engine\351~1.10\Nss.exe [2012-02-04 08:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"lxcrmon.exe"="c:\program files (x86)\Lexmark 2400 Series\lxcrmon.exe" [2009-05-01 291496]
"EzPrint"="c:\program files (x86)\Lexmark 2400 Series\ezprint.exe" [2009-05-01 82600]
"LXCRCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXCRtime.dll" [2006-11-21 31744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mLocal Page =
IE: Free YouTube to MP3 Converter - c:\users\Sarah\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Lexmark 2400 Series - c:\program files (x86) (x86)\Lexmark 2400 Series\Install\x64\Uninst.exe
AddRemove-toolplugin - c:\users\Sarah\AppData\Local\Temp\WZSE0.TMP\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Google\Update\Install\{809085E0-A3C1-4C11-9005-56D6415CDC1C}\chrome_updater.exe
c:\windows\TEMP\CR_765C0.tmp\setup.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-06 23:15:06 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-04-06 21:15
.
Vor Suchlauf: 14 Verzeichnis(se), 425.492.828.160 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 425.150.181.376 Bytes frei
.
- - End Of File - - C2660F1DD414FF11EF7DAA3D18F3927A
--- --- --- ist das schlimm wenn ich jetzt in normal Modus bin? weil der geht wieder ohne Einschränkungen |
|
06.04.2012, 22:50
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundestrojaner Windows 7 blockiert Nein das ist schon ok. Eigentlich solltest du sogar alles im normalen Modus machen aber nu isses egal Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.04.2012, 23:11
| #23 |
| | Bundestrojaner Windows 7 blockiertCode:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-06 23:53:32
-----------------------------
23:53:32.806 OS Version: Windows x64 6.1.7601 Service Pack 1
23:53:32.806 Number of processors: 4 586 0x2505
23:53:32.806 ComputerName: SARAH-PC UserName: Sarah
23:53:33.788 Initialize success
23:54:14.066 AVAST engine defs: 12040601
23:55:22.618 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:55:22.618 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
23:55:22.633 Disk 0 MBR read successfully
23:55:22.649 Disk 0 MBR scan
23:55:22.649 Disk 0 Windows 7 default MBR code
23:55:22.649 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
23:55:22.680 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
23:55:22.680 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 463526 MB offset 27469824
23:55:22.711 Disk 0 scanning C:\Windows\system32\drivers
23:55:33.961 Service scanning
23:56:31.089 Modules scanning
23:56:31.089 Disk 0 trace - called modules:
23:56:31.136 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:56:31.650 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006ff9060]
23:56:31.650 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004ff5050]
23:56:33.632 AVAST engine scan C:\Windows
23:56:38.561 AVAST engine scan C:\Windows\system32
23:59:22.455 AVAST engine scan C:\Windows\system32\drivers
23:59:35.044 AVAST engine scan C:\Users\Sarah
00:03:36.377 AVAST engine scan C:\ProgramData
00:06:40.036 Scan finished successfully
00:08:01.507 Disk 0 MBR has been saved successfully to "C:\Users\Sarah\Desktop\MBR.dat"
00:08:01.507 The log file has been saved successfully to "C:\Users\Sarah\Desktop\aswMBR.txt"
00:09:34.440 Disk 0 MBR has been saved successfully to "C:\Users\Sarah\Desktop\MBR.dat"
00:09:34.440 The log file has been saved successfully to "C:\Users\Sarah\Desktop\aswMBR.txt"
00:09:59.029 Disk 0 MBR has been saved successfully to "C:\Users\Sarah\Desktop\MBR.dat"
00:09:59.044 The log file has been saved successfully to "C:\Users\Sarah\Desktop\aswMBR.txt"
00:10:29.366 Disk 0 MBR has been saved successfully to "C:\Users\Sarah\Documents\MBR.dat"
00:10:29.366 The log file has been saved successfully to "C:\Users\Sarah\Documents\aswMBR.txt"
|
|
06.04.2012, 23:22
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundestrojaner Windows 7 blockiertZitat:
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.04.2012, 21:29
| #25 |
| | Bundestrojaner Windows 7 blockiert Malwarebytes Protokoll Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.04.06.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Sarah :: SARAH-PC [Administrator] Schutz: Deaktiviert 07.04.2012 00:26:52 mbam-log-2012-04-07 (00-26-52).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 340183 Laufzeit: 36 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) ESET Protokoll Code:
ATTFilter C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application
C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application
C:\Users\Sarah\Desktop\FreeTwitTubeSetup-Silent-B2.exe Win32/Adware.Yontoo application
C:\Users\Sarah\Desktop\FreeTwitTubeSetup-Silent-B2[1].exe Win32/Adware.Yontoo application
C:\Users\Sarah\Downloads\DivxUpdate (1).exe Win32/Adware.ToolPlugin application
