Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Searchqu im Firefox lässt sich nicht löschen! (https://www.trojaner-board.de/108122-searchqu-firefox-laesst-loeschen.html)

fenice 17.01.2012 15:20
In der Datei steht was von Google Chrome, ist das immer automatisch mit dabei? Denn ich habe an sich kein Google Chrome, also nicht dass ich wüsste!

fenice 17.01.2012 15:27
Code:
15:23:15.0839 1608        TDSS rootkit removing tool 2.7.3.0 Jan 16 2012 18:53:41
15:23:16.0088 1608        ============================================================
15:23:16.0088 1608        Current date / time: 2012/01/17 15:23:16.0088
15:23:16.0088 1608        SystemInfo:
15:23:16.0088 1608       
15:23:16.0088 1608        OS Version: 6.1.7601 ServicePack: 1.0
15:23:16.0088 1608        Product type: Workstation
15:23:16.0088 1608        ComputerName: GIOVA-PC
15:23:16.0088 1608        UserName: Giova
15:23:16.0088 1608        Windows directory: C:\Windows
15:23:16.0088 1608        System windows directory: C:\Windows
15:23:16.0088 1608        Running under WOW64
15:23:16.0088 1608        Processor architecture: Intel x64
15:23:16.0088 1608        Number of processors: 2
15:23:16.0088 1608        Page size: 0x1000
15:23:16.0088 1608        Boot type: Normal boot
15:23:16.0088 1608        ============================================================
15:23:19.0333 1608        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:23:19.0458 1608        Initialize success
15:24:26.0086 2640        ============================================================
15:24:26.0086 2640        Scan started
15:24:26.0086 2640        Mode: Manual; SigCheck; TDLFS;
15:24:26.0086 2640        ============================================================
15:24:26.0819 2640        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:24:26.0944 2640        1394ohci - ok
15:24:26.0991 2640        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:24:27.0006 2640        ACPI - ok
15:24:27.0100 2640        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:24:27.0240 2640        AcpiPmi - ok
15:24:27.0365 2640        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:24:27.0412 2640        adp94xx - ok
15:24:27.0521 2640        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:24:27.0552 2640        adpahci - ok
15:24:27.0568 2640        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:24:27.0583 2640        adpu320 - ok
15:24:27.0724 2640        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
15:24:27.0802 2640        AFD - ok
15:24:27.0895 2640        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:24:27.0911 2640        agp440 - ok
15:24:27.0958 2640        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:24:27.0973 2640        aliide - ok
15:24:28.0051 2640        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:24:28.0083 2640        amdide - ok
15:24:28.0114 2640        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:24:28.0223 2640        AmdK8 - ok
15:24:28.0301 2640        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:24:28.0363 2640        AmdPPM - ok
15:24:28.0473 2640        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:24:28.0504 2640        amdsata - ok
15:24:28.0551 2640        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:24:28.0582 2640        amdsbs - ok
15:24:28.0660 2640        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:24:28.0691 2640        amdxata - ok
15:24:28.0738 2640        AmUStor        (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
15:24:28.0800 2640        AmUStor - ok
15:24:28.0925 2640        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:24:29.0065 2640        AppID - ok
15:24:29.0175 2640        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:24:29.0190 2640        arc - ok
15:24:29.0206 2640        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:24:29.0221 2640        arcsas - ok
15:24:29.0253 2640        AsDsm          (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
15:24:29.0299 2640        AsDsm - ok
15:24:29.0362 2640        ASMMAP64        (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
15:24:29.0377 2640        ASMMAP64 - ok
15:24:29.0487 2640        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:24:29.0643 2640        AsyncMac - ok
15:24:29.0736 2640        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:24:29.0752 2640        atapi - ok
15:24:29.0814 2640        athr            (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
15:24:29.0923 2640        athr - ok
15:24:30.0033 2640        avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
15:24:30.0048 2640        avgntflt - ok
15:24:30.0064 2640        avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
15:24:30.0079 2640        avipbb - ok
15:24:30.0204 2640        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:24:30.0282 2640        b06bdrv - ok
15:24:30.0376 2640        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:24:30.0454 2640        b57nd60a - ok
