Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Neuer Win7 PC

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 27.10.2013, 15:26   #1
cam2oo3
 
Neuer Win7 PC - Standard

Problem: Neuer Win7 PC



Hallo, habe einen PC und habe den verdacht dass ich mir was eingefallen habe, aufgrund der Log von Router.

10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62525->> 107.20.193.157, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 64060->> 78.46.82.226, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63470->> 193.149.47.98, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 51479->> 91.189.89.144, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63170->> 68.232.35.121, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62361->> 95.110.255.50, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63022->> 2.16.217.74, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63624->> 46.20.32.41, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63107->> 54.247.97.79, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63479->> 95.211.238.97, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63465->> 95.211.238.98, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 64002->> 176.9.118.140, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62336->> 5.135.142.153, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62688->> 93.184.220.20, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62995->> 4.71.251.71, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63614->> 176.34.220.146, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62619->> 107.20.188.69, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63103->> 190.93.250.14, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63898->> 85.90.254.44, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62481->> 54.228.180.95, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 63115->> 54.247.97.110, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62856->> 5.9.88.61, 80 (from PPPoE1 Outbound)
10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62596->> 172.227.101.109, 80 (from PPPoE1 Outbound)

Geändert von cam2oo3 (27.10.2013 um 15:44 Uhr)

Alt 27.10.2013, 15:50   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Neuer Win7 PC - Standard

Neuer Win7 PC Anleitung / Hilfe



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!





Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 27.10.2013, 16:30   #3
cam2oo3
 
Neuer Win7 PC - Standard

Neuer Win7 PC Details



nein keine Meldung

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.27.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Xyttas2 :: XYTTAS2-PC [Administrator]

27.10.2013 17:05:37
mbam-log-2013-10-27 (17-05-37).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 331468
Laufzeit: 23 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
__________________
Miniaturansicht angehängter Grafiken
Neuer Win7 PC-verbindungen.jpg  

Geändert von cam2oo3 (27.10.2013 um 16:44 Uhr)

Alt 28.10.2013, 15:06   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Neuer Win7 PC - Standard

Lösung: Neuer Win7 PC



Zitat:
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Warum hast du eine Professional-Edition von Windows, brauchst du das als Heimanwender?
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?


Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.10.2013, 22:31   #5
cam2oo3
 
Neuer Win7 PC - Standard

Wie Neuer Win7 PC



Zitat:
Zitat von cosinus Beitrag anzeigen
Warum hast du eine Professional-Edition von Windows, brauchst du das als Heimanwender?
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?
Key ist noch aus Uni-zeiten

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.10.28.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Xyttas2 :: XYTTAS2-PC [administrator]

28.10.2013 23:20:46
mbar-log-2013-10-28 (23-20-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 239574
Time elapsed: 5 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         


Alt 28.10.2013, 22:56   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Neuer Win7 PC - Standard

Wo Neuer Win7 PC Lösung!