C:\Users\Sarah\Downloads\DivxUpdate.exe Win32/Adware.ToolPlugin application
C:\_OTL\MovedFiles\04062012_213429\C_Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application
C:\_OTL\MovedFiles\04062012_213429\C_Users\Sarah\AppData\Local\Skype\SkypePM.exe Win32/LockScreen.AIG trojan
C:\_OTL\MovedFiles\04062012_213429\C_Users\Sarah\AppData\Roaming\toolplugin\toolbar.dll Win32/Adware.ToolPlugin application
"C:\Programm Files (x86)\Eset\Eset Online Scanner\log.txt" konnte nicht gefunden werden. Stellen Sie sicher, dass SIe den Namen richtig eingegeben haben und wiederholen SIe den Vorgang. wie soll ich weiter vorgehen? hier das Protokoll was noch fehlt: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=bf8708054e9770468deae790ffee18df
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-07 08:47:50
# local_time=2012-04-07 10:47:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2304 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 84102 85461101 0 0
# compatibility_mode=8192 67108863 100 0 177075 177075 0 0
# scanned=10034
# found=0
# cleaned=0
# scan_time=419
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=bf8708054e9770468deae790ffee18df
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-08 10:01:19
# local_time=2012-04-08 12:01:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=2304 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 128094 85505093 0 0
# compatibility_mode=8192 67108863 100 0 221067 221067 0 0
# scanned=154894
# found=9
# cleaned=0
# scan_time=4036
C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Sarah\Desktop\FreeTwitTubeSetup-Silent-B2.exe Win32/Adware.Yontoo application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Sarah\Desktop\FreeTwitTubeSetup-Silent-B2[1].exe Win32/Adware.Yontoo application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Sarah\Downloads\DivxUpdate (1).exe Win32/Adware.ToolPlugin application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Sarah\Downloads\DivxUpdate.exe Win32/Adware.ToolPlugin application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\04062012_213429\C_Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\04062012_213429\C_Users\Sarah\AppData\Local\Skype\SkypePM.exe Win32/LockScreen.AIG trojan (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\04062012_213429\C_Users\Sarah\AppData\Roaming\toolplugin\toolbar.dll Win32/Adware.ToolPlugin application (unable to clean) 00000000000000000000000000000000 I
|
|
08.04.2012, 16:26
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundestrojaner Windows 7 blockiert Sry ich hab den falschen Baustein gestern angeklickt, eigentlich sollte es dieser sein: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.04.2012, 18:18
| #27 |
| | Bundestrojaner Windows 7 blockiertCode:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 04/08/2012 at 07:17 PM
Application Version : 5.0.1146
Core Rules Database Version : 8424
Trace Rules Database Version: 6236
Scan type : Complete Scan
Total Scan Time : 00:49:50
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 798
Memory threats detected : 0
Registry items scanned : 65540
Registry threats detected : 0
File items scanned : 78637
File threats detected : 435
Adware.Tracking Cookie
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@ad.zanox[2].txt [ /ad.zanox ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@ad2.adfarm1.adition[2].txt [ /ad2.adfarm1.adition ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@adtech[1].txt [ /adtech ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@apmebf[2].txt [ /apmebf ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@atdmt.combing[2].txt [ /atdmt.combing ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@atdmt.combing[3].txt [ /atdmt.combing ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@atdmt[1].txt [ /atdmt ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@atdmt[2].txt [ /atdmt ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@atdmt[3].txt [ /atdmt ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@atdmt[4].txt [ /atdmt ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@atdmt[5].txt [ /atdmt ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@atdmt[7].txt [ /atdmt ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@banners.iminent[1].txt [ /banners.iminent ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@bs.serving-sys[1].txt [ /bs.serving-sys ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@bs.serving-sys[2].txt [ /bs.serving-sys ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@doubleclick[2].txt [ /doubleclick ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@mediabrandsww[1].txt [ /mediabrandsww ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@serving-sys[1].txt [ /serving-sys ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@serving-sys[2].txt [ /serving-sys ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@serving-sys[3].txt [ /serving-sys ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@tracking.quisma[2].txt [ /tracking.quisma ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@www.active-tracking[1].txt [ /www.active-tracking ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\sarah@zanox[1].txt [ /zanox ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\S90N8SY2.txt [ /invitemedia.