15:24:30.0547 2640        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:24:30.0625 2640        Beep - ok
15:24:30.0735 2640        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:24:30.0781 2640        blbdrive - ok
15:24:30.0844 2640        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:24:30.0906 2640        bowser - ok
15:24:30.0984 2640        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:24:31.0062 2640        BrFiltLo - ok
15:24:31.0140 2640        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:24:31.0171 2640        BrFiltUp - ok
15:24:31.0187 2640        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:24:31.0249 2640        Brserid - ok
15:24:31.0327 2640        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:24:31.0374 2640        BrSerWdm - ok
15:24:31.0421 2640        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:24:31.0468 2640        BrUsbMdm - ok
15:24:31.0546 2640        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:24:31.0593 2640        BrUsbSer - ok
15:24:31.0639 2640        BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
15:24:31.0702 2640        BTCFilterService - ok
15:24:31.0764 2640        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:24:31.0811 2640        BTHMODEM - ok
15:24:31.0873 2640        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:24:31.0951 2640        cdfs - ok
15:24:32.0045 2640        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:24:32.0092 2640        cdrom - ok
15:24:32.0185 2640        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:24:32.0232 2640        circlass - ok
15:24:32.0310 2640        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:24:32.0341 2640        CLFS - ok
15:24:32.0482 2640        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:24:32.0529 2640        CmBatt - ok
15:24:32.0575 2640        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:24:32.0591 2640        cmdide - ok
15:24:32.0669 2640        CNG            (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
15:24:32.0731 2640        CNG - ok
15:24:32.0841 2640        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:24:32.0856 2640        Compbatt - ok
15:24:32.0903 2640        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:24:32.0950 2640        CompositeBus - ok
15:24:33.0028 2640        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:24:33.0059 2640        crcdisk - ok
15:24:33.0184 2640        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:24:33.0262 2640        DfsC - ok
15:24:33.0293 2640        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:24:33.0355 2640        discache - ok
15:24:33.0511 2640        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:24:33.0543 2640        Disk - ok
15:24:33.0574 2640        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:24:33.0605 2640        drmkaud - ok
15:24:33.0699 2640        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:24:33.0761 2640        DXGKrnl - ok
15:24:33.0917 2640        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:24:34.0089 2640        ebdrv - ok
15:24:34.0213 2640        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:24:34.0245 2640        elxstor - ok
15:24:34.0338 2640        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:24:34.0401 2640        ErrDev - ok
15:24:34.0510 2640        ETD            (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys
15:24:34.0588 2640        ETD - ok
15:24:34.0635 2640        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:24:34.0713 2640        exfat - ok
15:24:34.0775 2640        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:24:34.0837 2640        fastfat - ok
15:24:34.0884 2640        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:24:34.0915 2640        fdc - ok
15:24:35.0009 2640        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:24:35.0025 2640        FileInfo - ok
15:24:35.0056 2640        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:24:35.0118 2640        Filetrace - ok
15:24:35.0196 2640        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:24:35.0243 2640        flpydisk - ok
15:24:35.0290 2640        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:24:35.0321 2640        FltMgr - ok
15:24:35.0399 2640        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:24:35.0415 2640        FsDepends - ok
15:24:35.0493 2640        fssfltr        (2bf3b36b96d015af666b6aa63ae2e38f) C:\Windows\system32\DRIVERS\fssfltr.sys
15:24:35.0524 2640        fssfltr - ok
15:24:35.0586 2640        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:24:35.0602 2640        Fs_Rec - ok
15:24:35.0664 2640        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:24:35.0695 2640        fvevol - ok
15:24:35.0758 2640        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:24:35.0789 2640        gagp30kx - ok
15:24:35.0820 2640        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:24:35.0836 2640        GEARAspiWDM - ok
