| |
| |||||||
Log-Analyse und Auswertung: Vista: Infected.WebPage.Gen2 in QuarantäneWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
21.08.2014, 15:03
| #1 |
| |  Vista: Infected.WebPage.Gen2 in Quarantäne Hallo, ich habe von Avira Antivir die Meldung bekommen, dass Infected.WebPage.Gen2 zugreifen will. Habe auf ´´entfernen´´gedrückt und jetzt ist dieser Virus bei Avira in Quarantäne. Habe inzwischen zwei Virenscan durchgeführt, mit jeweils dem Ergebnis, dass keine Funde sind. Ist mein Computer nun sicher? Habe auch Systemscan mit FRST durchgeführt und Logfiles dazu. Auch den Scan mit defogger habe ich gemacht, aber kein Logfiles dazu. Da habe ich sicher was falsch gemacht, weiss aber nicht was. Ich möchte noch dazu sagen, dass ich totaler Anfänger und sehr unsicher bin. Wenn noch weitere Schritte notwendig sind, bitte so einfach wie möglich erklären. Ich bedanke ich im voraus und versuche nun die Logfiles zu posten. Logfile FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-08-2014
Ran by Anke (administrator) on ANKE-PC on 21-08-2014 14:31:30
Running from C:\Users\Anke\Downloads
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATICAE.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Realtek Semiconductor Corp.) C:\Users\Anke\AppData\Local\Temp\RtkBtMnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3673600 2008-10-07] (Arachnoid Biometrics Identification Group Corp.)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2060288 2008-03-13] (Vodafone)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-08-19] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-08-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Nikon Message Center 2] => C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1957784 2014-07-31] (APN)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\Run: [EPSON Stylus DX4400 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [180736 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\Run: [Sony PC Companion] => "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\MountPoints2: {0b713a0a-b2c9-11df-b5ad-00238b01d52c} - E:\Startme.exe
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\MountPoints2: {6719adf7-77e5-11df-89b9-00238b01d52c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\.\recycled\info.exe
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\MountPoints2: {b583470b-ef2e-11dd-b2f4-00238b01d52c} - E:\setup.exe
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\MountPoints2: {b5834712-ef2e-11dd-b2f4-00238b01d52c} - E:\setup.exe
HKU\S-1-5-21-3678624825-147957369-4122843258-1000\...\MountPoints2: {b5834726-ef2e-11dd-b2f4-00238b01d52c} - E:\setup.exe
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredimail.com/german/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6530g
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1008&m=aspire_6530g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/german/?search={searchTerms}&loc=search_box_fs
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/german/?search={searchTerms}&loc=search_box_fs
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: No Name -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> No File
BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\partner.dll (Google Inc.)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.132
FireFox:
========
FF ProfilePath: C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\e43wq50r.default
FF DefaultSearchEngine: Ask Search
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
FF Homepage: hxxp://www.vodafone.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\e43wq50r.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\e43wq50r.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\e43wq50r.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\e43wq50r.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-06-09]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\e43wq50r.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF Extension: Adblock Plus - C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\e43wq50r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-09]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-01-31]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-08-06]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3521024 2008-10-07] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S4 Partner Service; c:\programdata\partner\partner.exe [110576 2009-01-30] (Google Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [24576 2008-03-13] (Vodafone) [File not signed]
S4 MobilityService; C:\Acer\Mobility Center\MobilityService.exe -p [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [171016 2008-05-28] (AMD Technologies Inc.)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2008-10-07] (Alfa Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48128 2008-12-16] (Atheros Communications, Inc.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [148192 2008-07-18] (Realtek Semiconductor Corp.)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-14] (Avira GmbH)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
S3 DKbFltr; system32\DRIVERS\DKbFltr.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 14:31 - 2014-08-21 14:32 - 00019448 _____ () C:\Users\Anke\Downloads\FRST.txt
2014-08-21 14:28 - 2014-08-21 14:31 - 00000000 ____D () C:\FRST
2014-08-21 14:26 - 2014-08-21 14:26 - 01093632 _____ (Farbar) C:\Users\Anke\Downloads\FRST.exe