Alles sehr unauffällig bisher

Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> Neuer Win7 PC

Alt 28.10.2013, 23:37   #7
cam2oo3
 
Neuer Win7 PC - Standard

Neuer Win7 PC



ich glaube das avast! Free Antivirus schuld ist

Code:
ATTFilter
Unknown	0	TCP	2559		127.0.0.1	49545		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	2559		127.0.0.1	49558		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	2559		127.0.0.1	49559		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	2559		127.0.0.1	49571		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	2559		127.0.0.1	49572		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	2559		127.0.0.1	49573		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	2559		127.0.0.1	49574		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49504		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49505		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49524		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49525		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49534		192.168.168.100	3911		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49537		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49538		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49541		192.168.168.100	3911		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49542		192.168.168.100	3910		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49543		192.168.168.100	3910		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49544		192.168.168.100	3911		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49546		192.168.168.100	3910		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49547		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49548		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49550		192.168.168.100	3910		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49551		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49552		192.168.168.100	3910		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49553		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49554		192.168.168.100	3910		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49555		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49556		192.168.168.100	3910		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49557		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49560		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49561		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49562		192.168.168.100	53048		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49563		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49564		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49565		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49566		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49567		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49568		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49569		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49570		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	2559		127.0.0.1	49575		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:50				
Unknown	0	TCP	2559		127.0.0.1	49576		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:50				
Unknown	0	TCP	2559		127.0.0.1	49577		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:50				
Unknown	0	TCP	2559		127.0.0.1	49578		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:50				
Unknown	0	TCP	49579		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:50				
Unknown	0	TCP	49580		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:50				
Unknown	0	TCP	49581		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:50				
Unknown	0	TCP	49582		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:34:50				
AvastSvc.exe	1444	TCP	12080		127.0.0.1	49583		127.0.0.1	Xyttas2-PC	Established	C:\Program Files\AVAST Software\Avast\AvastSvc.exe	avast! Antivirus	avast! Service	8.0.1497.376	AVAST Software	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	avast! Antivirus	A	29.10.2013 00:34:55				
Dropbox.exe	2560	TCP	49583		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Established	C:\Users\Xyttas2\AppData\Roaming\Dropbox\bin\Dropbox.exe	Dropbox	Dropbox	2.4.2	Dropbox, Inc.	29.10.2013 00:30:53	Xyttas2-PC\Xyttas2		A	29.10.2013 00:34:55				
Unknown	0	TCP	49585		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:35:02				
Unknown	0	TCP	49586		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:35:02				
Unknown	0	TCP	49587		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:35:09				
Unknown	0	TCP	49588		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:35:09				
Unknown	0	TCP	49589		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:35:18				
Unknown	0	TCP	49590		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Time Wait						N/A				29.10.2013 00:35:18				
AvastSvc.exe	1444	TCP	12080		127.0.0.1	49591		127.0.0.1	Xyttas2-PC	Established	C:\Program Files\AVAST Software\Avast\AvastSvc.exe	avast! Antivirus	avast! Service	8.0.1497.376	AVAST Software	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	avast! Antivirus	A	29.10.2013 00:35:27				
HPLaserJetService.exe	1040	TCP	49591		127.0.0.1	12080		127.0.0.1	Xyttas2-PC	Established	C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe	HPLaserJetService	HP LaserJet Service	9.27.856.0	HP	29.10.2013 00:30:40	NT-AUTORITÄT\SYSTEM	HP LaserJet Service	A	29.10.2013 00:35:27				
AvastSvc.exe	1444	TCP	49592		192.168.168.100	8080		192.168.168.102	Xyttas2-PC	Established	C:\Program Files\AVAST Software\Avast\AvastSvc.exe	avast! Antivirus	avast! Service	8.0.1497.376	AVAST Software	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	avast! Antivirus	A	29.10.2013 00:35:27				
Unknown	0	TCP	49324		192.168.168.100	443	https	173.194.44.41	muc03s08-in-f9.1e100.net	Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49404		192.168.168.100	80	http	173.194.44.33	muc03s08-in-f1.1e100.net	Time Wait						N/A				29.10.2013 00:34:34				
svchost.exe	564	TCP	135	epmap	0.0.0.0			0.0.0.0		Listening	C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:35	NT-AUTORITÄT\NETZWERKDIENST	RpcEptMapper, RpcSs	A	29.10.2013 00:34:34				
System	4	TCP	139	netbios-ssn	169.254.49.219			0.0.0.0		Listening						N/A				29.10.2013 00:34:34				
System	4	TCP	139	netbios-ssn	192.168.141.1			0.0.0.0		Listening						N/A				29.10.2013 00:34:34				
System	4	TCP	139	netbios-ssn	192.168.168.100			0.0.0.0		Listening						N/A				29.10.2013 00:34:34				
wmpnetwk.exe	4012	TCP	554	rtsp	0.0.0.0			0.0.0.0		Listening	C:\Program Files\Windows Media Player\wmpnetwk.exe	Betriebssystem Microsoft® Windows®	Windows Media Player-Netzwerkfreigabedienst	12.0.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:28	NT-AUTORITÄT\NETZWERKDIENST	WMPNetworkSvc	A	29.10.2013 00:34:34				
LMS.exe	1648	TCP	623		0.0.0.0			0.0.0.0		Listening	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe	Intel(R) Management and Security Application Local Management Service	Intel(R) Local Management Service	9.0.0.1323	Intel Corporation	29.10.2013 00:33:11	NT-AUTORITÄT\SYSTEM	LMS	A	29.10.2013 00:34:34				
daemonu.exe	2344	TCP	2559		127.0.0.1			0.0.0.0		Listening	C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe	NVIDIA Update Components	NVIDIA Settings Update Manager	1.14.17.0	NVIDIA Corporation	29.10.2013 00:33:48	Xyttas2-PC\UpdatusUser	nvUpdatusService	A	29.10.2013 00:34:34				
AvastSvc.exe	1444	TCP	12080		127.0.0.1			0.0.0.0		Listening	C:\Program Files\AVAST Software\Avast\AvastSvc.exe	avast! Antivirus	avast! Service	8.0.1497.376	AVAST Software	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	avast! Antivirus	A	29.10.2013 00:34:34				
LMS.exe	1648	TCP	16992		0.0.0.0			0.0.0.0		Listening	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe	Intel(R) Management and Security Application Local Management Service	Intel(R) Local Management Service	9.0.0.1323	Intel Corporation	29.10.2013 00:33:11	NT-AUTORITÄT\SYSTEM	LMS	A	29.10.2013 00:34:34				
Dropbox.exe	2560	TCP	17500		0.0.0.0			0.0.0.0		Listening	C:\Users\Xyttas2\AppData\Roaming\Dropbox\bin\Dropbox.exe	Dropbox	Dropbox	2.4.2	Dropbox, Inc.	29.10.2013 00:30:53	Xyttas2-PC\Xyttas2		A	29.10.2013 00:34:34				
AvastSvc.exe	1444	TCP	27275		127.0.0.1			0.0.0.0		Listening	C:\Program Files\AVAST Software\Avast\AvastSvc.exe	avast! Antivirus	avast! Service	8.0.1497.376	AVAST Software	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	avast! Antivirus	A	29.10.2013 00:34:34				
wininit.exe	664	TCP	49152		0.0.0.0			0.0.0.0		Listening	C:\Windows\system32\wininit.exe	Betriebssystem Microsoft® Windows®	Windows-Startanwendung	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:34	NT-AUTORITÄT\SYSTEM		A	29.10.2013 00:34:34				
svchost.exe	1044	TCP	49153		0.0.0.0			0.0.0.0		Listening	C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\LOKALER DIENST	AudioSrv, Dhcp, eventlog, HomeGroupProvider, lmhosts, wscsvc	A	29.10.2013 00:34:34				
svchost.exe	1152	TCP	49154		0.0.0.0			0.0.0.0		Listening	C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\SYSTEM	AeLookupSvc, Appinfo, BITS, iphlpsvc, LanmanServer, MMCSS, ProfSvc, Schedule, SENS, ShellHWDetection, Themes, Winmgmt, wuauserv	A	29.10.2013 00:34:34				
lsass.exe	744	TCP	49155		0.0.0.0			0.0.0.0		Listening	C:\Windows\system32\lsass.exe	Microsoft® Windows® Operating System	Local Security Authority Process	6.1.7601.17725 (win7sp1_gdr.111116-1503)	Microsoft Corporation	29.10.2013 00:30:34	NT-AUTORITÄT\SYSTEM	KeyIso, SamSs	A	29.10.2013 00:34:34				
services.exe	732	TCP	49192		0.0.0.0			0.0.0.0		Listening	C:\Windows\system32\services.exe	Betriebssystem Microsoft® Windows®	Anwendung für Dienste und Controller	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:34	NT-AUTORITÄT\SYSTEM		A	29.10.2013 00:34:34				
Unknown	0	TCP	49323		192.168.168.100	443	https	173.194.44.47		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49325		192.168.168.100	443	https	173.194.44.52		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49326		192.168.168.100	443	https	173.194.70.84		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49354		192.168.168.100	5222		173.194.70.125		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49357		192.168.168.100	443	https	173.194.44.56		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49387		192.168.168.100	80	http	173.194.44.58		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49401		192.168.168.100	80	http	173.194.44.58		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49409		192.168.168.100	80	http	173.194.44.45		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49410		192.168.168.100	443	https	173.194.44.56		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49413		192.168.168.100	80	http	173.194.44.57		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49415		192.168.168.100	80	http	80.237.191.2		Time Wait						N/A				29.10.2013 00:34:34				
LMS.exe	1648	TCP	49460		127.0.0.1			0.0.0.0		Listening	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe	Intel(R) Management and Security Application Local Management Service	Intel(R) Local Management Service	9.0.0.1323	Intel Corporation	29.10.2013 00:33:11	NT-AUTORITÄT\SYSTEM	LMS	A	29.10.2013 00:34:34				
Unknown	0	TCP	49519		192.168.168.100	80	http	77.234.40.68		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49536		192.168.168.100	80	http	77.234.40.68		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49549		192.168.168.100	80	http	77.234.40.68		Time Wait						N/A				29.10.2013 00:34:34				
System	4	TCP	445	microsoft-ds	0.0.0.0			0.0.0.0		Listening						N/A				29.10.2013 00:34:34				
System	4	TCP	2869	icslap	0.0.0.0			0.0.0.0		Listening						N/A				29.10.2013 00:34:34				
System	4	TCP	5357	wsd	0.0.0.0			0.0.0.0		Listening						N/A				29.10.2013 00:34:34				
System	4	TCP	10243		0.0.0.0			0.0.0.0		Listening						N/A				29.10.2013 00:34:34				
AvastSvc.exe	1444	TCP	27275		0.0.0.0			0.0.0.0		Listening	C:\Program Files\AVAST Software\Avast\AvastSvc.exe	avast! Antivirus	avast! Service	8.0.1497.376	AVAST Software	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	avast! Antivirus	A	29.10.2013 00:34:34				
System	4	UDP	137	netbios-ns	169.254.49.219											N/A				29.10.2013 00:34:34				
System	4	UDP	137	netbios-ns	192.168.141.1											N/A				29.10.2013 00:34:34				
System	4	UDP	137	netbios-ns	192.168.168.100											N/A				29.10.2013 00:34:34				
System	4	UDP	138	netbios-dgm	169.254.49.219											N/A				29.10.2013 00:34:34				
System	4	UDP	138	netbios-dgm	192.168.141.1											N/A				29.10.2013 00:34:34				
System	4	UDP	138	netbios-dgm	192.168.168.100											N/A				29.10.2013 00:34:34				
svchost.exe	3220	UDP	1900	ssdp	127.0.0.1						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	1900	ssdp	169.254.49.219						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	1900	ssdp	192.168.141.1						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	1900	ssdp	192.168.168.100						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	3702	ws-discovery	0.0.0.0						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	1120	UDP	3702	ws-discovery	0.0.0.0						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\LOKALER DIENST	EventSystem, fdPHost, FontCache, netprofm, nsi, WdiServiceHost, WinHttpAutoProxySvc	A	29.10.2013 00:34:34				
HPLaserJetService.exe	1040	UDP	3911		0.0.0.0						C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe	HPLaserJetService	HP LaserJet Service	9.27.856.0	HP	29.10.2013 00:30:40	NT-AUTORITÄT\SYSTEM	HP LaserJet Service	A	29.10.2013 00:34:34				
wmpnetwk.exe	4012	UDP	5004		0.0.0.0						C:\Program Files\Windows Media Player\wmpnetwk.exe	Betriebssystem Microsoft® Windows®	Windows Media Player-Netzwerkfreigabedienst	12.0.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:28	NT-AUTORITÄT\NETZWERKDIENST	WMPNetworkSvc	A	29.10.2013 00:34:34				
wmpnetwk.exe	4012	UDP	5005		0.0.0.0						C:\Program Files\Windows Media Player\wmpnetwk.exe	Betriebssystem Microsoft® Windows®	Windows Media Player-Netzwerkfreigabedienst	12.0.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:28	NT-AUTORITÄT\NETZWERKDIENST	WMPNetworkSvc	A	29.10.2013 00:34:34				
svchost.exe	1364	UDP	5355	llmnr	0.0.0.0						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:37	NT-AUTORITÄT\NETZWERKDIENST	CryptSvc, Dnscache, LanmanWorkstation, NlaSvc	A	29.10.2013 00:34:34				
Dropbox.exe	2560	UDP	17500		0.0.0.0						C:\Users\Xyttas2\AppData\Roaming\Dropbox\bin\Dropbox.exe	Dropbox	Dropbox	2.4.2	Dropbox, Inc.	29.10.2013 00:30:53	Xyttas2-PC\Xyttas2		A	29.10.2013 00:34:34				
daemonu.exe	2344	UDP	48000		127.0.0.1						C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe	NVIDIA Update Components	NVIDIA Settings Update Manager	1.14.17.0	NVIDIA Corporation	29.10.2013 00:33:48	Xyttas2-PC\UpdatusUser	nvUpdatusService	A	29.10.2013 00:34:34				
nvtray.exe	3064	UDP	48001		127.0.0.1						C:\Program Files\NVIDIA Corporation\Display\nvtray.exe	NVIDIA Settings	NVIDIA Settings	7.17.13.2723	NVIDIA Corporation	29.10.2013 00:31:10	Xyttas2-PC\Xyttas2		A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	52948		192.168.168.100						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	52949		127.0.0.1						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	1120	UDP	52950		0.0.0.0						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\LOKALER DIENST	EventSystem, fdPHost, FontCache, netprofm, nsi, WdiServiceHost, WinHttpAutoProxySvc	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	56894		0.0.0.0						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	1120	UDP	56896		0.0.0.0						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\LOKALER DIENST	EventSystem, fdPHost, FontCache, netprofm, nsi, WdiServiceHost, WinHttpAutoProxySvc	A	29.10.2013 00:34:34				
spoolsv.exe	1604	UDP	58124		0.0.0.0						C:\Windows\System32\spoolsv.exe	Betriebssystem Microsoft® Windows®	Spoolersubsystem-Anwendung	6.1.7601.17514 (win7sp1_rtm.101119-1850)	Microsoft Corporation	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	Spooler	A	29.10.2013 00:34:34				
svchost.exe	564	TCP	135	epmap	::			::		Listening	C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:35	NT-AUTORITÄT\NETZWERKDIENST	RpcEptMapper, RpcSs	A	29.10.2013 00:34:34	C:\Windows\system32\svchost.exe			
System	4	TCP	445	microsoft-ds	::			::		Listening						N/A				29.10.2013 00:34:34				
wmpnetwk.exe	4012	TCP	554	rtsp	::			::		Listening	C:\Program Files\Windows Media Player\wmpnetwk.exe	Betriebssystem Microsoft® Windows®	Windows Media Player-Netzwerkfreigabedienst	12.0.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:28	NT-AUTORITÄT\NETZWERKDIENST	WMPNetworkSvc	A	29.10.2013 00:34:34				
LMS.exe	1648	TCP	623		::			::		Listening	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe	Intel(R) Management and Security Application Local Management Service	Intel(R) Local Management Service	9.0.0.1323	Intel Corporation	29.10.2013 00:33:11	NT-AUTORITÄT\SYSTEM	LMS	A	29.10.2013 00:34:34				
System	4	TCP	2869	icslap	::			::		Listening						N/A				29.10.2013 00:34:34				
svchost.exe	3364	TCP	3587	p2pgroup	::			::		Listening	C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:50	NT-AUTORITÄT\LOKALER DIENST	p2pimsvc, p2psvc, PNRPsvc	A	29.10.2013 00:34:34				
System	4	TCP	5357	wsd	::			::		Listening						N/A				29.10.2013 00:34:34				
System	4	TCP	10243		::			::		Listening						N/A				29.10.2013 00:34:34				
LMS.exe	1648	TCP	16992		::			::		Listening	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe	Intel(R) Management and Security Application Local Management Service	Intel(R) Local Management Service	9.0.0.1323	Intel Corporation	29.10.2013 00:33:11	NT-AUTORITÄT\SYSTEM	LMS	A	29.10.2013 00:34:34				
AvastSvc.exe	1444	TCP	27275		::1			::		Listening	C:\Program Files\AVAST Software\Avast\AvastSvc.exe	avast! Antivirus	avast! Service	8.0.1497.376	AVAST Software	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	avast! Antivirus	A	29.10.2013 00:34:34				
wininit.exe	664	TCP	49152		::			::		Listening	C:\Windows\system32\wininit.exe	Betriebssystem Microsoft® Windows®	Windows-Startanwendung	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:34	NT-AUTORITÄT\SYSTEM		A	29.10.2013 00:34:34				
svchost.exe	1044	TCP	49153		::			::		Listening	C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\LOKALER DIENST	AudioSrv, Dhcp, eventlog, HomeGroupProvider, lmhosts, wscsvc	A	29.10.2013 00:34:34				
svchost.exe	1152	TCP	49154		::			::		Listening	C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\SYSTEM	AeLookupSvc, Appinfo, BITS, iphlpsvc, LanmanServer, MMCSS, ProfSvc, Schedule, SENS, ShellHWDetection, Themes, Winmgmt, wuauserv	A	29.10.2013 00:34:34	C:\Windows\system32\svchost.exe			
lsass.exe	744	TCP	49155		::			::		Listening	C:\Windows\system32\lsass.exe	Microsoft® Windows® Operating System	Local Security Authority Process	6.1.7601.17725 (win7sp1_gdr.111116-1503)	Microsoft Corporation	29.10.2013 00:30:34	NT-AUTORITÄT\SYSTEM	KeyIso, SamSs	A	29.10.2013 00:34:34				
services.exe	732	TCP	49192		::			::		Listening	C:\Windows\system32\services.exe	Betriebssystem Microsoft® Windows®	Anwendung für Dienste und Controller	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:34	NT-AUTORITÄT\SYSTEM		A	29.10.2013 00:34:34				
LMS.exe	1648	TCP	49461		::1	49463		::1		Established	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe	Intel(R) Management and Security Application Local Management Service	Intel(R) Local Management Service	9.0.0.1323	Intel Corporation	29.10.2013 00:33:11	NT-AUTORITÄT\SYSTEM	LMS	A	29.10.2013 00:34:34				
LMS.exe	1648	TCP	49463		::1	49461		::1		Established	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe	Intel(R) Management and Security Application Local Management Service	Intel(R) Local Management Service	9.0.0.1323	Intel Corporation	29.10.2013 00:33:11	NT-AUTORITÄT\SYSTEM	LMS	A	29.10.2013 00:34:34				
Unknown	0	TCP	49515		::1	16992		::1		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49516		::1	16992		::1		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49520		::1	16992		::1		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49521		::1	16992		::1		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49522		::1	16992		::1		Time Wait						N/A				29.10.2013 00:34:34				
Unknown	0	TCP	49523		::1	16992		::1		Time Wait						N/A				29.10.2013 00:34:34				
jhi_service.exe	4256	TCP	49539		::1			::		Listening	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe	Intel(R) Dynamic Application Loader Host Interface	Intel(R) Dynamic Application Loader Host Interface	9.0.0.1323	Intel Corporation	29.10.2013 00:33:47	NT-AUTORITÄT\SYSTEM	jhi_service	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	1900	ssdp	::1						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	1900	ssdp	fe80::97d:f544:edbd:e95b						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	1900	ssdp	fe80::58a8:64a6:962a:31db						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	1900	ssdp	fe80::b821:2a76:33f9:a63c						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3364	UDP	3540	pnrp-port	::						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:50	NT-AUTORITÄT\LOKALER DIENST	p2pimsvc, p2psvc, PNRPsvc	A	29.10.2013 00:34:34				
svchost.exe	1120	UDP	3702	ws-discovery	::						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\LOKALER DIENST	EventSystem, fdPHost, FontCache, netprofm, nsi, WdiServiceHost, WinHttpAutoProxySvc	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	3702	ws-discovery	::						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
wmpnetwk.exe	4012	UDP	5004		::						C:\Program Files\Windows Media Player\wmpnetwk.exe	Betriebssystem Microsoft® Windows®	Windows Media Player-Netzwerkfreigabedienst	12.0.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:28	NT-AUTORITÄT\NETZWERKDIENST	WMPNetworkSvc	A	29.10.2013 00:34:34				
wmpnetwk.exe	4012	UDP	5005		::						C:\Program Files\Windows Media Player\wmpnetwk.exe	Betriebssystem Microsoft® Windows®	Windows Media Player-Netzwerkfreigabedienst	12.0.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:28	NT-AUTORITÄT\NETZWERKDIENST	WMPNetworkSvc	A	29.10.2013 00:34:34				
svchost.exe	1364	UDP	5355	llmnr	::						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:37	NT-AUTORITÄT\NETZWERKDIENST	CryptSvc, Dnscache, LanmanWorkstation, NlaSvc	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	52946		fe80::b821:2a76:33f9:a63c						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	52947		::1						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	1120	UDP	52951		::						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\LOKALER DIENST	EventSystem, fdPHost, FontCache, netprofm, nsi, WdiServiceHost, WinHttpAutoProxySvc	A	29.10.2013 00:34:34				
svchost.exe	3220	UDP	56895		::						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:31:45	NT-AUTORITÄT\LOKALER DIENST	FDResPub, SSDPSRV, upnphost	A	29.10.2013 00:34:34				
svchost.exe	1120	UDP	56897		::						C:\Windows\system32\svchost.exe	Betriebssystem Microsoft® Windows®	Hostprozess für Windows-Dienste	6.1.7600.16385 (win7_rtm.090713-1255)	Microsoft Corporation	29.10.2013 00:30:36	NT-AUTORITÄT\LOKALER DIENST	EventSystem, fdPHost, FontCache, netprofm, nsi, WdiServiceHost, WinHttpAutoProxySvc	A	29.10.2013 00:34:34				
AvastSvc.exe	1444	TCP	49584		192.168.168.100	80	http	108.160.162.45		Sent	C:\Program Files\AVAST Software\Avast\AvastSvc.exe	avast! Antivirus	avast! Service	8.0.1497.376	AVAST Software	29.10.2013 00:30:37	NT-AUTORITÄT\SYSTEM	avast! Antivirus	A	29.10.2013 00:34:55
         
Code:
ATTFilter
# AdwCleaner v3.010 - Bericht erstellt am 29/10/2013 um 00:29:03
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Xyttas2 - XYTTAS2-PC
# Gestartet von : H:\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Xyttas2\AppData\Roaming\Mozilla\Firefox\Profiles\7ibls2f1.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ Datei : C:\Users\Xyttas2\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [912 octets] - [29/10/2013 00:27:36]
AdwCleaner[S0].txt - [834 octets] - [29/10/2013 00:29:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [893 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Professional x64
Ran by Xyttas2 on 29.10.2013 at  0:39:03,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Xyttas2\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.10.2013 at  0:43:07,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Geändert von cam2oo3 (28.10.2013 um 23:49 Uhr)

Alt 28.10.2013, 23:52   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Neuer Win7 PC - Standard

Neuer Win7 PC



Dann schmeiße es runter und teste
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.10.2013, 10:39   #9
cam2oo3
 