15:24:35.0867 2640        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:24:35.0914 2640        hcw85cir - ok
15:24:36.0007 2640        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:24:36.0070 2640        HdAudAddService - ok
15:24:36.0210 2640        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:24:36.0273 2640        HDAudBus - ok
15:24:36.0366 2640        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:24:36.0429 2640        HidBatt - ok
15:24:36.0475 2640        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:24:36.0538 2640        HidBth - ok
15:24:36.0647 2640        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:24:36.0709 2640        HidIr - ok
15:24:36.0803 2640        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:24:36.0834 2640        HidUsb - ok
15:24:36.0881 2640        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:24:36.0897 2640        HpSAMD - ok
15:24:37.0006 2640        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:24:37.0099 2640        HTTP - ok
15:24:37.0162 2640        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:24:37.0193 2640        hwpolicy - ok
15:24:37.0240 2640        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:24:37.0271 2640        i8042prt - ok
15:24:37.0365 2640        iaStor          (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
15:24:37.0380 2640        iaStor - ok
15:24:37.0443 2640        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:24:37.0474 2640        iaStorV - ok
15:24:37.0801 2640        igfx            (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:24:38.0238 2640        igfx - ok
15:24:38.0316 2640        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:24:38.0347 2640        iirsp - ok
15:24:38.0410 2640        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:24:38.0441 2640        intelide - ok
15:24:38.0472 2640        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:24:38.0503 2640        intelppm - ok
15:24:38.0566 2640        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:24:38.0644 2640        IpFilterDriver - ok
15:24:38.0691 2640        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:24:38.0753 2640        IPMIDRV - ok
15:24:38.0831 2640        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:24:38.0893 2640        IPNAT - ok
15:24:39.0003 2640        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:24:39.0049 2640        IRENUM - ok
15:24:39.0096 2640        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:24:39.0112 2640        isapnp - ok
15:24:39.0205 2640        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:24:39.0237 2640        iScsiPrt - ok
15:24:39.0252 2640        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:24:39.0268 2640        kbdclass - ok
15:24:39.0361 2640        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:24:39.0424 2640        kbdhid - ok
15:24:39.0455 2640        kbfiltr        (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
15:24:39.0471 2640        kbfiltr - ok
15:24:39.0549 2640        KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
15:24:39.0580 2640        KSecDD - ok
15:24:39.0611 2640        KSecPkg        (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
15:24:39.0627 2640        KSecPkg - ok
15:24:39.0705 2640        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:24:39.0783 2640        ksthunk - ok
15:24:39.0892 2640        L1E            (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
15:24:39.0923 2640        L1E - ok
15:24:40.0017 2640        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:24:40.0110 2640        lltdio - ok
15:24:40.0219 2640        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:24:40.0251 2640        LSI_FC - ok
15:24:40.0266 2640        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:24:40.0282 2640        LSI_SAS - ok
15:24:40.0297 2640        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:24:40.0313 2640        LSI_SAS2 - ok
15:24:40.0329 2640        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:24:40.0344 2640        LSI_SCSI - ok
15:24:40.0375 2640        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:24:40.0438 2640        luafv - ok
15:24:40.0516 2640        lullaby        (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
15:24:40.0531 2640        lullaby - ok
15:24:40.0578 2640        MBAMProtector  (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
15:24:40.0594 2640        MBAMProtector - ok
15:24:40.0719 2640        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:24:40.0750 2640        megasas - ok
15:24:40.0781 2640        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:24:40.0797 2640        MegaSR - ok
15:24:40.0812 2640        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:24:40.0875 2640        Modem - ok
15:24:40.0968 2640        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:24:40.0999 2640        monitor - ok