2014-08-21 14:19 - 2014-08-21 14:20 - 00000470 _____ () C:\Users\Anke\Downloads\defogger_disable.log
2014-08-21 14:19 - 2014-08-21 14:19 - 00000000 _____ () C:\Users\Anke\defogger_reenable
2014-08-21 14:14 - 2014-08-21 14:15 - 00050477 _____ () C:\Users\Anke\Downloads\Defogger.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 14:32 - 2014-08-21 14:31 - 00019448 _____ () C:\Users\Anke\Downloads\FRST.txt
2014-08-21 14:31 - 2014-08-21 14:28 - 00000000 ____D () C:\FRST
2014-08-21 14:26 - 2014-08-21 14:26 - 01093632 _____ (Farbar) C:\Users\Anke\Downloads\FRST.exe
2014-08-21 14:20 - 2014-08-21 14:19 - 00000470 _____ () C:\Users\Anke\Downloads\defogger_disable.log
2014-08-21 14:19 - 2014-08-21 14:19 - 00000000 _____ () C:\Users\Anke\defogger_reenable
2014-08-21 14:19 - 2009-01-30 23:18 - 00000000 ____D () C:\Users\Anke
2014-08-21 14:15 - 2014-08-21 14:14 - 00050477 _____ () C:\Users\Anke\Downloads\Defogger.exe
2014-08-21 14:15 - 2012-03-29 08:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 13:54 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 13:54 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 10:14 - 2008-10-07 20:05 - 01732177 ____H () C:\Windows\WindowsUpdate.log
2014-08-21 09:54 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-19 21:46 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-15 16:14 - 2009-02-04 23:59 - 00057344 _____ () C:\Users\Anke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-14 09:02 - 2012-04-29 10:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-14 08:56 - 2014-06-18 12:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox
Some content of TEMP:
====================
C:\Users\Anke\AppData\Local\Temp\AskSLib.dll
C:\Users\Anke\AppData\Local\Temp\avgnt.exe
C:\Users\Anke\AppData\Local\Temp\contentDATs.exe
C:\Users\Anke\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Anke\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Anke\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Anke\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Anke\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Anke\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Anke\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Anke\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Anke\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Anke\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Anke\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Anke\AppData\Local\Temp\MFPL7014.DLL
C:\Users\Anke\AppData\Local\Temp\ose00000.exe
C:\Users\Anke\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Anke\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Anke\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Anke\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-21 10:00
==================== End Of Log ============================
Logfile Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:19-08-2014
Ran by Anke at 2014-08-21 14:33:06
Running from C:\Users\Anke\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
AAU 6.0.00.16 (HKLM\...\Acer Acer Bio Protection 6.0.00.16) (Version: - )
Acer Bio Protection
Acer Crystal Eye Webcam 2.0.8.3 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.8.3 - SuYin)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.8) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
AMD USB Audio Driver Filter (HKLM\...\{A3AB35FA-943E-4799-99DC-46EFD59E998F}) (Version: 1.0.7.0031 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{9346230F-C4A8-17D3-D096-7E8367676DD1}) (Version: 3.0.685.0 - ATI Technologies, Inc.)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.28 - Avanquest Software)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-00A7-A758B70C0F05}) (Version: 12.15.5.1034 - APN, LLC)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0829.1729.29517 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0829.1729.29517 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0829.1729.29517 - ATI) Hidden
CCC Help Chinese Standard (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Czech (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Danish (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Dutch (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help English (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Finnish (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help French (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help German (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Greek (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Hungarian (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Italian (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Japanese (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Korean (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Polish (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Portuguese (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Russian (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Spanish (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Swedish (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Thai (Version: 2008.0829.1728.29517 - ATI) Hidden
CCC Help Turkish (Version: 2008.0829.1728.29517 - ATI) Hidden
ccc-core-static (Version: 2008.0829.1729.29517 - Ihr Firmenname) Hidden
ccc-utility (Version: 2008.0829.1729.29517 - ATI) Hidden
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.3023 - CyberLink Corp.)