Neuer Win7 PC - Standard

Neuer Win7 PC



Zitat:
Zitat von cosinus Beitrag anzeigen
Dann schmeiße es runter und teste
nein, immer noch diese Verbindungen

komme wohl um eine neuinstall nicht rum

Code:
ATTFilter
10/29/2013  02:06:29 **UDP Loop** 199.168.142.166, 37255->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/29/2013  02:01:44 **UDP Loop** 199.168.142.166, 59819->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/29/2013  00:42:22 **UDP Loop** 80.82.64.177, 44992->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/28/2013  22:33:25 **UDP Loop** 178.18.31.118, 42967->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/28/2013  14:02:41 **UDP Loop** 89.248.162.235, 40856->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/28/2013  13:30:23 **UDP Loop** 89.248.162.235, 56006->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/28/2013  11:59:22 **UDP Loop** 199.168.136.219, 49104->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/28/2013  11:14:44 **UDP Loop** 89.248.162.235, 40298->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/28/2013  05:37:11 **UDP Loop** 89.248.162.235, 35829->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/27/2013  23:31:16 **UDP Loop** 89.248.162.235, 32866->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/27/2013  22:49:20 **UDP Loop** 89.248.162.235, 45830->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/27/2013  22:20:22 **UDP Loop** 89.248.174.101, 56567->> 94.222.162.219, 19 (from PPPoE1 Inbound)
10/27/2013  19:10:16 **UDP Loop** 89.248.162.235, 39611->> 94.222.162.219, 19 (from PPPoE1 Inbound)
         

Alt 29.10.2013, 14:42   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Neuer Win7 PC - Standard

Neuer Win7 PC [gelöst]



Versuch mal mit TCPView for Windows nachzusehen, welchem Prozess man diese Verbindungen zuordnen kann
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.10.2013, 22:38   #11
cam2oo3
 
Neuer Win7 PC - Standard

Neuer Win7 PC [gelöst]



ist nicht zu bestimmen steht nur [System Process] da versucht anscheint auch jeden Port aus

Code:
ATTFilter
[System Process]	0	TCP	xyttas2-pc	50040	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50039	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50038	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50037	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50034	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50033	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50032	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50031	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50026	xyttas2-pc	8080	TIME_WAIT	1	101								
[System Process]	0	TCP	xyttas2-pc	50025	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50019	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50018	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	49977	muc03s08-in-f15.1e100.net	https	TIME_WAIT	8	964	48	83.766						
[System Process]	0	TCP	xyttas2-pc	49970	173.194.44.46	https	TIME_WAIT	6	795	25	27.166						
[System Process]	0	TCP	xyttas2-pc	49968	173.194.70.84	https	TIME_WAIT	9	1.464	13	4.617						
[System Process]	0	TCPV6	[0:0:0:0:0:0:0:1]	icslap	[0:0:0:0:0:0:0:1]	50035	TIME_WAIT	2	5.615	1	185						
[System Process]	0	TCP	Xyttas2-PC	2559	localhost	49530	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50041	xyttas2-pc	8080	TIME_WAIT	1	101	1	512						
[System Process]	0	TCP	xyttas2-pc	50042	xyttas2-pc	8080	TIME_WAIT	1	101								
[System Process]	0	TCP	xyttas2-pc	50043	xyttas2-pc	8080	TIME_WAIT	1	101	1	512						
[System Process]	0	TCP	xyttas2-pc	50044	xyttas2-pc	8080	TIME_WAIT	1	101								
[System Process]	0	TCP	xyttas2-pc	50045	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50046	xyttas2-pc	8080	TIME_WAIT	1	101	1	512						
[System Process]	0	TCP	xyttas2-pc	50047	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50048	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50049	xyttas2-pc	8080	TIME_WAIT										
[System Process]	0	TCP	xyttas2-pc	50050	xyttas2-pc	8080	TIME_WAIT
         

Alt 30.10.2013, 00:06   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Neuer Win7 PC - Standard

Neuer Win7 PC [gelöst]



Bitte mal ein Log mit CF machen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.10.2013, 09:46   #13
cam2oo3
 
Neuer Win7 PC - Standard

Neuer Win7 PC [gelöst]



Code:
ATTFilter
ComboFix 13-10-30.01 - Xyttas2 30.10.2013  10:38:18.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16329.13935 [GMT 1:00]
ausgeführt von:: H:\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-09-28 bis 2013-10-30  ))))))))))))))))))))))))))))))
.
.
2013-10-30 09:42 . 2013-10-30 09:42	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-10-29 23:20 . 2013-10-29 23:30	409832	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-10-29 23:20 . 2013-10-29 23:30	38984	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-10-29 23:19 . 2013-10-29 23:30	1032416	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-10-29 23:19 . 2013-10-29 23:30	205320	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-10-29 23:19 . 2013-10-29 23:30	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-10-29 23:19 . 2013-10-29 23:30	84328	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-10-29 23:19 . 2013-10-29 23:30	43152	----a-w-	c:\windows\avastSS.scr
2013-10-29 10:32 . 2013-10-14 07:12	10280728	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{D626B5C1-6B9F-4AA9-BE49-51427BF4BD2F}\mpengine.dll
2013-10-28 23:39 . 2013-10-28 23:39	--------	d-----w-	c:\windows\ERUNT
2013-10-28 22:20 . 2013-10-28 22:27	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-10-28 22:20 . 2013-10-28 22:20	116440	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-10-28 22:18 . 2013-10-28 22:18	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2013-10-27 17:27 . 2013-10-27 17:27	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2013-10-27 16:04 . 2013-10-27 16:04	--------	d-----w-	c:\programdata\Malwarebytes
2013-10-27 16:04 . 2013-10-27 16:04	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-27 16:04 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-10-27 15:55 . 2013-10-27 15:55	--------	d-----w-	c:\program files\CCleaner
2013-10-27 15:29 . 2013-10-27 15:29	--------	d-----w-	C:\FRST
2013-10-26 22:46 . 2013-10-26 22:46	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-10-26 22:46 . 2013-10-26 22:46	--------	d-----r-	c:\program files (x86)\Skype
2013-10-26 22:46 . 2013-10-26 22:46	--------	d-----w-	c:\programdata\Skype
2013-10-26 17:51 . 2013-10-26 17:51	31136	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2013-10-26 17:51 . 2013-10-26 17:51	--------	d-----w-	c:\program files\HWiNFO64
2013-10-26 17:48 . 2013-10-08 16:21	67664	----a-w-	c:\windows\system32\vsocklib.dll
2013-10-26 17:48 . 2013-10-08 16:21	63568	----a-w-	c:\windows\SysWow64\vsocklib.dll
2013-10-26 17:48 . 2013-10-08 16:21	73296	----a-w-	c:\windows\system32\drivers\vsock.sys
2013-10-26 17:48 . 2013-10-18 10:46	64080	----a-w-	c:\windows\system32\drivers\vmx86.sys
2013-10-26 17:48 . 2013-10-18 10:44	32848	----a-w-	c:\windows\system32\drivers\VMkbd.sys
2013-10-26 17:48 . 2013-10-18 10:45	31824	----a-w-	c:\windows\system32\drivers\VMparport.sys
2013-10-26 17:48 . 2013-10-18 10:45	358480	----a-w-	c:\windows\SysWow64\vmnetdhcp.exe
2013-10-26 17:48 . 2013-10-18 10:45	437328	----a-w-	c:\windows\SysWow64\vmnat.exe
2013-10-26 17:48 . 2013-10-18 10:45	30800	----a-w-	c:\windows\system32\drivers\vmnetuserif.sys
2013-10-26 17:48 . 2013-10-18 10:45	930384	----a-w-	c:\windows\system32\vnetlib64.dll
2013-10-26 17:48 . 2013-10-09 06:04	53816	----a-w-	c:\windows\system32\drivers\hcmon.sys
2013-10-26 17:47 . 2013-10-26 17:47	--------	d-----w-	c:\program files\Common Files\VMware
2013-10-26 17:47 . 2013-10-26 17:47	--------	d-----w-	c:\program files (x86)\Common Files\VMware
2013-10-25 11:35 . 2013-10-30 09:30	--------	d-----w-	c:\programdata\VMware
2013-10-25 11:35 . 2013-10-25 11:35	--------	d-----w-	c:\program files (x86)\VMware
2013-10-19 10:07 . 2000-05-22 14:58	115920	----a-w-	c:\windows\SysWow64\msinet.ocx
2013-10-19 10:07 . 1998-06-17 22:00	32768	----a-w-	c:\windows\SysWow64\RACREG32.DLL
2013-10-19 10:07 . 1998-06-17 22:00	16896	----a-w-	c:\windows\SysWow64\ODKOB32.DLL
2013-10-19 10:07 . 2013-10-19 10:07	--------	d-----w-	c:\program files (x86)\Haushaltsbuch
2013-10-19 09:35 . 2013-10-19 09:35	--------	d-----w-	c:\program files (x86)\QuickPar
2013-10-19 09:35 . 2013-10-19 09:35	--------	d-----w-	c:\program files (x86)\VideoLAN
2013-10-19 09:34 . 2013-10-19 09:35	--------	d-----w-	c:\program files\WinRAR
2013-10-18 10:44 . 2013-10-18 10:44	80464	----a-w-	c:\windows\system32\vmnetbridge.dll
2013-10-18 10:44 . 2013-10-18 10:44	49232	----a-w-	c:\windows\system32\vnetinst.dll
2013-10-18 10:44 . 2013-10-18 10:44	46160	----a-w-	c:\windows\system32\drivers\vmnetbridge.sys
2013-10-18 10:44 . 2013-10-18 10:44	24656	----a-w-	c:\windows\system32\drivers\vmnet.sys
2013-10-18 10:44 . 2013-10-18 10:44	20560	----a-w-	c:\windows\system32\drivers\vmnetadapter.sys
2013-10-16 09:09 . 2013-10-16 09:11	--------	d-----w-	c:\program files (x86)\HP
2013-10-16 09:07 . 2012-06-01 15:52	947104	----a-w-	c:\windows\system32\hpptsplj276_x64.dll
2013-10-16 09:07 . 2012-06-01 15:52	776096	----a-w-	c:\windows\SysWow64\hpptsplj276.dll
2013-10-16 09:07 . 2012-06-01 14:35	522128	----a-w-	c:\windows\system32\hpwia2_lj276.dll
2013-10-16 09:07 . 2011-09-29 19:59	638008	----a-w-	c:\windows\system32\hpzjcd01.dll
2013-10-16 09:07 . 2011-05-13 20:23	217656	----a-w-	c:\windows\system32\hppscancoins64.dll
2013-10-16 09:07 . 2013-10-16 09:07	--------	d-----w-	C:\HP_LaserJet_200_color_MFP_M276
2013-10-16 08:51 . 2013-10-16 09:19	--------	d-----w-	c:\programdata\Hewlett-Packard
2013-10-16 08:51 . 2013-10-16 09:08	--------	d-----w-	c:\programdata\HP
2013-10-16 08:51 . 2011-09-28 07:44	467456	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpcpp117.DLL
2013-10-16 08:51 . 2011-09-28 07:44	311808	----a-w-	c:\windows\system32\hpcpn117.dll
2013-10-16 08:51 . 2011-09-28 07:34	316928	----a-w-	c:\windows\SysWow64\hpcc3117.DLL
2013-10-16 08:51 . 2011-04-19 18:57	511488	----a-w-	c:\windows\SysWow64\hpcdmc32.DLL
2013-10-15 22:19 . 2013-10-16 21:56	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2013-10-15 22:19 . 2013-10-27 15:59	--------	d-----w-	c:\program files (x86)\Steam
2013-10-15 09:45 . 2013-09-04 12:11	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-10-15 09:45 . 2013-09-04 12:11	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-10-15 09:45 . 2013-09-04 12:11	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-10-15 09:45 . 2013-09-04 12:12	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-10-15 09:45 . 2013-09-04 12:11	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-10-15 09:45 . 2013-09-04 12:11	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-10-15 09:45 . 2013-09-04 12:11	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2013-10-15 09:04 . 2013-04-17 07:02	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2013-10-15 09:04 . 2013-04-17 06:24	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-10-15 08:48 . 2013-01-04 06:11	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-10-15 08:35 . 2013-10-15 08:35	--------	d-----w-	C:\461d1e6d9abe480c52e339abb270b3
2013-10-14 23:12 . 2013-07-04 12:50	633856	----a-w-	c:\windows\system32\comctl32.dll
2013-10-14 23:12 . 2013-07-04 11:50	530432	----a-w-	c:\windows\SysWow64\comctl32.dll
2013-10-14 23:12 . 2012-10-09 18:17	55296	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2013-10-14 23:12 . 2012-10-09 18:17	226816	----a-w-	c:\windows\system32\dhcpcore6.dll
2013-10-14 23:12 . 2012-10-09 17:40	44032	----a-w-	c:\windows\SysWow64\dhcpcsvc6.dll
2013-10-14 23:12 . 2012-10-09 17:40	193536	----a-w-	c:\windows\SysWow64\dhcpcore6.dll
2013-10-14 23:10 . 2013-08-29 02:17	5549504	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-10-14 23:02 . 2013-08-28 01:12	461312	----a-w-	c:\windows\system32\scavengeui.dll
2013-10-14 22:08 . 2013-10-14 22:08	--------	d-----w-	c:\windows\system32\SPReview
2013-10-14 22:08 . 2013-10-14 22:08	--------	d-----w-	c:\windows\system32\EventProviders
2013-10-14 22:07 . 2013-10-14 22:07	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-10-14 22:05 . 2013-10-14 22:05	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2013-10-14 22:05 . 2013-10-14 22:05	--------	d-----w-	c:\program files\TrueCrypt
2013-10-14 22:02 . 2010-11-20 13:26	1632256	----a-w-	c:\windows\system32\dwmcore.dll
2013-10-14 22:01 . 2010-11-20 13:27	666112	----a-w-	c:\windows\system32\WMVSDECD.DLL
2013-10-14 21:48 . 2013-10-27 18:26	--------	d-----w-	c:\program files (x86)\Google
2013-10-14 21:47 . 2013-10-14 21:47	--------	d-----w-	c:\program files (x86)\Teachmaster 4.3
2013-10-14 21:44 . 2011-03-11 06:41	166272	----a-w-	c:\windows\system32\drivers\nvstor.sys
2013-10-14 21:44 . 2011-03-11 06:33	2565632	----a-w-	c:\windows\system32\esent.dll
2013-10-14 21:44 . 2011-03-11 05:33	1699328	----a-w-	c:\windows\SysWow64\esent.dll
2013-10-14 21:44 . 2011-03-11 06:41	189824	----a-w-	c:\windows\system32\drivers\storport.sys
2013-10-14 21:44 . 2011-03-11 06:41	148352	----a-w-	c:\windows\system32\drivers\nvraid.sys
2013-10-14 21:44 . 2011-03-11 06:41	410496	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2013-10-14 21:44 . 2011-03-11 06:41	27008	----a-w-	c:\windows\system32\drivers\amdxata.sys
2013-10-14 21:44 . 2011-03-11 06:41	107904	----a-w-	c:\windows\system32\drivers\amdsata.sys
2013-10-14 21:44 . 2011-03-11 06:30	96768	----a-w-	c:\windows\system32\fsutil.exe
2013-10-14 21:44 . 2011-03-11 05:31	74240	----a-w-	c:\windows\SysWow64\fsutil.exe
2013-10-14 21:44 . 2011-03-11 04:37	91648	----a-w-	c:\windows\system32\drivers\USBSTOR.SYS
2013-10-14 21:33 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-10-14 21:33 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2013-10-14 21:33 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2013-10-14 21:30 . 2013-10-29 23:30	334648	----a-w-	c:\windows\system32\aswBoot.exe
2013-10-14 21:29 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2013-10-14 21:29 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2013-10-14 21:29 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2013-10-14 21:29 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2013-10-14 21:29 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2013-10-14 21:29 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2013-10-14 21:29 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2013-10-14 21:29 . 2013-10-29 23:19	--------	d-----w-	c:\program files\AVAST Software
2013-10-14 21:28 . 2013-10-29 23:28	--------	d-----w-	c:\programdata\AVAST Software
2013-10-14 21:28 . 2013-10-14 21:28	--------	d-----w-	c:\windows\PCHEALTH
2013-10-14 21:27 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2013-10-14 21:27 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2013-10-14 21:27 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2013-10-14 21:27 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2013-10-14 21:27 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2013-10-14 21:27 . 2013-10-14 21:27	--------	d-----w-	c:\program files\Microsoft Office
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-14 22:28 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2013-10-14 22:28 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2013-09-17 20:22 . 2013-09-17 20:22	15901448	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-09-17 20:22 . 2013-09-17 20:22	13628208	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-09-17 20:22 . 2013-09-17 20:22	1412832	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-09-17 20:22 . 2013-09-17 20:22	1222824	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2013-09-17 20:22 . 2013-09-17 20:22	7648000	----a-w-	c:\windows\system32\nvopencl.dll
2013-09-17 20:22 . 2013-09-17 20:22	6329552	----a-w-	c:\windows\SysWow64\nvopencl.dll
2013-09-17 20:22 . 2013-09-17 20:22	29337376	----a-w-	c:\windows\system32\nvoglv64.dll
2013-09-17 20:22 . 2013-09-17 20:22	317472	----a-w-	c:\windows\system32\nvoglshim64.dll
2013-09-17 20:22 . 2013-09-17 20:22	266984	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2013-09-17 20:22 . 2013-09-17 20:22	22102304	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2013-09-17 20:22 . 2013-09-17 20:22	11274528	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2013-09-17 20:22 . 2013-09-17 20:22	603424	----a-w-	c:\windows\system32\NvIFR64.dll
2013-09-17 20:22 . 2013-09-17 20:22	515360	----a-w-	c:\windows\SysWow64\NvIFR.dll
2013-09-17 20:22 . 2013-09-17 20:22	168616	----a-w-	c:\windows\system32\nvinitx.dll
2013-09-17 20:22 . 2013-09-17 20:22	141336	----a-w-	c:\windows\SysWow64\nvinit.dll
2013-09-17 20:22 . 2013-09-17 20:22	681760	----a-w-	c:\windows\system32\NvFBC64.dll
2013-09-17 20:22 . 2013-09-17 20:22	586016	----a-w-	c:\windows\SysWow64\NvFBC.dll
2013-09-17 20:22 . 2013-09-17 20:22	458528	----a-w-	c:\windows\system32\nvEncodeAPI64.dll
2013-09-17 20:22 . 2013-09-17 20:22	388384	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll
2013-09-17 20:22 . 2013-09-17 20:22	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2013-09-17 20:22 . 2013-09-17 20:22	196384	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2013-09-17 20:22 . 2013-09-17 20:22	1884448	----a-w-	c:\windows\system32\nvdispco6432723.dll
2013-09-17 20:22 . 2013-09-17 20:22	15703688	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-09-17 20:22 . 2013-09-17 20:22	1511712	----a-w-	c:\windows\system32\nvdispgenco6432723.dll
2013-09-17 20:22 . 2013-09-17 20:22	1510176	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2013-09-17 20:22 . 2013-09-17 20:22	2970400	----a-w-	c:\windows\system32\nvcuvid.dll
2013-09-17 20:22 . 2013-09-17 20:22	2789152	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2013-09-17 20:22 . 2013-09-17 20:22	12947360	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-09-17 20:22 . 2013-09-17 20:22	9281032	----a-w-	c:\windows\system32\nvcuda.dll
2013-09-17 20:22 . 2013-09-17 20:22	7720576	----a-w-	c:\windows\SysWow64\nvcuda.dll
2013-09-17 20:22 . 2013-09-17 20:22	2367264	----a-w-	c:\windows\system32\nvcuvenc.dll
2013-09-17 20:22 . 2013-09-17 20:22	2007328	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2013-09-17 20:22 . 2013-09-17 20:22	17560352	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2013-09-17 20:22 . 2013-09-17 20:22	2986672	----a-w-	c:\windows\system32\nvapi64.dll
2013-09-17 20:22 . 2013-09-17 20:22	2630304	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-09-17 20:22 . 2013-09-17 20:22	25256224	----a-w-	c:\windows\system32\nvcompiler.dll
2013-09-11 23:17 . 2013-09-11 23:17	571168	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-08-29 01:48 . 2013-10-14 23:10	44032	----a-w-	c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Xyttas2\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Xyttas2\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Xyttas2\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-03-12 134616]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-29 3568312]
.
c:\users\Xyttas2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Xyttas2\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-10-10 29768376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 UsbCharger;UsbCharger;c:\windows\system32\DRIVERS\UsbCharger.sys;c:\windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-27 18:26	1185744	----a-w-	c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-27 18:26]
.
2013-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-27 18:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-29 23:30	326944	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Xyttas2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Xyttas2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Xyttas2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Xyttas2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-02-26 13423688]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.168.1
FF - ProfilePath - c:\users\Xyttas2\AppData\Roaming\Mozilla\Firefox\Profiles\7ibls2f1.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-10-30  10:44:10
ComboFix-quarantined-files.txt  2013-10-30 09:44
.
Vor Suchlauf: 10 Verzeichnis(se), 1.746.870.267.904 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 1.746.611.724.288 Bytes frei
.
- - End Of File - - 5F88D2DFF2E36240DA0004C7C2B0BF05
5FB38429D5D77768867C76DCBDB35194
         