15:24:41.0031 2640        motccgp        (93f5adcad940111f6d4d71ae1d9ec7f6) C:\Windows\system32\DRIVERS\motccgp.sys
15:24:41.0109 2640        motccgp - ok
15:24:41.0187 2640        motccgpfl      (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
15:24:41.0233 2640        motccgpfl - ok
15:24:41.0265 2640        motmodem        (db83dc223b9133da3e41afcbdecc46b5) C:\Windows\system32\DRIVERS\motmodem.sys
15:24:41.0467 2640        motmodem - ok
15:24:41.0561 2640        MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
15:24:41.0608 2640        MotoSwitchService - ok
15:24:41.0655 2640        Motousbnet      (87701078c3f720ac7a028e937994cc49) C:\Windows\system32\DRIVERS\Motousbnet.sys
15:24:41.0701 2640        Motousbnet - ok
15:24:41.0779 2640        motusbdevice    (307727f9829fb46ff4be0e4d1dac5002) C:\Windows\system32\DRIVERS\motusbdevice.sys
15:24:41.0842 2640        motusbdevice - ok
15:24:41.0889 2640        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:24:41.0904 2640        mouclass - ok
15:24:41.0982 2640        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:24:42.0029 2640        mouhid - ok
15:24:42.0076 2640        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:24:42.0107 2640        mountmgr - ok
15:24:42.0185 2640        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:24:42.0216 2640        mpio - ok
15:24:42.0232 2640        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:24:42.0294 2640        mpsdrv - ok
15:24:42.0372 2640        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:24:42.0497 2640        MRxDAV - ok
15:24:42.0575 2640        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:24:42.0653 2640        mrxsmb - ok
15:24:42.0684 2640        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:24:42.0715 2640        mrxsmb10 - ok
15:24:42.0809 2640        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:24:42.0856 2640        mrxsmb20 - ok
15:24:42.0887 2640        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:24:42.0903 2640        msahci - ok
15:24:42.0981 2640        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:24:43.0012 2640        msdsm - ok
15:24:43.0043 2640        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:24:43.0090 2640        Msfs - ok
15:24:43.0168 2640        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:24:43.0230 2640        mshidkmdf - ok
15:24:43.0261 2640        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:24:43.0277 2640        msisadrv - ok
15:24:43.0371 2640        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:24:43.0417 2640        MSKSSRV - ok
15:24:43.0449 2640        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:24:43.0495 2640        MSPCLOCK - ok
15:24:43.0589 2640        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:24:43.0667 2640        MSPQM - ok
15:24:43.0698 2640        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:24:43.0729 2640        MsRPC - ok
15:24:43.0807 2640        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:24:43.0823 2640        mssmbios - ok
15:24:43.0870 2640        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:24:43.0948 2640        MSTEE - ok
15:24:44.0026 2640        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:24:44.0073 2640        MTConfig - ok
15:24:44.0166 2640        MTsensor        (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
15:24:44.0182 2640        MTsensor - ok
15:24:44.0197 2640        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:24:44.0229 2640        Mup - ok
15:24:44.0353 2640        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:24:44.0447 2640        NativeWifiP - ok
15:24:44.0494 2640        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:24:44.0525 2640        NDIS - ok
15:24:44.0603 2640        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:24:44.0665 2640        NdisCap - ok
15:24:44.0712 2640        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:24:44.0759 2640        NdisTapi - ok
15:24:44.0837 2640        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:24:44.0915 2640        Ndisuio - ok
15:24:44.0946 2640        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:24:45.0009 2640        NdisWan - ok
15:24:45.0102 2640        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:24:45.0180 2640        NDProxy - ok
15:24:45.0274 2640        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:24:45.0352 2640        NetBIOS - ok
15:24:45.0383 2640        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:24:45.0461 2640        NetBT - ok
15:24:45.0570 2640        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:24:45.0601 2640        nfrd960 - ok
15:24:45.0648 2640        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:24:45.0695 2640        Npfs - ok
15:24:45.0789 2640        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:24:45.0867 2640        nsiproxy - ok
15:24:45.0929 2640        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:24:45.0991 2640        Ntfs - ok