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\XYK2YQ8Z.txt [ /www.active-tracking.de ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\F1FCJ84P.txt [ /ad3.adfarm1.adition.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\QGVSV7KW.txt [ /mediaplex.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\GE1UGXIS.txt [ /zanox.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\7808BB20.txt [ /youporn.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\MW9N2R6I.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\UZHY9605.txt [ /ad.ad-srv.net ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\BQMD2PE8.txt [ /ad.adition.net ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\TE6VFXOU.txt [ /doubleclick.net ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\F8M5NMA5.txt [ /partypoker.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\RMHP3UID.txt [ /adfarm1.adition.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\4BEZ1GEO.txt [ /atdmt.combing.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\0I4KNGIB.txt [ /webmasterplan.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\RQUZTBVV.txt [ /xm.xtendmedia.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\KVNEXBLS.txt [ /imrworldwide.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\VF1TQHE3.txt [ /adtech.de ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\P9WB27VC.txt [ /tradedoubler.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\075LAZLA.txt [ /www.usenext.de ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\ATNV957S.txt [ /questionmarket.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\IC2TMRK1.txt [ /ru4.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\8SRVO61U.txt [ /banners.iminent.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\CWT71FIH.txt [ /ad.zanox.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\R18PDNIU.txt [ /traffictrack.de ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\VLYPFTC8.txt [ /ads.creative-serving.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\FRAUH0M2.txt [ /unitymedia.de ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\MDO33QU7.txt [ /advertstream.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\VOI3P3Z1.txt [ /revsci.net ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\4WCPLYOO.txt [ /ad4.adfarm1.adition.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\ERRZRO0P.txt [ /eaeacom.112.2o7.net ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\Y5FY4YAX.txt [ /content.yieldmanager.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\CZF00Q8Q.txt [ /aim4media.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\AS8WR9UA.txt [ /apmebf.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\261LP8QX.txt [ /ad.360yield.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\0IQ8QALH.txt [ /media6degrees.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\ID9BEFMP.txt [ /specificclick.net ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\20EV1TEL.txt [ /adxpose.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\YRQYXYAZ.txt [ /casalemedia.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\R5VAAPCC.txt [ /bs.serving-sys.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\NFUE9NVQ.txt [ /smartadserver.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\ODY52ZOC.txt [ /eas.apm.emediate.eu ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\IW6PK4N7.txt [ /track.adform.net ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\JFCKYFKA.txt [ /ad1.adfarm1.adition.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\P3XOOD7V.txt [ /serving-sys.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\A6YTHO9S.txt [ /microsoftwllivemkt.112.2o7.net ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\BPMV3X7A.txt [ /tracking.quisma.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\0PQCVQSA.txt [ /adbrite.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\PE5QU0JS.txt [ /c.atdmt.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\U9RIC6L7.txt [ /ad.yieldmanager.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\G8X61UDD.txt [ /atdmt.com ]