Alt 30.10.2013, 12:47   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Neuer Win7 PC - Standard

Neuer Win7 PC [gelöst]



Ich seh da nix
Irgendwas an Programmen aktiv, die viele Verbindungen aufbauen könnten? Vllt sowas wie Skype, Dropbox oder Filesharingtools wie zB Torrent-Clients?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.11.2013, 10:49   #15
cam2oo3
 
Neuer Win7 PC - Standard

Neuer Win7 PC [gelöst]



Hallo, tut mir leid dass ich jetzt erst melde.


es gibt neue Einträge und Verbindung Abbrüche
Code:
ATTFilter
11/10/2013 11:38:24 192.168.168.100 login success
11/10/2013 11:29:09 sending ACK to 192.168.168.100
11/10/2013 11:19:05 192.168.168.101 login success
11/10/2013 10:55:07 sending ACK to 192.168.168.101
11/10/2013 10:31:24 sending ACK to 192.168.168.103
11/10/2013 08:48:23 NTP Date/Time updated. 
11/10/2013 08:47:36 Get system time from NTP server:88.198.180.55.
11/10/2013 02:01:15 **Smurf** 205.251.243.0, 80->> 192.168.168.100, 63783 (from PPPoE1 Inbound)
11/10/2013 02:01:09 **Smurf** 205.251.243.0, 80->> 192.168.168.100, 63783 (from PPPoE1 Inbound)
11/10/2013 02:01:06 **Smurf** 205.251.243.0, 80->> 192.168.168.100, 63783 (from PPPoE1 Inbound)
11/10/2013 02:00:54 **Smurf** 205.251.243.0, 80->> 192.168.168.100, 63717 (from PPPoE1 Inbound)
11/10/2013 02:00:48 **Smurf** 205.251.243.0, 80->> 192.168.168.100, 63717 (from PPPoE1 Inbound)
11/10/2013 02:00:45 **Smurf** 205.251.243.0, 80->> 192.168.168.100, 63717 (from PPPoE1 Inbound)
11/10/2013 01:48:55 **ICMP TimeStamp request** 80.92.102.235->> 88.74.83.250, Type:13, Code:0 (from PPPoE1 Inbound)
11/10/2013 01:32:28 **Vecna Scan** 192.168.168.100, 56201->> 217.79.179.47, 443 (from PPPoE1 Outbound)
11/10/2013 01:32:26 **Vecna Scan** 192.168.168.100, 56226->> 217.79.179.47, 443 (from PPPoE1 Outbound)
11/10/2013 01:01:09 192.168.168.100 logout 
11/10/2013 01:01:02 192.168.168.100 login success
11/10/2013 01:01:01 User from 192.168.168.100 timed out
11/10/2013 00:52:57 sending ACK to 192.168.168.101
11/10/2013 00:29:34 Wireless 00:16:44:67:30:53 released
11/09/2013 23:43:57 192.168.168.100 login success
11/09/2013 23:43:57 User from 192.168.168.100 timed out
11/09/2013 23:36:14 Wireless 5C:0A:5B:6C4:32 released
11/09/2013 23:35:55 sending ACK to 192.168.168.101
11/09/2013 23:27:31 192.168.168.100 login success
11/09/2013 23:27:28 User from 192.168.168.100 timed out
11/09/2013 22:50:17 sending ACK to 192.168.168.105
11/09/2013 22:46:06 sending ACK to 192.168.168.100
11/09/2013 22:40:34 Wireless 00:16:44:67:30:53 released
11/09/2013 22:13:11 sending ACK to 192.168.168.105
11/09/2013 21:31:07 **UDP Loop** 199.168.141.74, 36146->> 88.74.83.250, 19 (from PPPoE1 Inbound)
11/09/2013 21:16:14 Wireless 00:16:44:67:30:53 released
11/09/2013 21:13:25 sending ACK to 192.168.168.105
11/09/2013 20:52:13 sending ACK to 192.168.168.105
11/09/2013 20:47:36 NTP Date/Time updated. 
11/09/2013 20:46:49 Get system time from NTP server:178.63.234.35.
11/09/2013 19:42:27 Wireless 00:16:44:67:30:53 released
11/09/2013 19:30:43 sending ACK to 192.168.168.105
11/09/2013 19:16:04 sending ACK to 192.168.168.105
11/09/2013 19:08:47 sending ACK to 192.168.168.105
11/09/2013 18:41:27 Wireless 5C:0A:5B:6C4:32 released
11/09/2013 18:39:01 sending ACK to 192.168.168.101
11/09/2013 18:38:46 sending ACK to 192.168.168.100
11/09/2013 18:25:01 sending ACK to 192.168.168.105
11/09/2013 18:19:16 sending ACK to 192.168.168.105
11/09/2013 18:19:07 Wireless 00:16:44:67:30:53 released
11/09/2013 17:46:44 sending ACK to 192.168.168.105
11/09/2013 16:50:07 Wireless 00:16:44:67:30:53 released
11/09/2013 16:42:59 sending ACK to 192.168.168.105
11/09/2013 16:35:40 sending ACK to 192.168.168.105
11/09/2013 16:28:26 sending ACK to 192.168.168.105
11/09/2013 16:22:39 sending ACK to 192.168.168.100
11/09/2013 16:06:31 sending ACK to 192.168.168.105
11/09/2013 15:59:13 sending ACK to 192.168.168.105
11/09/2013 15:44:38 sending ACK to 192.168.168.105
11/09/2013 15:30:08 sending ACK to 192.168.168.105
11/09/2013 15:22:44 sending ACK to 192.168.168.105
11/09/2013 15:08:58 sending ACK to 192.168.168.105
11/09/2013 14:30:27 Wireless 5C:0A:5B:6C4:32 released
11/09/2013 13:40:52 sending ACK to 192.168.168.100
11/09/2013 12:35:08 **UDP Loop** 94.102.51.225, 43504->> 88.74.83.250, 19 (from PPPoE1 Inbound)
11/09/2013 10:29:55 **UDP Loop** 199.19.108.50, 33848->> 88.74.83.250, 19 (from PPPoE1 Inbound)
11/09/2013 10:22:32 sending ACK to 192.168.168.106
11/09/2013 10:05:40 sending ACK to 192.168.168.101
11/09/2013 09:17:12 sending ACK to 192.168.168.103
11/09/2013 08:46:49 NTP Date/Time updated. 
11/09/2013 08:46:03 Get system time from NTP server:131.234.137.24.
11/08/2013 22:43:06 sending ACK to 192.168.168.103
11/08/2013 21:49:01 Wireless 64:27:37:32:0E:6F released
11/08/2013 21:19:01 **UDP Loop** 198.27.112.79, 48330->> 88.74.83.250, 19 (from PPPoE1 Inbound)
11/08/2013 20:46:03 NTP Date/Time updated. 
11/08/2013 20:45:07 Get system time from NTP server:131.188.3.223.
11/08/2013 20:35:34 sending ACK to 192.168.168.107
11/08/2013 19:58:44 [VoIP] SIP account 1 register fail(503)
11/08/2013 19:58:08 [VoIP] SIP account 1 register fail(503)
11/08/2013 19:57:27 [VoIP] SIP account 1 register fail(503)
11/08/2013 19:56:56 [VoIP] SIP account 1 register fail(503)
11/08/2013 19:56:25 [VoIP] SIP account 1 register timeout
11/08/2013 19:55:23 [VoIP] SIP account 1 register timeout
11/08/2013 19:54:21 [VoIP] SIP account 1 register timeout
11/08/2013 19:53:42 [VoIP] Register VoIP account 1 back to VC2
11/08/2013 19:52:20 If(PPPoE2) PPP connection ok !
11/08/2013 19:52:19 If(PPPoE2) get secondary DNS IP:10.64.17.6
11/08/2013 19:52:19 If(PPPoE2) get primary DNS IP:10.64.33.6
11/08/2013 19:52:19 If(PPPoE2) get IP:10.197.137.61
11/08/2013 19:52:14 If(PPPoE2) start PPP 
11/08/2013 19:52:14 If(PPPoE2) receive PADS 
11/08/2013 19:52:13 If(PPPoE2) send PADR 
11/08/2013 19:52:13 If(PPPoE2) receive PADO 
11/08/2013 19:52:12 If(PPPoE2) send PADI 
11/08/2013 19:52:06 If(PPPoE2) send PADI 
11/08/2013 19:52:01 If(PPPoE2) send PADI 
11/08/2013 19:51:56 If(PPPoE2) send PADI 
11/08/2013 19:51:51 If(PPPoE2) send PADI 
11/08/2013 19:51:46 If(PPPoE2) send PADI 
11/08/2013 19:51:41 If(PPPoE2) send PADI 
11/08/2013 19:51:36 If(PPPoE2) send PADI 
11/08/2013 19:51:31 If(PPPoE2) send PADI 
11/08/2013 19:51:25 If(PPPoE2) send PADI 
11/08/2013 19:51:20 If(PPPoE2) send PADI 
11/08/2013 19:51:15 If(PPPoE2) send PADI 
11/08/2013 19:51:10 If(PPPoE2) send PADI 
11/08/2013 19:51:05 If(PPPoE2) send PADI 
11/08/2013 19:51:00 If(PPPoE2) send PADI 
11/08/2013 19:50:55 If(PPPoE2) send PADI 
11/08/2013 19:50:50 If(PPPoE2) send PADI 
11/08/2013 19:50:44 If(PPPoE2) send PADI 
11/08/2013 19:50:39 If(PPPoE2) send PADI 
11/08/2013 19:50:34 If(PPPoE2) send PADI 
11/08/2013 19:50:29 If(PPPoE2) send PADI 
11/08/2013 19:50:24 If(PPPoE2) send PADI 
11/08/2013 19:50:19 If(PPPoE2) send PADI 
11/08/2013 19:50:14 If(PPPoE2) send PADI 
11/08/2013 19:50:09 If(PPPoE2) send PADI 
11/08/2013 19:50:03 If(PPPoE2) send PADI 
11/08/2013 19:49:58 If(PPPoE2) send PADI 
11/08/2013 19:49:53 If(PPPoE2) send PADI 
11/08/2013 19:49:48 If(PPPoE2) send PADI 
11/08/2013 19:49:43 If(PPPoE2) send PADI 
11/08/2013 19:49:38 If(PPPoE2) send PADI 
11/08/2013 19:49:33 If(PPPoE2) send PADI 
11/08/2013 19:49:28 If(PPPoE2) send PADI 
11/08/2013 19:49:23 If(PPPoE2) send PADI 
11/08/2013 19:49:18 If(PPPoE2) send PADI 
11/08/2013 19:49:13 If(PPPoE2) send PADI 
11/08/2013 19:49:08 If(PPPoE2) send PADI 
11/08/2013 19:49:02 If(PPPoE2) send PADI 
11/08/2013 19:48:57 If(PPPoE2) send PADI 
11/08/2013 19:48:52 If(PPPoE2) send PADI 
11/08/2013 19:48:47 If(PPPoE2) send PADI 
11/08/2013 19:48:42 If(PPPoE2) send PADI 
11/08/2013 19:48:37 If(PPPoE2) send PADI 
11/08/2013 19:48:32 If(PPPoE2) send PADI 
11/08/2013 19:48:27 If(PPPoE2) send PADI 
11/08/2013 19:48:21 If(PPPoE2) send PADI 
11/08/2013 19:48:16 If(PPPoE2) send PADI 
11/08/2013 19:48:11 If(PPPoE2) send PADI 
11/08/2013 19:48:06 If(PPPoE2) send PADI 
11/08/2013 19:48:01 If(PPPoE2) send PADI 
11/08/2013 19:47:56 If(PPPoE2) send PADI 
11/08/2013 19:47:51 If(PPPoE2) send PADI 
11/08/2013 19:47:46 If(PPPoE2) send PADI 
11/08/2013 19:47:40 If(PPPoE2) send PADI 
11/08/2013 19:47:35 If(PPPoE2) send PADI 
11/08/2013 19:47:30 If(PPPoE2) send PADI 
11/08/2013 19:47:25 If(PPPoE2) send PADI 
11/08/2013 19:47:20 If(PPPoE2) send PADI 
11/08/2013 19:47:15 If(PPPoE2) send PADI 
11/08/2013 19:47:10 If(PPPoE2) send PADI 
11/08/2013 19:47:05 If(PPPoE2) send PADI 
11/08/2013 19:47:00 If(PPPoE2) send PADI 
11/08/2013 19:46:55 If(PPPoE2) send PADI 
11/08/2013 19:46:50 If(PPPoE2) send PADI 
11/08/2013 19:46:45 If(PPPoE2) send PADI 
11/08/2013 19:46:39 If(PPPoE2) send PADI 
11/08/2013 19:46:34 If(PPPoE2) send PADI 
11/08/2013 19:46:29 If(PPPoE2) send PADI 
11/08/2013 19:46:24 If(PPPoE2) send PADI 
11/08/2013 19:46:19 If(PPPoE2) send PADI 
11/08/2013 19:46:14 If(PPPoE2) send PADI 
11/08/2013 19:46:09 If(PPPoE2) send PADI 
11/08/2013 19:46:04 If(PPPoE2) send PADI 