15:24:46.0069 2640        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:24:46.0147 2640        Null - ok
15:24:46.0225 2640        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:24:46.0257 2640        nvraid - ok
15:24:46.0272 2640        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:24:46.0288 2640        nvstor - ok
15:24:46.0303 2640        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:24:46.0335 2640        nv_agp - ok
15:24:46.0537 2640        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:24:46.0600 2640        ohci1394 - ok
15:24:46.0725 2640        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:24:46.0787 2640        Parport - ok
15:24:46.0865 2640        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:24:46.0896 2640        partmgr - ok
15:24:46.0974 2640        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:24:47.0005 2640        pci - ok
15:24:47.0052 2640        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:24:47.0068 2640        pciide - ok
15:24:47.0130 2640        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:24:47.0161 2640        pcmcia - ok
15:24:47.0177 2640        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:24:47.0193 2640        pcw - ok
15:24:47.0224 2640        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:24:47.0302 2640        PEAUTH - ok
15:24:47.0427 2640        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:24:47.0536 2640        PptpMiniport - ok
15:24:47.0567 2640        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:24:47.0598 2640        Processor - ok
15:24:47.0692 2640        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:24:47.0754 2640        Psched - ok
15:24:47.0832 2640        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:24:47.0879 2640        ql2300 - ok
15:24:47.0957 2640        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:24:47.0988 2640        ql40xx - ok
15:24:48.0004 2640        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:24:48.0066 2640        QWAVEdrv - ok
15:24:48.0144 2640        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:24:48.0222 2640        RasAcd - ok
15:24:48.0253 2640        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:24:48.0316 2640        RasAgileVpn - ok
15:24:48.0394 2640        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:24:48.0487 2640        Rasl2tp - ok
15:24:48.0534 2640        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:24:48.0597 2640        RasPppoe - ok
15:24:48.0675 2640        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:24:48.0737 2640        RasSstp - ok
15:24:48.0784 2640        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:24:48.0846 2640        rdbss - ok
15:24:48.0924 2640        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:24:48.0971 2640        rdpbus - ok
15:24:49.0018 2640        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:24:49.0065 2640        RDPCDD - ok
15:24:49.0143 2640        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:24:49.0205 2640        RDPENCDD - ok
15:24:49.0252 2640        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:24:49.0299 2640        RDPREFMP - ok
15:24:49.0377 2640        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:24:49.0470 2640        RDPWD - ok
15:24:49.0517 2640        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:24:49.0564 2640        rdyboost - ok
15:24:49.0642 2640        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:24:49.0704 2640        rspndr - ok
15:24:49.0751 2640        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:24:49.0767 2640        sbp2port - ok
15:24:49.0845 2640        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:24:49.0907 2640        scfilter - ok
15:24:50.0032 2640        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:24:50.0094 2640        secdrv - ok
15:24:50.0141 2640        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:24:50.0157 2640        Serenum - ok
15:24:50.0250 2640        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:24:50.0297 2640        Serial - ok
15:24:50.0328 2640        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:24:50.0375 2640        sermouse - ok
15:24:50.0500 2640        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:24:50.0547 2640        sffdisk - ok
15:24:50.0562 2640        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:24:50.0593 2640        sffp_mmc - ok
15:24:50.0687 2640        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:24:50.0718 2640        sffp_sd - ok
15:24:50.0765 2640        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:24:50.0796 2640        sfloppy - ok
15:24:50.0890 2640        Sftfs          (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:24:50.0937 2640        Sftfs - ok
15:24:51.0015 2640        Sftplay        (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:24:51.0046 2640        Sftplay - ok