C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Cookies\0TWK053X.txt [ /adform.net ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\7Q5EUE1P.txt [ Cookie:sarah@clkads.com/adServe/banners ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\22GHBBJN.txt [ Cookie:sarah@invitemedia.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\NCD2NFBV.txt [ Cookie:sarah@www.googleadservices.com/pagead/conversion/1072574438/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\PNEQ847L.txt [ Cookie:sarah@zanox-affiliate.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\AUFCDAFN.txt [ Cookie:sarah@tracking.mindshare.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\V9459LXL.txt [ Cookie:sarah@ad3.adfarm1.adition.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\O3VUXBFA.txt [ Cookie:sarah@ad.adnet.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9H1KDTCV.txt [ Cookie:sarah@mediaplex.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKOQGIWU.txt [ Cookie:sarah@zanox.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QX5PNGH2.txt [ Cookie:sarah@nl.sitestat.com/run/run/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\3BU3TOUY.txt [ Cookie:sarah@clickfuse.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\F1FK8DMP.txt [ Cookie:sarah@youporn.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\06KEJQS1.txt [ Cookie:sarah@ad2.adfarm1.adition.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\4BBIR0YH.txt [ Cookie:sarah@exoclick.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\T0OVVWS5.txt [ Cookie:sarah@www.googleadservices.com/pagead/conversion/1020151162/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\NP4CO7Z1.txt [ Cookie:sarah@doubleclick.net/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\1JF1B8XU.txt [ Cookie:sarah@adfarm1.adition.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\YLO4THVN.txt [ Cookie:sarah@partypoker.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\58JYUUK3.txt [ Cookie:sarah@webmasterplan.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\PY77NI8Q.txt [ Cookie:sarah@adviva.net/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\E8D43ZHR.txt [ Cookie:sarah@imrworldwide.com/cgi-bin ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y4E1KQMH.txt [ Cookie:sarah@adtech.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\YD10LN1M.txt [ Cookie:sarah@tradedoubler.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\VK3U8S0G.txt [ Cookie:sarah@ww251.smartadserver.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DSXGDJ3A.txt [ Cookie:sarah@porn.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DCIDE2QA.txt [ Cookie:sarah@ad.zanox.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\EUO5MLGB.txt [ Cookie:sarah@www.googleadservices.com/pagead/conversion/1070607736/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\2JD22KME.txt [ Cookie:sarah@euros4click.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\1Z5S0UCG.txt [ Cookie:sarah@traffictrack.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\9W725AQ5.txt [ Cookie:sarah@a.revenuemax.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\J20NLSV9.txt [ Cookie:sarah@unitymedia.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\GUPJ29OM.txt [ Cookie:sarah@im.banner.t-online.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FP96V26I.txt [ Cookie:sarah@revsci.net/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y340CXVC.txt [ Cookie:sarah@ad4.adfarm1.adition.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\M1CKKZT7.txt [ Cookie:sarah@ads.crakmedia.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\WL50GZOM.txt [ Cookie:sarah@de.sitestat.com/sueddeutsche/sueddeutsche/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\MWOWMW3T.txt [ Cookie:sarah@apmebf.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\M9XMK44I.txt [ Cookie:sarah@xiti.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\4U6ZUBK3.txt [ Cookie:sarah@specificclick.net/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\ARJDTL5K.txt [ Cookie:sarah@hightraffic.hugoboss.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\J3IP55Y1.txt [ Cookie:sarah@www.youporn.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\PJ92X0UP.txt [ Cookie:sarah@tracking.mlsat02.de/tmobile/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\B3LQUFHS.txt [ Cookie:sarah@www.etracker.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\QAFC2GFJ.txt [ Cookie:sarah@ehg-sz.hitbox.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\E7ZZXXB4.txt [ Cookie:sarah@youporn-video.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\OYQEE0RL.txt [ Cookie:sarah@unisex-friseure.de/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\FPL3QC21.txt [ Cookie:sarah@smartadserver.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\DCVE78F1.txt [ Cookie:sarah@bs.serving-sys.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\OT6X9DTA.txt [ Cookie:sarah@guj.122.2o7.net/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\260N5O00.txt [ Cookie:sarah@eas.apm.emediate.eu/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\1OMECBZA.txt [ Cookie:sarah@ad1.adfarm1.adition.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\2JB9MSSQ.txt [ Cookie:sarah@serving-sys.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\EVUV8T6S.txt [ Cookie:sarah@ad.yieldmanager.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\K11FEHUR.txt [ Cookie:sarah@atdmt.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\2NC4VMPU.txt [ Cookie:sarah@www.googleadservices.com/pagead/conversion/950005848/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\F8KUIKYA.txt [ Cookie:sarah@c.atdmt.com/ ]