CyberLink PowerDirector (Version: 6.5.3023 - CyberLink Corp.) Hidden
Disc2Phone (HKLM\...\{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}) (Version: 1.4.0.112 - Sony Media Software)
dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Java Auto Updater (Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 33 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
LightScribe 1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2656370) (HKLM\...\M2656370) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nikon Message Center 2 (HKLM\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.4.0 - Nikon)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.4.4 - Nikon)
posterXXL.de Bestellsoftware 4.60 (HKLM\...\{592ED299-14EF-4C0E-93B4-B687CD5A2EBE}_is1) (Version: - posterXXL AG)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5688 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Short Movie Creator (HKLM\...\{AADA5420-F7A1-42C5-9F66-A5B1A69FB2DD}) (Version: 1.2.0 - Nikon)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.211 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
SPBA 5.8 (HKLM\...\{ECCD28B2-8798-4D16-8126-625D728294A1}) (Version: 5.8.2.4218 - UPEK Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.4.0 - Synaptics)
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FF2E1543-EDB3-4B96-989C-A97DA428D88E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
ViewNX 2 (HKLM\...\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}) (Version: 2.4.0 - Nikon)
Vodafone Mobile Connect Lite Huawei (HKLM\...\{F7C0163D-9CD8-4F5F-BAC8-3E45A0000AFF}) (Version: 9.3.0.9237 - Vodafone)
Winbond CIR Device Drivers (HKLM\...\{10F498FF-5392-4DF3-8F73-FE172A9F3800}) (Version: 7.60.1012 - Winbond Electronics Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3678624825-147957369-4122843258-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3678624825-147957369-4122843258-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3678624825-147957369-4122843258-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\Anke\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3678624825-147957369-4122843258-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3678624825-147957369-4122843258-1000_Classes\CLSID\{DF846759-BE0F-4451-B9D3-4BEFF765A1FD}\InprocServer32 -> C:\Users\Anke\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAT~1.DLL No File
==================== Restore Points =========================
09-07-2014 08:44:42 Geplanter Prüfpunkt
11-07-2014 15:41:39 Geplanter Prüfpunkt
15-07-2014 06:28:04 Geplanter Prüfpunkt
16-07-2014 08:46:32 Geplanter Prüfpunkt
23-07-2014 16:10:26 Geplanter Prüfpunkt
14-08-2014 19:53:11 Geplanter Prüfpunkt
16-08-2014 14:08:09 Geplanter Prüfpunkt
19-08-2014 16:06:17 Geplanter Prüfpunkt
21-08-2014 11:28:31 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {367A82F5-1AF6-46A7-98EB-89F7FDC61A31} - System32\Tasks\{D71DDA50-81DA-4192-95EB-8E9E9E8187A6} => C:\Program Files\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {72647840-20F7-4F82-A634-6C114B170E79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {913906C0-1A01-4CA6-832C-182905570329} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {AC4E086E-9398-4772-9AE2-1DED3468EA8F} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2008-10-07 20:30 - 2008-10-07 20:30 - 00080896 _____ () C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll
2008-11-03 04:41 - 2008-07-22 16:13 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2009-09-24 00:35 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2014-06-18 12:34 - 2014-08-14 08:56 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: Ati External Event Utility => 2
MSCONFIG\Services: CLHNService => 2
MSCONFIG\Services: eDataSecurity Service => 2
MSCONFIG\Services: ETService => 2
MSCONFIG\Services: GoogleDesktopManager-080708-050100 => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IGBASVC => 2
MSCONFIG\Services: MobilityService => 2
MSCONFIG\Services: Partner Service => 3
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SiteAdvisor Service => 2
MSCONFIG\startupfolder: C:^Users^Anke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orion.lnk => C:\Windows\pss\Orion.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
MSCONFIG\startupreg: eAudio => "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
MSCONFIG\startupreg: eDataSecurity Loader => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
MSCONFIG\startupreg: ePower_DMC => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: LManager => C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
MSCONFIG\startupreg: PlayMovie => "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: SiteAdvisor => C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
MSCONFIG\startupreg: Skytel => Skytel.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: WarReg_PopUp => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (08/21/2014 09:55:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2014 07:31:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2014 05:32:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2014 10:18:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2014 04:20:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2014 02:58:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2014 06:33:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2014 02:54:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2014 01:24:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2014 02:10:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (08/16/2014 06:34:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows-Dienst für Schriftartencache%%1053