15:24:51.0061 2640        Sftredir        (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:24:51.0077 2640        Sftredir - ok
15:24:51.0108 2640        Sftvol          (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:24:51.0124 2640        Sftvol - ok
15:24:51.0217 2640        SiSGbeLH        (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
15:24:51.0249 2640        SiSGbeLH - ok
15:24:51.0280 2640        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:24:51.0295 2640        SiSRaid2 - ok
15:24:51.0295 2640        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:24:51.0311 2640        SiSRaid4 - ok
15:24:51.0327 2640        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:24:51.0373 2640        Smb - ok
15:24:51.0576 2640        SNP2UVC        (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
15:24:51.0623 2640        SNP2UVC - ok
15:24:51.0701 2640        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:24:51.0732 2640        spldr - ok
15:24:51.0795 2640        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:24:51.0857 2640        srv - ok
15:24:51.0951 2640        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:24:52.0013 2640        srv2 - ok
15:24:52.0044 2640        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:24:52.0091 2640        srvnet - ok
15:24:52.0200 2640        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:24:52.0216 2640        stexstor - ok
15:24:52.0247 2640        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:24:52.0263 2640        swenum - ok
15:24:52.0450 2640        Tcpip          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:24:52.0543 2640        Tcpip - ok
15:24:52.0684 2640        TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:24:52.0731 2640        TCPIP6 - ok
15:24:52.0809 2640        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:24:52.0871 2640        tcpipreg - ok
15:24:52.0902 2640        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:24:52.0965 2640        TDPIPE - ok
15:24:53.0043 2640        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:24:53.0089 2640        TDTCP - ok
15:24:53.0121 2640        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:24:53.0183 2640        tdx - ok
15:24:53.0261 2640        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:24:53.0292 2640        TermDD - ok
15:24:53.0417 2640        tmpreflt        (803ee35df92815ea5d41cee7410c8cc1) C:\Windows\system32\DRIVERS\tmpreflt.sys
15:24:53.0433 2640        tmpreflt - ok
15:24:53.0495 2640        tmtdi          (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
15:24:53.0526 2640        tmtdi - ok
15:24:53.0620 2640        tmxpflt        (9bd32132a3470cefb3cbea5fa492bd6f) C:\Windows\system32\DRIVERS\tmxpflt.sys
15:24:53.0651 2640        tmxpflt - ok
15:24:53.0682 2640        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:53.0745 2640        tssecsrv - ok
15:24:53.0854 2640        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:24:53.0963 2640        TsUsbFlt - ok
15:24:54.0057 2640        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:24:54.0119 2640        tunnel - ok
15:24:54.0166 2640        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:24:54.0197 2640        uagp35 - ok
15:24:54.0291 2640        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:24:54.0369 2640        udfs - ok
15:24:54.0431 2640        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:24:54.0447 2640        uliagpkx - ok
15:24:54.0540 2640        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:24:54.0603 2640        umbus - ok
15:24:54.0634 2640        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:24:54.0665 2640        UmPass - ok
15:24:54.0759 2640        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:24:54.0805 2640        USBAAPL64 - ok
15:24:54.0837 2640        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:54.0899 2640        usbccgp - ok
15:24:54.0977 2640        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:24:55.0039 2640        usbcir - ok
15:24:55.0055 2640        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:24:55.0102 2640        usbehci - ok
15:24:55.0195 2640        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:24:55.0242 2640        usbhub - ok
15:24:55.0273 2640        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:24:55.0289 2640        usbohci - ok
15:24:55.0367 2640        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:24:55.0445 2640        usbprint - ok
15:24:55.0492 2640        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:24:55.0539 2640        USBSTOR - ok
15:24:55.0617 2640        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
15:24:55.0663 2640        usbuhci - ok
15:24:55.0757 2640        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:24:55.0804 2640        usbvideo - ok
15:24:55.0851 2640        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:24:55.0866 2640        vdrvroot - ok