11/08/2013 19:45:58 If(PPPoE2) send PADI 
11/08/2013 19:45:53 If(PPPoE2) send PADI 
11/08/2013 19:45:48 If(PPPoE2) send PADI 
11/08/2013 19:45:43 If(PPPoE2) send PADI 
11/08/2013 19:45:38 If(PPPoE2) send PADI 
11/08/2013 19:45:33 If(PPPoE2) send PADI 
11/08/2013 19:45:28 If(PPPoE2) send PADI 
11/08/2013 19:45:23 If(PPPoE2) send PADI 
11/08/2013 19:45:17 If(PPPoE2) send PADI 
11/08/2013 19:45:12 If(PPPoE2) send PADI 
11/08/2013 19:45:07 If(PPPoE2) send PADI 
11/08/2013 19:45:02 If(PPPoE2) send PADI 
11/08/2013 19:44:57 If(PPPoE2) send PADI 
11/08/2013 19:44:52 If(PPPoE2) send PADI 
11/08/2013 19:44:47 If(PPPoE2) send PADI 
11/08/2013 19:44:42 If(PPPoE2) send PADI 
11/08/2013 19:44:36 If(PPPoE2) send PADI 
11/08/2013 19:44:31 If(PPPoE2) send PADI 
11/08/2013 19:44:26 If(PPPoE2) send PADI 
11/08/2013 19:44:21 If(PPPoE2) send PADI 
11/08/2013 19:44:16 If(PPPoE2) send PADI 
11/08/2013 19:44:11 If(PPPoE2) send PADI 
11/08/2013 19:44:06 If(PPPoE2) send PADI 
11/08/2013 19:44:01 If(PPPoE2) send PADI 
11/08/2013 19:43:55 If(PPPoE2) send PADI 
11/08/2013 19:43:50 If(PPPoE2) send PADI 
11/08/2013 19:43:45 If(PPPoE2) send PADI 
11/08/2013 19:43:40 If(PPPoE2) send PADI 
11/08/2013 19:43:35 If(PPPoE2) send PADI 
11/08/2013 19:43:30 If(PPPoE2) send PADI 
11/08/2013 19:43:25 If(PPPoE2) send PADI 
11/08/2013 19:43:20 If(PPPoE2) send PADI 
11/08/2013 19:43:15 If(PPPoE2) send PADI 
11/08/2013 19:43:10 If(PPPoE2) send PADI 
11/08/2013 19:43:05 If(PPPoE2) send PADI 
11/08/2013 19:43:00 If(PPPoE2) send PADI 
11/08/2013 19:42:54 If(PPPoE2) send PADI 
11/08/2013 19:42:49 If(PPPoE2) send PADI 
11/08/2013 19:42:44 If(PPPoE2) send PADI 
11/08/2013 19:42:39 If(PPPoE2) send PADI 
11/08/2013 19:42:34 If(PPPoE2) send PADI 
11/08/2013 19:42:29 If(PPPoE2) send PADI 
11/08/2013 19:42:24 If(PPPoE2) send PADI 
11/08/2013 19:42:19 If(PPPoE2) send PADI 
11/08/2013 19:42:13 If(PPPoE2) send PADI 
11/08/2013 19:42:08 If(PPPoE2) send PADI 
11/08/2013 19:42:03 If(PPPoE2) send PADI 
11/08/2013 19:41:58 If(PPPoE2) send PADI 
11/08/2013 19:41:53 If(PPPoE2) send PADI 
11/08/2013 19:41:48 If(PPPoE2) send PADI 
11/08/2013 19:41:43 If(PPPoE2) send PADI 
11/08/2013 19:41:38 If(PPPoE2) send PADI 
11/08/2013 19:41:33 If(PPPoE2) send PADI 
11/08/2013 19:41:28 If(PPPoE2) send PADI 
11/08/2013 19:41:23 If(PPPoE2) send PADI 
11/08/2013 19:41:18 If(PPPoE2) send PADI 
11/08/2013 19:41:13 If(PPPoE2) send PADI 
11/08/2013 19:41:08 If(PPPoE2) send PADI 
11/08/2013 19:41:03 If(PPPoE2) send PADI 
11/08/2013 19:40:58 If(PPPoE2) send PADI 
11/08/2013 19:40:52 If(PPPoE2) send PADI 
11/08/2013 19:40:47 If(PPPoE2) send PADI 
11/08/2013 19:40:42 If(PPPoE2) send PADI 
11/08/2013 19:40:37 If(PPPoE2) send PADI 
11/08/2013 19:40:32 If(PPPoE2) send PADI 
11/08/2013 19:40:27 If(PPPoE2) send PADI 
11/08/2013 19:40:22 If(PPPoE2) send PADI 
11/08/2013 19:40:17 If(PPPoE2) send PADI 
11/08/2013 19:40:11 If(PPPoE2) send PADI 
11/08/2013 19:40:06 If(PPPoE2) send PADI 
11/08/2013 19:40:01 If(PPPoE2) send PADI 
11/08/2013 19:39:56 If(PPPoE2) send PADI 
11/08/2013 19:39:51 If(PPPoE2) send PADI 
11/08/2013 19:39:46 If(PPPoE2) send PADI 
11/08/2013 19:39:41 If(PPPoE2) send PADI 
11/08/2013 19:39:36 If(PPPoE2) send PADI 
11/08/2013 19:39:31 If(PPPoE2) send PADI 
11/08/2013 19:39:26 If(PPPoE2) send PADI 
11/08/2013 19:39:21 If(PPPoE2) send PADI 
11/08/2013 19:39:16 If(PPPoE2) send PADI 
11/08/2013 19:39:10 If(PPPoE2) send PADI 
11/08/2013 19:39:05 If(PPPoE2) send PADI 
11/08/2013 19:39:00 If(PPPoE2) send PADI 
11/08/2013 19:38:55 If(PPPoE2) send PADI 
11/08/2013 19:38:50 If(PPPoE2) send PADI 
11/08/2013 19:38:45 If(PPPoE2) send PADI 
11/08/2013 19:38:40 If(PPPoE2) send PADI 
11/08/2013 19:38:35 If(PPPoE2) send PADI 
11/08/2013 19:38:30 If(PPPoE2) send PADI 
11/08/2013 19:38:25 If(PPPoE2) send PADI 
11/08/2013 19:38:20 If(PPPoE2) send PADI 
11/08/2013 19:38:15 If(PPPoE2) send PADI 
11/08/2013 19:38:09 If(PPPoE2) send PADI 
11/08/2013 19:38:04 If(PPPoE2) send PADI 
11/08/2013 19:37:59 If(PPPoE2) send PADI 
11/08/2013 19:37:54 If(PPPoE2) send PADI 
11/08/2013 19:37:49 If(PPPoE2) send PADI 
11/08/2013 19:37:44 If(PPPoE2) send PADI 
11/08/2013 19:37:39 If(PPPoE2) send PADI 
11/08/2013 19:37:34 If(PPPoE2) send PADI 
11/08/2013 19:37:29 If(PPPoE2) send PADI 
11/08/2013 19:37:24 If(PPPoE2) send PADI 
11/08/2013 19:37:19 If(PPPoE2) send PADI 
11/08/2013 19:37:14 If(PPPoE2) send PADI 
11/08/2013 19:37:08 If(PPPoE2) send PADI 
11/08/2013 19:37:03 If(PPPoE2) send PADI 
11/08/2013 19:36:58 If(PPPoE2) send PADI 
11/08/2013 19:36:53 If(PPPoE2) send PADI 
11/08/2013 19:36:48 If(PPPoE2) send PADI 
11/08/2013 19:36:43 If(PPPoE2) send PADI 
11/08/2013 19:36:38 If(PPPoE2) send PADI 
11/08/2013 19:36:33 If(PPPoE2) send PADI 
11/08/2013 19:36:27 If(PPPoE2) send PADI 
11/08/2013 19:36:22 If(PPPoE2) send PADI 
11/08/2013 19:36:17 If(PPPoE2) send PADI 
11/08/2013 19:36:12 If(PPPoE2) send PADI 
11/08/2013 19:36:07 If(PPPoE2) send PADI 
11/08/2013 19:36:02 If(PPPoE2) send PADI 
11/08/2013 19:35:57 If(PPPoE2) send PADI 
11/08/2013 19:35:52 If(PPPoE2) send PADI 
11/08/2013 19:35:47 If(PPPoE2) send PADI 
11/08/2013 19:35:42 If(PPPoE2) send PADI 
11/08/2013 19:35:37 If(PPPoE2) send PADI 
11/08/2013 19:35:32 If(PPPoE2) send PADI 
11/08/2013 19:35:27 If(PPPoE2) send PADI 
11/08/2013 19:35:22 If(PPPoE2) send PADI 
11/08/2013 19:35:17 If(PPPoE2) send PADI 
11/08/2013 19:35:12 If(PPPoE2) send PADI 
11/08/2013 19:35:06 If(PPPoE2) send PADI 
11/08/2013 19:35:01 If(PPPoE2) send PADI 
11/08/2013 19:34:56 If(PPPoE2) send PADI 
11/08/2013 19:34:51 If(PPPoE2) send PADI 
11/08/2013 19:34:46 If(PPPoE2) send PADI 
11/08/2013 19:34:41 If(PPPoE2) send PADI 
11/08/2013 19:34:36 If(PPPoE2) send PADI 
11/08/2013 19:34:31 If(PPPoE2) send PADI 
11/08/2013 19:34:25 If(PPPoE2) send PADI 
11/08/2013 19:34:20 If(PPPoE2) send PADI 
11/08/2013 19:34:15 If(PPPoE2) send PADI 
11/08/2013 19:34:10 If(PPPoE2) send PADI 
11/08/2013 19:34:05 If(PPPoE2) send PADI 
11/08/2013 19:34:00 If(PPPoE2) send PADI 
11/08/2013 19:33:55 If(PPPoE2) send PADI 
11/08/2013 19:33:50 If(PPPoE2) send PADI 
11/08/2013 19:33:44 If(PPPoE2) send PADI 
11/08/2013 19:33:39 If(PPPoE2) send PADI 
11/08/2013 19:33:34 If(PPPoE2) send PADI 
11/08/2013 19:33:29 If(PPPoE2) send PADI 
11/08/2013 19:33:24 If(PPPoE2) send PADI 
11/08/2013 19:33:19 If(PPPoE2) send PADI 
11/08/2013 19:33:14 If(PPPoE2) send PADI 
11/08/2013 19:33:09 If(PPPoE2) send PADI 
11/08/2013 19:33:03 If(PPPoE2) send PADI 
11/08/2013 19:32:58 If(PPPoE2) send PADI 
11/08/2013 19:32:53 If(PPPoE2) send PADI 
11/08/2013 19:32:48 If(PPPoE2) send PADI 
11/08/2013 19:32:43 If(PPPoE2) send PADI 
11/08/2013 19:32:38 If(PPPoE2) send PADI 
11/08/2013 19:32:33 If(PPPoE2) send PADI 
11/08/2013 19:32:28 If(PPPoE2) send PADI 
11/08/2013 19:32:22 If(PPPoE2) send PADI 
11/08/2013 19:32:17 If(PPPoE2) send PADI 
11/08/2013 19:32:12 If(PPPoE2) send PADI 
11/08/2013 19:32:07 If(PPPoE2) send PADI 
11/08/2013 19:32:02 If(PPPoE2) send PADI 
11/08/2013 19:31:57 If(PPPoE2) send PADI 
11/08/2013 19:31:52 If(PPPoE2) send PADI 
11/08/2013 19:31:47 If(PPPoE2) send PADI 
11/08/2013 19:31:41 If(PPPoE2) send PADI 
11/08/2013 19:31:36 If(PPPoE2) send PADI 
11/08/2013 19:31:31 If(PPPoE2) send PADI 
11/08/2013 19:31:26 If(PPPoE2) send PADI 
11/08/2013 19:31:21 If(PPPoE2) send PADI 
11/08/2013 19:31:16 If(PPPoE2) send PADI 
11/08/2013 19:31:11 If(PPPoE2) send PADI 
11/08/2013 19:31:06 If(PPPoE2) send PADI 
11/08/2013 19:31:00 If(PPPoE2) send PADI 
11/08/2013 19:30:55 If(PPPoE2) send PADI 
11/08/2013 19:30:50 If(PPPoE2) send PADI 
11/08/2013 19:30:45 If(PPPoE2) send PADI 
11/08/2013 19:30:40 If(PPPoE2) send PADI 
11/08/2013 19:30:38 [VoIP] SIP account 1 register fail(503)
11/08/2013 19:30:35 If(PPPoE2) send PADI 
11/08/2013 19:30:30 If(PPPoE2) send PADI 
11/08/2013 19:30:25 If(PPPoE2) send PADI 
11/08/2013 19:30:19 If(PPPoE2) send PADI 
11/08/2013 19:30:14 If(PPPoE2) send PADI 
11/08/2013 19:30:09 If(PPPoE2) send PADI 
11/08/2013 19:30:04 If(PPPoE2) send PADI 
11/08/2013 19:29:59 If(PPPoE2) send PADI 
11/08/2013 19:29:54 If(PPPoE2) send PADI 
11/08/2013 19:29:49 If(PPPoE2) send PADI 
11/08/2013 19:29:44 If(PPPoE2) send PADI 
11/08/2013 19:29:38 If(PPPoE2) send PADI 
11/08/2013 19:29:33 If(PPPoE2) send PADI 
11/08/2013 19:29:28 If(PPPoE2) send PADI 
11/08/2013 19:29:23 If(PPPoE2) send PADI 
11/08/2013 19:29:18 If(PPPoE2) send PADI 
11/08/2013 19:29:13 If(PPPoE2) send PADI 
11/08/2013 19:29:08 If(PPPoE2) send PADI 
11/08/2013 19:29:03 If(PPPoE2) send PADI 
11/08/2013 19:28:57 If(PPPoE2) send PADI 
11/08/2013 19:28:52 If(PPPoE2) send PADI 
11/08/2013 19:28:47 If(PPPoE2) send PADI 
11/08/2013 19:28:42 If(PPPoE2) send PADI 
11/08/2013 19:28:37 If(PPPoE2) send PADI 
11/08/2013 19:28:32 If(PPPoE2) send PADI 
11/08/2013 19:28:27 If(PPPoE2) send PADI 
11/08/2013 19:28:22 If(PPPoE2) send PADI 
11/08/2013 19:28:16 If(PPPoE2) send PADI 
11/08/2013 19:28:11 If(PPPoE2) send PADI 
11/08/2013 19:28:06 If(PPPoE2) send PADI 
11/08/2013 19:28:01 If(PPPoE2) send PADI 