Error: (08/16/2014 06:34:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows-Dienst für Schriftartencache
Error: (07/17/2014 01:30:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman
Error: (06/29/2014 01:20:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows-Dienst für Schriftartencache%%1053
Error: (06/29/2014 01:20:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows-Dienst für Schriftartencache
Error: (06/03/2014 11:33:55 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Gruppenrichtlinienclient
Error: (04/30/2014 10:57:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Avira Echtzeit-Scanner101Neustart des Diensts
Error: (02/21/2014 07:44:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Media Player-Netzwerkfreigabedienst%%1053
Error: (02/21/2014 07:44:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Media Player-Netzwerkfreigabedienst
Error: (02/20/2014 08:04:08 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Avira Browser-Schutz4 (0x4)
Microsoft Office Sessions:
=========================
Error: (10/26/2012 11:11:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 81 seconds with 60 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: AMD Athlon(tm) X2 Dual-Core QL-60
Percentage of memory in use: 46%
Total physical RAM: 2525.43 MB
Available physical RAM: 1357.01 MB
Total Pagefile: 5279.39 MB
Available Pagefile: 3975.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.81 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:24.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:140.5 GB) (Free:140.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: D14AF894)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=140.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.5 GB) - (Type=12)
==================== End Of Log ============================
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 19. August 2014 11:45
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows Vista (TM) Home Premium
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : ANKE-PC
Versionsinformationen:
BUILD.DAT : 14.0.6.552 92022 Bytes 23.07.2014 13:29:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 14.08.2014 06:56:14
AVSCANRC.DLL : 14.0.6.522 62544 Bytes 14.08.2014 06:56:14
LUKE.DLL : 14.0.6.522 57936 Bytes 14.08.2014 06:56:21
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 14.08.2014 06:56:14
AVREG.DLL : 14.0.6.522 262224 Bytes 14.08.2014 06:56:13
avlode.dll : 14.0.6.526 603728 Bytes 14.08.2014 06:56:13
avlode.rdf : 14.0.4.42 65114 Bytes 18.07.2014 09:17:59
XBV00009.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:57
XBV00010.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:57
XBV00011.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:57
XBV00012.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:57
XBV00013.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:57
XBV00014.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:57
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:57
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:58
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:49:59
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:50:00
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:50:00
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:50:00
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:50:00
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:50:00
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 18:50:01
XBV00123.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00124.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00125.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00126.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00127.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00128.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00129.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00130.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00131.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00132.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00133.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00134.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00135.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00136.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00137.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:06
XBV00138.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00139.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00140.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00141.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00142.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00143.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00144.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00145.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00146.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00147.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00148.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00149.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:07