15:24:55.0960 2640        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:55.0991 2640        vga - ok
15:24:56.0007 2640        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:24:56.0069 2640        VgaSave - ok
15:24:56.0147 2640        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:24:56.0163 2640        vhdmp - ok
15:24:56.0241 2640        VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
15:24:56.0303 2640        VIAHdAudAddService - ok
15:24:56.0381 2640        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:24:56.0412 2640        viaide - ok
15:24:56.0459 2640        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:24:56.0490 2640        volmgr - ok
15:24:56.0537 2640        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:24:56.0568 2640        volmgrx - ok
15:24:56.0724 2640        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:24:56.0755 2640        volsnap - ok
15:24:56.0880 2640        vsapint        (b01ce1f5a44126892240d179a6dbd43f) C:\Windows\system32\DRIVERS\vsapint.sys
15:24:56.0927 2640        vsapint - ok
15:24:57.0036 2640        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:24:57.0067 2640        vsmraid - ok
15:24:57.0099 2640        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:24:57.0161 2640        vwifibus - ok
15:24:57.0239 2640        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:24:57.0301 2640        vwififlt - ok
15:24:57.0426 2640        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:24:57.0457 2640        WacomPen - ok
15:24:57.0598 2640        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:24:57.0660 2640        WANARP - ok
15:24:57.0676 2640        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:24:57.0723 2640        Wanarpv6 - ok
15:24:57.0816 2640        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:24:57.0832 2640        Wd - ok
15:24:57.0863 2640        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:24:57.0894 2640        Wdf01000 - ok
15:24:57.0988 2640        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:24:58.0035 2640        WfpLwf - ok
15:24:58.0066 2640        WimFltr        (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
15:24:58.0081 2640        WimFltr - ok
15:24:58.0097 2640        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:24:58.0113 2640        WIMMount - ok
15:24:58.0206 2640        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:24:58.0269 2640        WinUsb - ok
15:24:58.0284 2640        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:24:58.0315 2640        WmiAcpi - ok
15:24:58.0440 2640        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:24:58.0534 2640        ws2ifsl - ok
15:24:58.0596 2640        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:24:58.0643 2640        WudfPf - ok
15:24:58.0752 2640        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:58.0815 2640        WUDFRd - ok
15:24:58.0861 2640        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:24:59.0033 2640        \Device\Harddisk0\DR0 - ok
15:24:59.0049 2640        Boot (0x1200)  (59952d097d67c673b68adf5157202de0) \Device\Harddisk0\DR0\Partition0
15:24:59.0049 2640        \Device\Harddisk0\DR0\Partition0 - ok
15:24:59.0080 2640        Boot (0x1200)  (d982282d8b171e6c91431bb3294c2b2c) \Device\Harddisk0\DR0\Partition1
15:24:59.0080 2640        \Device\Harddisk0\DR0\Partition1 - ok
15:24:59.0095 2640        ============================================================
15:24:59.0095 2640        Scan finished
15:24:59.0095 2640        ============================================================
15:24:59.0111 0572        Detected object count: 0
15:24:59.0111 0572        Actual detected object count: 0

cosinus 17.01.2012 15:40
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

fenice 17.01.2012 17:17
Die Ausführung hat irgendwie länger gedauert, nach dem das Log erstellt wurde konnte ich keine Programme mehr öffnen und habe den Computer neu gestartet, jetzt kann ich sie wieder normal öffnen.
Hier das Log:
[code]
Combofix Logfile:
Code:
ComboFix 12-01-17.01 - Giova 17.01.2012  15:47:28.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4061.2623 [GMT 1:00]
ausgeführt von:: c:\users\Giova\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Trend Micro Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\programdata\FullRemove.exe
c:\users\Giova\Documents\~WRL0003.tmp
c:\users\Giova\Documents\~WRL0004.tmp
c:\users\Giova\Documents\~WRL0005.tmp
c:\users\Giova\Documents\~WRL0635.tmp
c:\users\Giova\Documents\~WRL1547.tmp
c:\users\Giova\Documents\~WRL3255.tmp
c:\users\Giova\Documents\~WRL3670.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-12-17 bis 2012-01-17  ))))))))))))))))))))))))))))))
.
.
2012-01-17 15:51 . 2012-01-17 15:51        69000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E54FE8ED-ECA6-40A3-9937-DB1BFB16D616}\offreg.dll
2012-01-17 15:46 . 2012-01-17 15:46        --------        d-----w-        c:\users\Gast\AppData\Local\temp