11/08/2013 19:27:56 If(PPPoE2) send PADI 
11/08/2013 19:27:51 If(PPPoE2) send PADI 
11/08/2013 19:27:46 If(PPPoE2) send PADI 
11/08/2013 19:27:41 If(PPPoE2) send PADI 
11/08/2013 19:27:35 If(PPPoE2) send PADI 
11/08/2013 19:27:30 If(PPPoE2) send PADI 
11/08/2013 19:27:25 If(PPPoE2) send PADI 
11/08/2013 19:27:20 If(PPPoE2) send PADI 
11/08/2013 19:27:15 If(PPPoE2) send PADI 
11/08/2013 19:27:10 If(PPPoE2) send PADI 
11/08/2013 19:27:05 If(PPPoE2) send PADI 
11/08/2013 19:27:00 If(PPPoE2) send PADI 
11/08/2013 19:26:55 If(PPPoE2) send PADI 
11/08/2013 19:26:50 If(PPPoE2) send PADI 
11/08/2013 19:26:45 If(PPPoE2) send PADI 
11/08/2013 19:26:40 If(PPPoE2) send PADI 
11/08/2013 19:26:34 If(PPPoE2) send PADI 
11/08/2013 19:26:29 If(PPPoE2) send PADI 
11/08/2013 19:26:24 If(PPPoE2) send PADI 
11/08/2013 19:26:19 If(PPPoE2) send PADI 
11/08/2013 19:26:14 If(PPPoE2) send PADI 
11/08/2013 19:26:09 If(PPPoE2) send PADI 
11/08/2013 19:26:04 If(PPPoE2) send PADI 
11/08/2013 19:25:59 If(PPPoE2) send PADI 
11/08/2013 19:25:53 If(PPPoE2) send PADI 
11/08/2013 19:25:48 If(PPPoE2) send PADI 
11/08/2013 19:25:43 If(PPPoE2) send PADI 
11/08/2013 19:25:38 If(PPPoE2) send PADI 
11/08/2013 19:25:33 If(PPPoE2) send PADI 
11/08/2013 19:25:28 If(PPPoE2) send PADI 
11/08/2013 19:25:23 If(PPPoE2) send PADI 
11/08/2013 19:25:18 If(PPPoE2) send PADI 
11/08/2013 19:25:12 If(PPPoE2) send PADI 
11/08/2013 19:25:07 If(PPPoE2) send PADI 
11/08/2013 19:25:02 If(PPPoE2) send PADI 
11/08/2013 19:24:57 If(PPPoE2) send PADI 
11/08/2013 19:24:52 If(PPPoE2) send PADI 
11/08/2013 19:24:47 If(PPPoE2) send PADI 
11/08/2013 19:24:42 If(PPPoE2) send PADI 
11/08/2013 19:24:37 If(PPPoE2) send PADI 
11/08/2013 19:24:32 If(PPPoE2) send PADI 
11/08/2013 19:24:27 If(PPPoE2) send PADI 
11/08/2013 19:24:22 If(PPPoE2) send PADI 
11/08/2013 19:24:17 If(PPPoE2) send PADI 
11/08/2013 19:24:11 If(PPPoE2) send PADI 
11/08/2013 19:24:06 If(PPPoE2) send PADI 
11/08/2013 19:24:01 If(PPPoE2) send PADI 
11/08/2013 19:23:56 If(PPPoE2) send PADI 
11/08/2013 19:23:51 If(PPPoE2) send PADI 
11/08/2013 19:23:46 If(PPPoE2) send PADI 
11/08/2013 19:23:41 If(PPPoE2) send PADI 
11/08/2013 19:23:36 If(PPPoE2) send PADI 
11/08/2013 19:23:31 If(PPPoE2) send PADI 
11/08/2013 19:23:26 If(PPPoE2) send PADI 
11/08/2013 19:23:21 If(PPPoE2) send PADI 
11/08/2013 19:23:16 If(PPPoE2) send PADI 
11/08/2013 19:23:11 If(PPPoE2) send PADI 
11/08/2013 19:23:06 If(PPPoE2) send PADI 
11/08/2013 19:23:01 If(PPPoE2) send PADI 
11/08/2013 19:22:56 If(PPPoE2) send PADI 
11/08/2013 19:22:50 If(PPPoE2) send PADI 
11/08/2013 19:22:45 If(PPPoE2) send PADI 
11/08/2013 19:22:40 If(PPPoE2) send PADI 
11/08/2013 19:22:35 If(PPPoE2) send PADI 
11/08/2013 19:22:30 If(PPPoE2) send PADI 
11/08/2013 19:22:25 If(PPPoE2) send PADI 
11/08/2013 19:22:20 If(PPPoE2) send PADI 
11/08/2013 19:22:15 If(PPPoE2) send PADI 
11/08/2013 19:22:09 If(PPPoE2) send PADI 
11/08/2013 19:22:04 If(PPPoE2) send PADI 
11/08/2013 19:21:59 If(PPPoE2) send PADI 
11/08/2013 19:21:54 If(PPPoE2) send PADI 
11/08/2013 19:21:49 If(PPPoE2) send PADI 
11/08/2013 19:21:44 If(PPPoE2) send PADI 
11/08/2013 19:21:39 If(PPPoE2) send PADI 
11/08/2013 19:21:34 If(PPPoE2) send PADI 
11/08/2013 19:21:29 If(PPPoE2) send PADI 
11/08/2013 19:21:24 If(PPPoE2) send PADI 
11/08/2013 19:21:19 If(PPPoE2) send PADI 
11/08/2013 19:21:14 If(PPPoE2) send PADI 
11/08/2013 19:21:08 If(PPPoE2) send PADI 
11/08/2013 19:21:03 If(PPPoE2) send PADI 
11/08/2013 19:20:58 If(PPPoE2) send PADI 
11/08/2013 19:20:53 If(PPPoE2) send PADI 
11/08/2013 19:20:48 If(PPPoE2) send PADI 
11/08/2013 19:20:43 If(PPPoE2) send PADI 
11/08/2013 19:20:38 If(PPPoE2) send PADI 
11/08/2013 19:20:33 If(PPPoE2) send PADI 
11/08/2013 19:20:27 If(PPPoE2) send PADI 
11/08/2013 19:20:22 If(PPPoE2) send PADI 
11/08/2013 19:20:17 If(PPPoE2) send PADI 
11/08/2013 19:20:12 If(PPPoE2) send PADI 
11/08/2013 19:20:07 If(PPPoE2) send PADI 
11/08/2013 19:20:02 If(PPPoE2) send PADI 
11/08/2013 19:19:57 If(PPPoE2) send PADI 
11/08/2013 19:19:52 If(PPPoE2) send PADI 
11/08/2013 19:19:46 If(PPPoE2) send PADI 
11/08/2013 19:19:41 If(PPPoE2) send PADI 
11/08/2013 19:19:36 If(PPPoE2) send PADI 
11/08/2013 19:19:31 If(PPPoE2) send PADI 
11/08/2013 19:19:26 If(PPPoE2) send PADI 
11/08/2013 19:19:21 If(PPPoE2) send PADI 
11/08/2013 19:19:16 If(PPPoE2) send PADI 
11/08/2013 19:19:11 If(PPPoE2) send PADI 
11/08/2013 19:19:05 If(PPPoE2) send PADI 
11/08/2013 19:19:00 If(PPPoE2) send PADI 
11/08/2013 19:18:55 If(PPPoE2) send PADI 
11/08/2013 19:18:50 If(PPPoE2) send PADI 
11/08/2013 19:18:45 If(PPPoE2) send PADI 
11/08/2013 19:18:40 If(PPPoE2) send PADI 
11/08/2013 19:18:35 If(PPPoE2) send PADI 
11/08/2013 19:18:30 If(PPPoE2) send PADI 
11/08/2013 19:18:25 If(PPPoE2) send PADI 
11/08/2013 19:18:20 If(PPPoE2) send PADI 
11/08/2013 19:18:15 If(PPPoE2) send PADI 
11/08/2013 19:18:10 If(PPPoE2) send PADI 
11/08/2013 19:18:05 If(PPPoE2) send PADI 
11/08/2013 19:18:00 If(PPPoE2) send PADI 
11/08/2013 19:17:55 If(PPPoE2) send PADI 
11/08/2013 19:17:50 If(PPPoE2) send PADI 
11/08/2013 19:17:44 If(PPPoE2) send PADI 
11/08/2013 19:17:39 If(PPPoE2) send PADI 
11/08/2013 19:17:34 If(PPPoE2) send PADI 
11/08/2013 19:17:29 If(PPPoE2) send PADI 
11/08/2013 19:17:24 If(PPPoE2) send PADI 
11/08/2013 19:17:19 If(PPPoE2) send PADI 
11/08/2013 19:17:14 If(PPPoE2) send PADI 
11/08/2013 19:17:09 If(PPPoE2) send PADI 
11/08/2013 19:17:04 If(PPPoE2) send PADI 
11/08/2013 19:16:59 If(PPPoE2) send PADI 
11/08/2013 19:16:54 If(PPPoE2) send PADI 
11/08/2013 19:16:49 If(PPPoE2) send PADI 
11/08/2013 19:16:43 If(PPPoE2) send PADI 
11/08/2013 19:16:38 If(PPPoE2) send PADI 
11/08/2013 19:16:33 If(PPPoE2) send PADI 
11/08/2013 19:16:28 If(PPPoE2) send PADI 
11/08/2013 19:16:23 If(PPPoE2) send PADI 
11/08/2013 19:16:18 If(PPPoE2) send PADI 
11/08/2013 19:16:16 sending ACK to 192.168.168.101
11/08/2013 19:16:13 If(PPPoE2) send PADI 
11/08/2013 19:16:08 If(PPPoE2) send PADI 
11/08/2013 19:16:02 If(PPPoE2) send PADI 
11/08/2013 19:15:57 If(PPPoE2) send PADI 
11/08/2013 19:15:52 If(PPPoE2) send PADI 
11/08/2013 19:15:47 If(PPPoE2) send PADI 
11/08/2013 19:15:42 If(PPPoE2) send PADI 
11/08/2013 19:15:37 If(PPPoE2) send PADI 
11/08/2013 19:15:32 If(PPPoE2) send PADI 
11/08/2013 19:15:27 If(PPPoE2) send PADI 
11/08/2013 19:15:21 If(PPPoE2) send PADI 
11/08/2013 19:15:16 If(PPPoE2) send PADI 
11/08/2013 19:15:11 If(PPPoE2) send PADI 
11/08/2013 19:15:06 If(PPPoE2) send PADI 
11/08/2013 19:15:01 If(PPPoE2) send PADI 
11/08/2013 19:14:56 If(PPPoE2) send PADI 
11/08/2013 19:14:51 If(PPPoE2) send PADI 
11/08/2013 19:14:46 If(PPPoE2) send PADI 
11/08/2013 19:14:41 If(PPPoE2) send PADI 
11/08/2013 19:14:36 If(PPPoE2) send PADI 
11/08/2013 19:14:31 If(PPPoE2) send PADI 
11/08/2013 19:14:26 If(PPPoE2) send PADI 
11/08/2013 19:14:23 sending ACK to 192.168.168.104
11/08/2013 19:14:23 sending OFFER to 192.168.168.104
11/08/2013 19:14:20 If(PPPoE2) send PADI 
11/08/2013 19:14:15 If(PPPoE2) send PADI 
11/08/2013 19:14:10 If(PPPoE2) send PADI 
11/08/2013 19:14:05 If(PPPoE2) send PADI 
11/08/2013 19:14:00 If(PPPoE2) send PADI 
11/08/2013 19:13:55 If(PPPoE2) send PADI 
11/08/2013 19:13:50 If(PPPoE2) send PADI 
11/08/2013 19:13:45 If(PPPoE2) send PADI 
11/08/2013 19:13:39 If(PPPoE2) send PADI 
11/08/2013 19:13:34 If(PPPoE2) send PADI 
11/08/2013 19:13:29 If(PPPoE2) send PADI 
11/08/2013 19:13:24 If(PPPoE2) send PADI 
11/08/2013 19:13:19 If(PPPoE2) send PADI 
11/08/2013 19:13:14 If(PPPoE2) send PADI 
11/08/2013 19:13:09 If(PPPoE2) send PADI 
11/08/2013 19:13:04 If(PPPoE2) send PADI 
11/08/2013 19:12:59 If(PPPoE2) send PADI 
11/08/2013 19:12:54 If(PPPoE2) send PADI 
11/08/2013 19:12:49 If(PPPoE2) send PADI 
11/08/2013 19:12:44 If(PPPoE2) send PADI 
11/08/2013 19:12:38 If(PPPoE2) send PADI 
11/08/2013 19:12:33 If(PPPoE2) send PADI 
11/08/2013 19:12:28 If(PPPoE2) send PADI 
11/08/2013 19:12:23 If(PPPoE2) send PADI 
11/08/2013 19:12:18 If(PPPoE2) send PADI 
11/08/2013 19:12:13 If(PPPoE2) send PADI 
11/08/2013 19:12:08 If(PPPoE2) send PADI 
11/08/2013 19:12:03 If(PPPoE2) send PADI 
11/08/2013 19:11:57 If(PPPoE2) send PADI 
11/08/2013 19:11:52 If(PPPoE2) send PADI 
11/08/2013 19:11:47 If(PPPoE2) send PADI 
11/08/2013 19:11:42 If(PPPoE2) send PADI 
11/08/2013 19:11:37 If(PPPoE2) send PADI 
11/08/2013 19:11:32 If(PPPoE2) send PADI 
11/08/2013 19:11:27 If(PPPoE2) send PADI 
11/08/2013 19:11:22 If(PPPoE2) send PADI 
11/08/2013 19:11:17 If(PPPoE2) send PADI 
11/08/2013 19:11:12 If(PPPoE2) send PADI 
11/08/2013 19:11:07 If(PPPoE2) send PADI 
11/08/2013 19:11:02 If(PPPoE2) send PADI 
11/08/2013 19:10:56 If(PPPoE2) send PADI 
11/08/2013 19:10:51 If(PPPoE2) send PADI 
11/08/2013 19:10:46 If(PPPoE2) send PADI 
11/08/2013 19:10:41 If(PPPoE2) send PADI 
11/08/2013 19:10:36 If(PPPoE2) send PADI 
11/08/2013 19:10:31 If(PPPoE2) send PADI 
11/08/2013 19:10:26 If(PPPoE2) send PADI 
11/08/2013 19:10:21 If(PPPoE2) send PADI 
11/08/2013 19:10:16 If(PPPoE2) send PADI 