C:\USERS\SARAH\AppData\Roaming\Microsoft\Windows\Cookies\Low\A9BT7MVY.txt [ Cookie:sarah@www.porn.com/ ]
C:\USERS\SARAH\Cookies\S90N8SY2.txt [ Cookie:sarah@invitemedia.com/ ]
C:\USERS\SARAH\Cookies\XYK2YQ8Z.txt [ Cookie:sarah@www.active-tracking.de/ ]
C:\USERS\SARAH\Cookies\F1FCJ84P.txt [ Cookie:sarah@ad3.adfarm1.adition.com/ ]
C:\USERS\SARAH\Cookies\QGVSV7KW.txt [ Cookie:sarah@mediaplex.com/ ]
C:\USERS\SARAH\Cookies\GE1UGXIS.txt [ Cookie:sarah@zanox.com/ ]
C:\USERS\SARAH\Cookies\sarah@atdmt[2].txt [ Cookie:sarah@atdmt.com/ ]
C:\USERS\SARAH\Cookies\7808BB20.txt [ Cookie:sarah@youporn.com/ ]
C:\USERS\SARAH\Cookies\MW9N2R6I.txt [ Cookie:sarah@ad2.adfarm1.adition.com/ ]
C:\USERS\SARAH\Cookies\TE6VFXOU.txt [ Cookie:sarah@doubleclick.net/ ]
C:\USERS\SARAH\Cookies\sarah@ad.yieldmanager[1].txt [ Cookie:sarah@ad.yieldmanager.com/ ]
C:\USERS\SARAH\Cookies\F8M5NMA5.txt [ Cookie:sarah@partypoker.com/ ]
C:\USERS\SARAH\Cookies\RMHP3UID.txt [ Cookie:sarah@adfarm1.adition.com/ ]
C:\USERS\SARAH\Cookies\4BEZ1GEO.txt [ Cookie:sarah@atdmt.combing.com/ ]
C:\USERS\SARAH\Cookies\0I4KNGIB.txt [ Cookie:sarah@webmasterplan.com/ ]
C:\USERS\SARAH\Cookies\KVNEXBLS.txt [ Cookie:sarah@imrworldwide.com/cgi-bin ]
C:\USERS\SARAH\Cookies\VF1TQHE3.txt [ Cookie:sarah@adtech.de/ ]
C:\USERS\SARAH\Cookies\P9WB27VC.txt [ Cookie:sarah@tradedoubler.com/ ]
C:\USERS\SARAH\Cookies\075LAZLA.txt [ Cookie:sarah@www.usenext.de/ ]
C:\USERS\SARAH\Cookies\ATNV957S.txt [ Cookie:sarah@questionmarket.com/ ]
C:\USERS\SARAH\Cookies\IC2TMRK1.txt [ Cookie:sarah@ru4.com/ ]
C:\USERS\SARAH\Cookies\8SRVO61U.txt [ Cookie:sarah@banners.iminent.com/ ]
C:\USERS\SARAH\Cookies\CWT71FIH.txt [ Cookie:sarah@ad.zanox.com/ ]
C:\USERS\SARAH\Cookies\R18PDNIU.txt [ Cookie:sarah@traffictrack.de/ ]
C:\USERS\SARAH\Cookies\FRAUH0M2.txt [ Cookie:sarah@unitymedia.de/ ]
C:\USERS\SARAH\Cookies\MDO33QU7.txt [ Cookie:sarah@advertstream.com/a ]
C:\USERS\SARAH\Cookies\VOI3P3Z1.txt [ Cookie:sarah@revsci.net/ ]
C:\USERS\SARAH\Cookies\4WCPLYOO.txt [ Cookie:sarah@ad4.adfarm1.adition.com/ ]
C:\USERS\SARAH\Cookies\ERRZRO0P.txt [ Cookie:sarah@eaeacom.112.2o7.net/ ]
C:\USERS\SARAH\Cookies\Y5FY4YAX.txt [ Cookie:sarah@content.yieldmanager.com/ak/ ]
C:\USERS\SARAH\Cookies\sarah@atdmt[7].txt [ Cookie:sarah@atdmt.com/ ]
C:\USERS\SARAH\Cookies\CZF00Q8Q.txt [ Cookie:sarah@aim4media.com/ ]
C:\USERS\SARAH\Cookies\AS8WR9UA.txt [ Cookie:sarah@apmebf.com/ ]
C:\USERS\SARAH\Cookies\sarah@atdmt.combing[3].txt [ Cookie:sarah@atdmt.combing.com/ ]
C:\USERS\SARAH\Cookies\ID9BEFMP.txt [ Cookie:sarah@specificclick.net/ ]
C:\USERS\SARAH\Cookies\20EV1TEL.txt [ Cookie:sarah@adxpose.com/ ]
C:\USERS\SARAH\Cookies\YRQYXYAZ.txt [ Cookie:sarah@casalemedia.com/ ]
C:\USERS\SARAH\Cookies\R5VAAPCC.txt [ Cookie:sarah@bs.serving-sys.com/ ]
C:\USERS\SARAH\Cookies\NFUE9NVQ.txt [ Cookie:sarah@smartadserver.com/ ]
C:\USERS\SARAH\Cookies\ODY52ZOC.txt [ Cookie:sarah@eas.apm.emediate.eu/ ]
C:\USERS\SARAH\Cookies\JFCKYFKA.txt [ Cookie:sarah@ad1.adfarm1.adition.com/ ]
C:\USERS\SARAH\Cookies\sarah@bs.serving-sys[1].txt [ Cookie:sarah@bs.serving-sys.com/ ]
C:\USERS\SARAH\Cookies\P3XOOD7V.txt [ Cookie:sarah@serving-sys.com/ ]
C:\USERS\SARAH\Cookies\7Q5EUE1P.txt [ Cookie:sarah@clkads.com/adServe/banners ]
C:\USERS\SARAH\Cookies\0PQCVQSA.txt [ Cookie:sarah@adbrite.com/ ]
C:\USERS\SARAH\Cookies\PE5QU0JS.txt [ Cookie:sarah@c.atdmt.com/ ]
C:\USERS\SARAH\Cookies\U9RIC6L7.txt [ Cookie:sarah@ad.yieldmanager.com/ ]
C:\USERS\SARAH\Cookies\G8X61UDD.txt [ Cookie:sarah@atdmt.com/ ]
C:\USERS\SARAH\Cookies\0TWK053X.txt [ Cookie:sarah@adform.net/ ]
.apmebf.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edge.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
openx.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edge.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediametrics.mpsa.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediametrics.mpsa.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gmeurope.112.2o7.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adviva.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.klicktel.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.klicktel.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.dyntracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.micklemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.micklemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6whkogmczwlp.stats.esomniture.