XBV00150.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:08
XBV00151.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:08
XBV00152.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:08
XBV00153.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:08
XBV00154.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:08
XBV00155.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:08
XBV00156.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:08
XBV00157.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:08
XBV00158.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00159.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00160.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00161.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00162.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00163.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00164.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00165.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00166.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:09
XBV00167.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00168.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00169.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00170.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00171.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00172.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00173.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00174.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00175.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:10
XBV00176.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00177.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00178.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00179.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00180.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00181.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00182.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00183.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00184.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00185.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00186.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00187.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00188.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00189.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00190.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00191.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00192.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00193.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00194.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00195.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00196.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00197.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00198.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00199.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:11
XBV00200.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00201.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00202.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00203.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00204.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00205.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00206.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00207.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00208.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00209.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00210.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00211.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:12
XBV00212.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00213.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00214.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00215.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00216.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00217.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00218.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00219.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00220.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:13
XBV00221.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00222.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00223.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00224.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00225.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00226.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00227.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00228.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00229.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00230.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00231.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00232.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00233.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:14
XBV00234.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00235.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00236.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00237.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00238.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00239.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00240.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00241.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00242.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00243.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00244.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00245.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:15
XBV00246.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00247.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00248.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00249.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00250.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00251.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00252.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00253.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00254.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00255.VDF : 8.11.165.192 2048 Bytes 07.08.2014 18:50:16
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 12:39:16
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 12:48:50
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 14:43:01
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 06:25:41
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 19:59:45
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 05:33:08
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 08:02:07
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 07:20:47
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 18:49:57
XBV00042.VDF : 8.11.165.218 217600 Bytes 07.08.2014 18:50:01
XBV00043.VDF : 8.11.165.246 262656 Bytes 07.08.2014 18:50:01
XBV00044.VDF : 8.11.165.250 20480 Bytes 07.08.2014 18:50:01
XBV00045.VDF : 8.11.165.252 2048 Bytes 07.08.2014 18:50:01
XBV00046.VDF : 8.11.165.254 7168 Bytes 07.08.2014 18:50:01
XBV00047.VDF : 8.11.166.4 5120 Bytes 08.08.2014 18:50:01
XBV00048.VDF : 8.11.166.16 6144 Bytes 08.08.2014 18:50:01
XBV00049.VDF : 8.11.166.20 28160 Bytes 08.08.2014 18:50:01
XBV00050.VDF : 8.11.166.22 2048 Bytes 08.08.2014 18:50:01
XBV00051.VDF : 8.11.166.24 20480 Bytes 08.08.2014 18:50:01
XBV00052.VDF : 8.11.166.28 33280 Bytes 08.08.2014 18:50:01
XBV00053.VDF : 8.11.166.32 214016 Bytes 08.08.2014 18:50:01
XBV00054.VDF : 8.11.166.34 5120 Bytes 08.08.2014 18:50:01
XBV00055.VDF : 8.11.166.58 216576 Bytes 09.08.2014 18:50:02
XBV00056.VDF : 8.11.166.78 15872 Bytes 09.08.2014 18:50:02
XBV00057.VDF : 8.11.166.98 37888 Bytes 10.08.2014 18:50:02
XBV00058.VDF : 8.11.166.100 2048 Bytes 10.08.2014 18:50:02
XBV00059.VDF : 8.11.166.102 45568 Bytes 10.08.2014 18:50:02
XBV00060.VDF : 8.11.166.104 2048 Bytes 10.08.2014 18:50:02
XBV00061.VDF : 8.11.166.106 16384 Bytes 11.08.2014 18:50:02
XBV00062.VDF : 8.11.166.108 3072 Bytes 11.08.2014 18:50:02
XBV00063.VDF : 8.11.166.110 8192 Bytes 11.08.2014 18:50:02
XBV00064.VDF : 8.11.166.112 10240 Bytes 11.08.2014 18:50:02
XBV00065.VDF : 8.11.166.114 24576 Bytes 11.08.2014 18:50:02
XBV00066.VDF : 8.11.166.118 215552 Bytes 11.08.2014 18:50:02
XBV00067.VDF : 8.11.166.138 2048 Bytes 11.08.2014 18:50:02
XBV00068.VDF : 8.11.166.158 2048 Bytes 11.08.2014 18:50:02
XBV00069.VDF : 8.11.166.180 8704 Bytes 11.08.2014 18:50:02
XBV00070.VDF : 8.11.166.202 11264 Bytes 12.08.2014 18:50:02
XBV00071.VDF : 8.11.166.206 4096 Bytes 12.08.2014 18:50:02
XBV00072.VDF : 8.11.166.208 5632 Bytes 12.08.2014 18:50:02
XBV00073.VDF : 8.11.166.210 6656 Bytes 12.08.2014 18:50:02
XBV00074.VDF : 8.11.166.212 215040 Bytes 12.08.2014 18:50:02
XBV00075.VDF : 8.11.166.216 29184 Bytes 12.08.2014 18:50:02
XBV00076.VDF : 8.11.166.222 22528 Bytes 12.08.2014 07:44:09
XBV00077.VDF : 8.11.166.226 10752 Bytes 13.08.2014 07:44:09
XBV00078.VDF : 8.11.166.228 2048 Bytes 13.08.2014 07:44:10
XBV00079.VDF : 8.11.166.230 12288 Bytes 13.08.2014 07:44:10
XBV00080.VDF : 8.11.166.232 223232 Bytes 13.08.2014 07:44:10
XBV00081.VDF : 8.11.166.234 10752 Bytes 13.08.2014 07:44:10
XBV00082.VDF : 8.11.166.236 2048 Bytes 13.08.2014 07:44:10
XBV00083.VDF : 8.11.166.238 224256 Bytes 13.08.2014 07:44:10
XBV00084.VDF : 8.11.166.240 11264 Bytes 13.08.2014 07:44:10
XBV00085.VDF : 8.11.166.242 2048 Bytes 13.08.2014 07:44:10
XBV00086.VDF : 8.11.166.244 41472 Bytes 13.08.2014 07:44:10
XBV00087.VDF : 8.11.166.250 8704 Bytes 13.08.2014 07:44:10
XBV00088.VDF : 8.11.167.16 209920 Bytes 14.08.2014 07:44:10
XBV00089.VDF : 8.11.167.34 203776 Bytes 14.08.2014 07:44:10
XBV00090.VDF : 8.11.167.54 5632 Bytes 14.08.2014 17:07:11
XBV00091.VDF : 8.11.167.76 2048 Bytes 14.08.2014 17:07:11
XBV00092.VDF : 8.11.167.96 35840 Bytes 14.08.2014 12:15:03
XBV00093.VDF : 8.11.167.98 204800 Bytes 14.08.2014 12:15:03
XBV00094.VDF : 8.11.167.100 2048 Bytes 14.08.2014 12:15:03
XBV00095.VDF : 8.11.167.102 2048 Bytes 14.08.2014 12:15:03
XBV00096.VDF : 8.11.167.106 19456 Bytes 14.08.2014 12:15:03
XBV00097.VDF : 8.11.167.108 2048 Bytes 14.08.2014 12:15:03
XBV00098.VDF : 8.11.167.110 2048 Bytes 14.08.2014 12:15:03
XBV00099.VDF : 8.11.167.116 207360 Bytes 15.08.2014 12:15:03
XBV00100.VDF : 8.11.167.118 13312 Bytes 15.08.2014 12:15:03
XBV00101.VDF : 8.11.167.120 28672 Bytes 15.08.2014 11:29:16
XBV00102.VDF : 8.11.167.122 2048 Bytes 15.08.2014 11:29:16
XBV00103.VDF : 8.11.167.124 2048 Bytes 15.08.2014 11:29:16
XBV00104.VDF : 8.11.167.126 2048 Bytes 15.08.2014 11:29:16
XBV00105.VDF : 8.11.167.130 251904 Bytes 15.08.2014 11:29:16
XBV00106.VDF : 8.11.167.132 20992 Bytes 16.08.2014 11:29:17