11/08/2013 19:10:11 If(PPPoE2) send PADI 
11/08/2013 19:10:06 If(PPPoE2) send PADI 
11/08/2013 19:10:01 If(PPPoE2) send PADI 
11/08/2013 19:09:56 If(PPPoE2) send PADI 
11/08/2013 19:09:51 If(PPPoE2) send PADI 
11/08/2013 19:09:46 If(PPPoE2) send PADI 
11/08/2013 19:09:41 If(PPPoE2) send PADI 
11/08/2013 19:09:35 If(PPPoE2) send PADI 
11/08/2013 19:09:30 If(PPPoE2) send PADI 
11/08/2013 19:09:25 If(PPPoE2) send PADI 
11/08/2013 19:09:20 If(PPPoE2) send PADI 
11/08/2013 19:09:15 If(PPPoE2) send PADI 
11/08/2013 19:09:10 If(PPPoE2) send PADI 
11/08/2013 19:09:05 If(PPPoE2) send PADI 
11/08/2013 19:09:00 If(PPPoE2) send PADI 
11/08/2013 19:08:54 If(PPPoE2) send PADI 
11/08/2013 19:08:49 If(PPPoE2) send PADI 
11/08/2013 19:08:44 If(PPPoE2) send PADI 
11/08/2013 19:08:39 If(PPPoE2) send PADI 
11/08/2013 19:08:34 If(PPPoE2) send PADI 
11/08/2013 19:08:29 If(PPPoE2) send PADI 
11/08/2013 19:08:24 If(PPPoE2) send PADI 
11/08/2013 19:08:19 If(PPPoE2) send PADI 
11/08/2013 19:08:14 If(PPPoE2) send PADI 
11/08/2013 19:08:09 If(PPPoE2) send PADI 
11/08/2013 19:08:04 If(PPPoE2) send PADI 
11/08/2013 19:07:59 If(PPPoE2) send PADI 
11/08/2013 19:07:54 If(PPPoE2) send PADI 
11/08/2013 19:07:49 If(PPPoE2) send PADI 
11/08/2013 19:07:44 If(PPPoE2) send PADI 
11/08/2013 19:07:39 If(PPPoE2) send PADI 
11/08/2013 19:07:33 If(PPPoE2) send PADI 
11/08/2013 19:07:28 If(PPPoE2) send PADI 
11/08/2013 19:07:23 If(PPPoE2) send PADI 
11/08/2013 19:07:18 If(PPPoE2) send PADI 
11/08/2013 19:07:13 If(PPPoE2) send PADI 
11/08/2013 19:07:08 If(PPPoE2) send PADI 
11/08/2013 19:07:03 If(PPPoE2) send PADI 
11/08/2013 19:06:58 If(PPPoE2) send PADI 
11/08/2013 19:06:52 If(PPPoE2) send PADI 
11/08/2013 19:06:47 If(PPPoE2) send PADI 
11/08/2013 19:06:42 If(PPPoE2) send PADI 
11/08/2013 19:06:37 If(PPPoE2) send PADI 
11/08/2013 19:06:32 If(PPPoE2) send PADI 
11/08/2013 19:06:27 If(PPPoE2) send PADI 
11/08/2013 19:06:22 If(PPPoE2) send PADI 
11/08/2013 19:06:17 If(PPPoE2) send PADI 
11/08/2013 19:06:11 If(PPPoE2) send PADI 
11/08/2013 19:06:06 If(PPPoE2) send PADI 
11/08/2013 19:06:01 If(PPPoE2) send PADI 
11/08/2013 19:05:56 If(PPPoE2) send PADI 
11/08/2013 19:05:51 If(PPPoE2) send PADI 
11/08/2013 19:05:46 If(PPPoE2) send PADI 
11/08/2013 19:05:41 If(PPPoE2) send PADI 
11/08/2013 19:05:36 If(PPPoE2) send PADI 
11/08/2013 19:05:30 If(PPPoE2) send PADI 
11/08/2013 19:05:25 If(PPPoE2) send PADI 
11/08/2013 19:05:20 If(PPPoE2) send PADI 
11/08/2013 19:05:15 If(PPPoE2) send PADI 
11/08/2013 19:05:10 If(PPPoE2) send PADI 
11/08/2013 19:05:05 If(PPPoE2) send PADI 
11/08/2013 19:05:00 If(PPPoE2) send PADI 
11/08/2013 19:04:55 If(PPPoE2) send PADI 
11/08/2013 19:04:49 If(PPPoE2) send PADI 
11/08/2013 19:04:44 If(PPPoE2) send PADI 
11/08/2013 19:04:39 If(PPPoE2) send PADI 
11/08/2013 19:04:34 If(PPPoE2) send PADI 
11/08/2013 19:04:29 If(PPPoE2) send PADI 
11/08/2013 19:04:24 If(PPPoE2) send PADI 
11/08/2013 19:04:19 If(PPPoE2) send PADI 
11/08/2013 19:04:14 If(PPPoE2) send PADI 
11/08/2013 19:04:08 If(PPPoE2) send PADI 
11/08/2013 19:04:03 If(PPPoE2) send PADI 
11/08/2013 19:03:58 If(PPPoE2) send PADI 
11/08/2013 19:03:53 If(PPPoE2) send PADI 
11/08/2013 19:03:48 If(PPPoE2) send PADI 
11/08/2013 19:03:43 If(PPPoE2) send PADI 
11/08/2013 19:03:38 If(PPPoE2) send PADI 
11/08/2013 19:03:33 If(PPPoE2) send PADI 
11/08/2013 19:03:28 If(PPPoE2) send PADI 
11/08/2013 19:03:23 If(PPPoE2) send PADI 
11/08/2013 19:03:18 If(PPPoE2) send PADI 
11/08/2013 19:03:13 If(PPPoE2) send PADI 
11/08/2013 19:03:08 If(PPPoE2) send PADI 
11/08/2013 19:03:03 If(PPPoE2) send PADI 
11/08/2013 19:02:58 If(PPPoE2) send PADI 
11/08/2013 19:02:53 If(PPPoE2) send PADI 
11/08/2013 19:02:48 If(PPPoE2) send PADI 
11/08/2013 19:02:43 If(PPPoE2) send PADI 
11/08/2013 19:02:38 If(PPPoE2) send PADI 
11/08/2013 19:02:33 If(PPPoE2) send PADI 
11/08/2013 19:02:27 If(PPPoE2) send PADI 
11/08/2013 19:02:22 If(PPPoE2) send PADI 
11/08/2013 19:02:17 If(PPPoE2) send PADI 
11/08/2013 19:02:12 If(PPPoE2) send PADI 
11/08/2013 19:02:07 If(PPPoE2) send PADI 
11/08/2013 19:02:02 If(PPPoE2) send PADI 
11/08/2013 19:01:57 If(PPPoE2) send PADI 
11/08/2013 19:01:52 If(PPPoE2) send PADI 
11/08/2013 19:01:47 If(PPPoE2) send PADI 
11/08/2013 19:01:42 If(PPPoE2) send PADI 
11/08/2013 19:01:37 If(PPPoE2) send PADI 
11/08/2013 19:01:32 If(PPPoE2) send PADI 
11/08/2013 19:01:26 If(PPPoE2) send PADI 
11/08/2013 19:01:21 If(PPPoE2) send PADI 
11/08/2013 19:01:16 If(PPPoE2) send PADI 
11/08/2013 19:01:11 If(PPPoE2) send PADI 
11/08/2013 19:01:06 If(PPPoE2) send PADI 
11/08/2013 19:01:01 If(PPPoE2) send PADI 
11/08/2013 19:00:56 If(PPPoE2) send PADI 
11/08/2013 19:00:51 If(PPPoE2) send PADI 
11/08/2013 19:00:45 If(PPPoE2) send PADI 
11/08/2013 19:00:40 If(PPPoE2) send PADI 
11/08/2013 19:00:35 If(PPPoE2) send PADI 
11/08/2013 19:00:30 If(PPPoE2) send PADI 
11/08/2013 19:00:25 If(PPPoE2) send PADI 
11/08/2013 19:00:20 If(PPPoE2) send PADI 
11/08/2013 19:00:15 If(PPPoE2) send PADI 
11/08/2013 19:00:10 If(PPPoE2) send PADI 
11/08/2013 19:00:04 If(PPPoE2) send PADI 
11/08/2013 18:59:59 If(PPPoE2) send PADI 
11/08/2013 18:59:54 If(PPPoE2) send PADI 
11/08/2013 18:59:49 If(PPPoE2) send PADI 
11/08/2013 18:59:44 If(PPPoE2) send PADI 
11/08/2013 18:59:39 If(PPPoE2) send PADI 
11/08/2013 18:59:34 If(PPPoE2) send PADI 
11/08/2013 18:59:29 If(PPPoE2) send PADI 
11/08/2013 18:59:24 If(PPPoE2) send PADI 
11/08/2013 18:59:19 If(PPPoE2) send PADI 
11/08/2013 18:59:14 If(PPPoE2) send PADI 
11/08/2013 18:59:09 If(PPPoE2) send PADI 
11/08/2013 18:59:04 If(PPPoE2) send PADI 
11/08/2013 18:58:59 If(PPPoE2) send PADI 
11/08/2013 18:58:54 If(PPPoE2) send PADI 
11/08/2013 18:58:49 If(PPPoE2) send PADI 
11/08/2013 18:58:44 If(PPPoE2) send PADI 
11/08/2013 18:58:39 If(PPPoE2) send PADI 
11/08/2013 18:58:34 If(PPPoE2) send PADI 
11/08/2013 18:58:29 If(PPPoE2) send PADI 
11/08/2013 18:58:24 If(PPPoE2) send PADI 
11/08/2013 18:58:19 If(PPPoE2) send PADI 
11/08/2013 18:58:14 If(PPPoE2) send PADI 
11/08/2013 18:58:09 If(PPPoE2) send PADI 
11/08/2013 18:58:03 If(PPPoE2) send PADI 
11/08/2013 18:57:58 If(PPPoE2) send PADI 
11/08/2013 18:57:53 If(PPPoE2) send PADI 
11/08/2013 18:57:48 If(PPPoE2) send PADI 
11/08/2013 18:57:43 If(PPPoE2) send PADI 
11/08/2013 18:57:38 If(PPPoE2) send PADI 
11/08/2013 18:57:33 If(PPPoE2) send PADI 
11/08/2013 18:57:28 If(PPPoE2) send PADI 
11/08/2013 18:57:23 If(PPPoE2) send PADI 
11/08/2013 18:57:18 If(PPPoE2) send PADI 
11/08/2013 18:57:13 If(PPPoE2) send PADI 
11/08/2013 18:57:08 If(PPPoE2) send PADI 
11/08/2013 18:57:03 If(PPPoE2) send PADI 
11/08/2013 18:56:58 If(PPPoE2) send PADI 
11/08/2013 18:56:53 If(PPPoE2) send PADI 
11/08/2013 18:56:48 If(PPPoE2) send PADI 
11/08/2013 18:56:42 If(PPPoE2) send PADI 
11/08/2013 18:56:37 If(PPPoE2) send PADI 
11/08/2013 18:56:32 If(PPPoE2) send PADI 
11/08/2013 18:56:27 If(PPPoE2) send PADI 
11/08/2013 18:56:22 If(PPPoE2) send PADI 
11/08/2013 18:56:17 If(PPPoE2) send PADI 
11/08/2013 18:56:12 If(PPPoE2) send PADI 
11/08/2013 18:56:07 If(PPPoE2) send PADI 
11/08/2013 18:56:02 If(PPPoE2) send PADI 
11/08/2013 18:55:57 If(PPPoE2) send PADI 
11/08/2013 18:55:52 If(PPPoE2) send PADI 
11/08/2013 18:55:47 If(PPPoE2) send PADI 
11/08/2013 18:55:41 If(PPPoE2) send PADI 
11/08/2013 18:55:36 If(PPPoE2) send PADI 
11/08/2013 18:55:31 If(PPPoE2) send PADI 
11/08/2013 18:55:26 If(PPPoE2) send PADI 
11/08/2013 18:55:21 If(PPPoE2) send PADI 
11/08/2013 18:55:16 If(PPPoE2) send PADI 
11/08/2013 18:55:11 If(PPPoE2) send PADI 
11/08/2013 18:55:06 If(PPPoE2) send PADI 
11/08/2013 18:55:00 If(PPPoE2) send PADI 
11/08/2013 18:54:55 If(PPPoE2) send PADI 
11/08/2013 18:54:50 If(PPPoE2) send PADI 
11/08/2013 18:54:45 If(PPPoE2) send PADI 
11/08/2013 18:54:40 If(PPPoE2) send PADI 
11/08/2013 18:54:35 sending ACK to 192.168.168.104
11/08/2013 18:54:35 sending OFFER to 192.168.168.104
11/08/2013 18:54:35 If(PPPoE2) send PADI 
11/08/2013 18:54:30 If(PPPoE2) send PADI 
11/08/2013 18:54:25 If(PPPoE2) send PADI 
11/08/2013 18:54:19 If(PPPoE2) send PADI 
11/08/2013 18:54:15 sending ACK to 192.168.168.104
11/08/2013 18:54:15 sending OFFER to 192.168.168.104
11/08/2013 18:54:14 If(PPPoE2) send PADI 
11/08/2013 18:54:09 If(PPPoE2) send PADI 
11/08/2013 18:54:04 If(PPPoE2) send PADI 
11/08/2013 18:53:59 If(PPPoE2) send PADI 
11/08/2013 18:53:54 If(PPPoE2) send PADI 
11/08/2013 18:53:49 If(PPPoE2) send PADI 
11/08/2013 18:53:44 If(PPPoE2) send PADI 
11/08/2013 18:53:38 If(PPPoE2) send PADI 
11/08/2013 18:53:33 If(PPPoE2) send PADI 
11/08/2013 18:53:28 If(PPPoE2) send PADI 
11/08/2013 18:53:23 If(PPPoE2) send PADI 
11/08/2013 18:53:18 If(PPPoE2) send PADI 
11/08/2013 18:53:13 If(PPPoE2) send PADI 
11/08/2013 18:53:08 If(PPPoE2) send PADI 
11/08/2013 18:53:03 If(PPPoE2) send PADI 
11/08/2013 18:52:57 If(PPPoE2) send PADI 
11/08/2013 18:52:52 If(PPPoE2) send PADI 
11/08/2013 18:52:47 If(PPPoE2) send PADI 
11/08/2013 18:52:42 If(PPPoE2) send PADI 
11/08/2013 18:52:37 If(PPPoE2) send PADI
         