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.micklemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dyntracker.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.micklemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.micklemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6aeloeodjihp.stats.esomniture.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.harrenmedianetwork.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unister-adservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.quisma.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.mlsat02.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.autoscout24.112.2o7.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.commons.wikimedia.org [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.commons.wikimedia.org [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.gigcount.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.adnet.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gostats.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.chitika.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a.revenuemax.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmotraffic.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmotraffic.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.s24.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gostats.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6ael4gkcjobq.stats.esomniture.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxvalue.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.zanox-affiliate.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.dyntracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edge.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
openx.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
openx.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
edge.jeetyetmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.deutschepostag.112.2o7.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.gan-online.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ww251.smartadserver.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediamarkt.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediamarkt.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.etracker.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad4.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.unitymedia.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.unitymedia.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.dc-storm.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.dc-storm.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.unitymedia.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.unitymedia.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.unitymedia.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.quisma.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hightraffic.hugoboss.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hightraffic.hugoboss.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hightraffic.hugoboss.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox-affiliate.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.im.banner.t-online.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zanox.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adt.traffictrack.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adt.traffictrack.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adt.traffictrack.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adt.traffictrack.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tto2.traffictrack.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traffictrack.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webmasterplan.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.zanox-affiliate.de [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SARAH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
secure-uk.imrworldwide.com [ C:\USERS\SARAH\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NLAMACFM ]
|
|
08.04.2012, 18:27
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundestrojaner Windows 7 blockiert Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.04.2012, 18:31
| #29 |
| | Bundestrojaner Windows 7 blockiert also ich kann momentan keine weiteren Probleme feststellen. wenn es das dann war bedanke ich mich recht herzlich bei dir LG Thomas |
|
08.04.2012, 18:53
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bundestrojaner Windows 7 blockiert Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Adobe - Andere Version des Adobe Flash Player installieren Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Bundestrojaner Windows 7 blockiert |
| blockiert, bundes, bundestrojaner, freue, gesuch, gesucht, leute, troja, trojaner, weiterhelfen, windows, windows 7, windows 7 blockiert |
Linear-Darstellung