XBV00107.VDF : 8.11.167.154 33792 Bytes 16.08.2014 13:03:10
XBV00108.VDF : 8.11.167.174 229888 Bytes 17.08.2014 13:03:11
XBV00109.VDF : 8.11.167.176 201216 Bytes 17.08.2014 13:03:11
XBV00110.VDF : 8.11.167.194 32256 Bytes 17.08.2014 13:03:11
XBV00111.VDF : 8.11.167.196 2048 Bytes 17.08.2014 13:03:11
XBV00112.VDF : 8.11.167.200 35840 Bytes 18.08.2014 13:03:11
XBV00113.VDF : 8.11.167.202 6144 Bytes 18.08.2014 13:03:11
XBV00114.VDF : 8.11.167.204 2560 Bytes 18.08.2014 13:03:11
XBV00115.VDF : 8.11.167.206 207360 Bytes 18.08.2014 13:03:11
XBV00116.VDF : 8.11.167.208 16384 Bytes 18.08.2014 13:03:11
XBV00117.VDF : 8.11.167.210 201216 Bytes 18.08.2014 13:03:11
XBV00118.VDF : 8.11.167.212 212992 Bytes 18.08.2014 13:03:11
XBV00119.VDF : 8.11.167.218 219136 Bytes 18.08.2014 08:23:07
XBV00120.VDF : 8.11.167.222 2048 Bytes 18.08.2014 08:23:07
XBV00121.VDF : 8.11.167.226 8704 Bytes 18.08.2014 08:23:07
XBV00122.VDF : 8.11.167.230 14336 Bytes 19.08.2014 08:23:07
LOCAL000.VDF : 8.11.167.230 108868096 Bytes 19.08.2014 08:23:33
Engineversion : 8.3.24.14
AEVDF.DLL : 8.3.1.4 133992 Bytes 14.08.2014 17:07:11
AESCRIPT.DLL : 8.2.0.16 428912 Bytes 14.08.2014 17:07:11
AESCN.DLL : 8.3.2.2 139456 Bytes 22.07.2014 15:34:50
AESBX.DLL : 8.2.20.24 1409224 Bytes 08.05.2014 20:04:51
AERDL.DLL : 8.2.0.138 704888 Bytes 02.12.2013 22:34:10
AEPACK.DLL : 8.4.0.50 792488 Bytes 12.08.2014 18:49:55
AEOFFICE.DLL : 8.3.0.20 216104 Bytes 14.08.2014 17:07:11
AEHEUR.DLL : 8.1.4.1234 7370664 Bytes 18.08.2014 13:03:10
AEHELP.DLL : 8.3.1.0 278728 Bytes 29.05.2014 16:21:40
AEGEN.DLL : 8.1.7.28 450752 Bytes 06.06.2014 21:32:35
AEEXP.DLL : 8.4.2.22 244584 Bytes 12.08.2014 18:49:56
AEEMU.DLL : 8.1.3.4 399264 Bytes 12.08.2014 18:49:54
AEDROID.DLL : 8.4.2.24 442568 Bytes 05.06.2014 07:25:18
AECORE.DLL : 8.3.2.6 243712 Bytes 12.08.2014 18:49:53
AEBB.DLL : 8.1.2.0 60448 Bytes 12.08.2014 18:49:53
AVWINLL.DLL : 14.0.6.522 24144 Bytes 14.08.2014 06:56:10
AVPREF.DLL : 14.0.6.522 50256 Bytes 14.08.2014 06:56:13
AVREP.DLL : 14.0.6.522 219216 Bytes 14.08.2014 06:56:13
AVARKT.DLL : 14.0.5.368 226384 Bytes 03.07.2014 13:20:40
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 14.08.2014 06:56:12
SQLITE3.DLL : 14.0.6.522 452176 Bytes 14.08.2014 06:56:24
AVSMTP.DLL : 14.0.6.522 76368 Bytes 14.08.2014 06:56:14
NETNT.DLL : 14.0.6.522 13392 Bytes 14.08.2014 06:56:22
RCIMAGE.DLL : 14.0.6.544 4863568 Bytes 14.08.2014 06:56:11
RCTEXT.DLL : 14.0.6.536 74320 Bytes 14.08.2014 06:56:11
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Dienstag, 19. August 2014 11:45
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkBtMnt.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehmsas.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'SSScheduler.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'E_FATICAE.EXE' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehtray.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'TBNotifier.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtHDVCpl.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmdSync.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'MobileConnect.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'PdtWzd.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSASCui.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '9' Modul(e) wurden durchsucht
Durchsuche Prozess 'VMCService.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'LSSrvc.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'apnmcp.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '122' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'CompPtcVUI.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'upeksvr.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '146' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3201' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <ACER>
Beginne mit der Suche in 'D:\' <DATA>
Ende des Suchlaufs: Dienstag, 19. August 2014 13:37
Benötigte Zeit: 1:52:14 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
31118 Verzeichnisse wurden überprüft
1311064 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1311064 Dateien ohne Befall
6012 Archive wurden durchsucht
0 Warnungen
0 Hinweise
665098 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
|
|
21.08.2014, 16:47
| #2 |
| /// the machine /// TB-Ausbilder    | Vista: Infected.WebPage.Gen2 in Quarantäne hi,
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
22.08.2014, 11:10
| #3 |
| | Vista: Infected.WebPage.Gen2 in Quarantäne Hallo,
__________________Ich habe MBAM gedownload und dann gestartet. Dann hat Das programm nach update gesucht. Das Programm hat sich geschlossen und nun dreht sich auf dem Desktop Neben dem Cursor der blaue Kreis und das schon über eine halbe Stunde. befehle kann ich nicht mehr ausführen. Ich weiß nicht mehr weiter. Was soll ich jetzt machen? |
|
23.08.2014, 05:52
| #4 |
| /// the machine /// TB-Ausbilder | Vista: Infected.WebPage.Gen2 in Quarantäne Rechner hart neu starten, MBAM weglassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Vista: Infected.WebPage.Gen2 in Quarantäne |
| 4d36e972-e325-11ce-bfc1-08002be10318, antivir, antivirus, avira, branding, browser, computer, desktop, device driver, email, excel, firefox, flash player, hdd0(c:, helper, home, microsoft-6zu4-adapter, mozilla, popup, realtek, registry, required, scan, security, siteadvisor, software, svchost.exe, usb, virus, vista, windows |