Antwort

Themen zu Neuer Win7 PC
aufgrund, log, neuer, outbound, scan, tcp, verdacht, win, win7



Ähnliche Themen: Neuer Win7 PC


  1. Win7: Erscheinen neuer Ordner bestehend aus Buchstaben- und Zahlenkombination. Virus?
    Log-Analyse und Auswertung - 28.05.2015 (7)
  2. Win7 auf neuer Festplatte neu aufsetzen - Parallelbetrieb mit altem System möglich?
    Alles rund um Windows - 08.11.2014 (1)
  3. Neuer Rechner; Neuer Virenschutz & Windows 8 Secure-Einstellungen
    Antiviren-, Firewall- und andere Schutzprogramme - 12.10.2014 (21)
  4. Win7 langsam,Antivir dauert Stunden, neuer Befall?
    Plagegeister aller Art und deren Bekämpfung - 29.06.2014 (11)
  5. Win7 - PC laggt, komischer neuer Kontakt in Skype
    Plagegeister aller Art und deren Bekämpfung - 04.04.2014 (9)
  6. Div. Bluescreens bei Win7 und Win7-Installation nach durchgeb. Netzteil
    Alles rund um Windows - 24.11.2013 (8)
  7. Win7 32 bit auf 64bit win7 updeaten
    Alles rund um Windows - 08.09.2013 (10)
  8. Neuer Pc, neuer Anfang - Notwendige Schutzprogramme
    Antiviren-, Firewall- und andere Schutzprogramme - 24.08.2013 (3)
  9. Verschlüsselungstrojaner neuer Typ
    Log-Analyse und Auswertung - 29.05.2012 (4)
  10. Neuer PC, Partition auf Win7 erstellen?
    Alles rund um Windows - 28.03.2012 (7)
  11. Ist Win7 Starter genau so sicher wie das normale Win7?
    Alles rund um Windows - 28.07.2011 (2)
  12. Neuer Pc
    Netzwerk und Hardware - 26.03.2009 (2)
  13. Neuer PC
    Netzwerk und Hardware - 30.12.2008 (11)
  14. neuer Pc...
    Diskussionsforum - 28.05.2007 (12)
  15. Neuer Log
    Log-Analyse und Auswertung - 05.01.2006 (1)
  16. Neuer PC
    Netzwerk und Hardware - 13.05.2003 (6)

Zum Thema Neuer Win7 PC - Hallo, habe einen PC und habe den verdacht dass ich mir was eingefallen habe, aufgrund der Log von Router. 10/27/2013 16:01:35 **TCP FIN Scan** 192.168.168.100, 62525->> 107.20.193.157, 80 (from PPPoE1 - Neuer Win7 PC...
Archiv
Du betrachtest: Neuer Win7 PC auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.