2012-01-17 15:46 . 2012-01-17 15:46        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-01-17 14:10 . 2012-01-17 14:10        --------        d-----w-        C:\_OTL
2012-01-17 11:42 . 2011-11-21 11:40        8822856        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E54FE8ED-ECA6-40A3-9937-DB1BFB16D616}\mpengine.dll
2012-01-16 20:53 . 2012-01-16 20:53        --------        d-----w-        c:\program files (x86)\ESET
2012-01-16 20:00 . 2012-01-16 20:00        --------        d-----w-        c:\users\Giova\AppData\Roaming\Malwarebytes
2012-01-16 19:59 . 2012-01-16 19:59        --------        d-----w-        c:\programdata\Malwarebytes
2012-01-16 19:59 . 2011-12-10 14:24        23152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-01-16 19:59 . 2012-01-16 19:59        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-13 19:57 . 2011-12-08 12:28        311296        ----a-w-        c:\windows\SysWow64\TubeFinder.exe
2012-01-13 19:57 . 2011-09-28 08:18        9728        ----a-w-        c:\windows\SysWow64\PCCLPFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18        84512        ----a-w-        c:\windows\SysWow64\PICCLP32.OCX
2012-01-13 19:57 . 2011-09-28 08:18        364544        ----a-w-        c:\windows\SysWow64\PropertyGrid.ocx
2012-01-13 19:57 . 2011-09-28 08:18        141312        ----a-w-        c:\windows\SysWow64\MSCMCFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18        119568        ----a-w-        c:\windows\SysWow64\VB6FR.DLL
2012-01-13 19:57 . 2011-09-28 08:18        1081616        ----a-w-        c:\windows\SysWow64\mscomctl.ocx
2012-01-13 19:57 . 2011-09-28 08:18        101888        ----a-w-        c:\windows\SysWow64\VB6STKIT.DLL
2012-01-13 19:57 . 2011-09-28 08:18        32768        ----a-w-        c:\windows\SysWow64\CMDLGFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18        24576        ----a-w-        c:\windows\SysWow64\ControlSubX.ocx
2012-01-13 19:57 . 2011-09-28 08:18        152848        ----a-w-        c:\windows\SysWow64\COMDLG32.OCX
2012-01-13 19:57 . 2012-01-13 19:58        --------        d-----w-        c:\users\Giova\AppData\Roaming\FreeFLVConverter
2012-01-12 16:41 . 2012-01-12 16:41        --------        d-----r-        c:\program files (x86)\Skype
2012-01-11 11:42 . 2011-10-26 05:25        1572864        ----a-w-        c:\windows\system32\quartz.dll
2012-01-11 11:42 . 2011-10-26 04:32        1328128        ----a-w-        c:\windows\SysWow64\quartz.dll
2012-01-11 11:42 . 2011-10-26 05:25        366592        ----a-w-        c:\windows\system32\qdvd.dll
2012-01-11 11:42 . 2011-10-26 04:32        514560        ----a-w-        c:\windows\SysWow64\qdvd.dll
2012-01-11 11:42 . 2011-11-17 06:41        1731920        ----a-w-        c:\windows\system32\ntdll.dll
2012-01-11 11:42 . 2011-11-17 05:38        1292080        ----a-w-        c:\windows\SysWow64\ntdll.dll
2012-01-11 11:42 . 2011-11-19 14:58        77312        ----a-w-        c:\windows\system32\packager.dll
2012-01-11 11:42 . 2011-11-19 14:01        67072        ----a-w-        c:\windows\SysWow64\packager.dll
2012-01-01 19:45 . 2012-01-01 19:45        --------        d-----w-        c:\users\Giova\AppData\Local\DDMSettings
2011-12-26 21:22 . 2011-12-26 21:22        --------        d-----w-        c:\users\Giova\AppData\Local\MetaGeek,_LLC
2011-12-19 21:09 . 2011-12-19 21:10        --------        d-----w-        c:\program files\iTunes
2011-12-19 21:09 . 2011-12-19 21:10        --------        d-----w-        c:\program files (x86)\iTunes
2011-12-19 21:09 . 2011-12-19 21:09        --------        d-----w-        c:\program files\iPod
2011-12-19 12:19 . 2011-12-19 12:19        --------        d-----w-        c:\users\Gast\AppData\Local\Microsoft Games
2011-12-19 07:39 . 2011-12-19 08:31        --------        d-----w-        c:\users\Gast\AppData\Local\Adobe
2011-12-18 21:42 . 2011-12-18 21:43        --------        d-----w-        c:\users\Gast\AppData\Roaming\vlc
2011-12-18 15:53 . 2011-12-18 15:53        --------        d-----w-        c:\users\Gast\AppData\Local\Mozilla
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-17 14:17 . 2011-06-09 19:55        414368        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-24 04:52 . 2011-12-15 01:09        3145216        ----a-w-        c:\windows\system32\win32k.sys
2011-11-05 05:41 . 2011-12-15 01:09        1188864        ----a-w-        c:\windows\system32\wininet.dll
2011-11-05 05:32 . 2011-12-15 01:08        2048        ----a-w-        c:\windows\system32\tzres.dll
2011-11-05 04:35 . 2011-12-15 01:09        981504        ----a-w-        c:\windows\SysWow64\wininet.dll
2011-11-05 04:26 . 2011-12-15 01:08        2048        ----a-w-        c:\windows\SysWow64\tzres.dll
2011-11-05 03:32 . 2011-12-15 01:09        1638912        ----a-w-        c:\windows\system32\mshtml.tlb
2011-11-05 02:48 . 2011-12-15 01:09        1638912        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2011-10-26 05:21 . 2011-12-15 01:09        43520        ----a-w-        c:\windows\system32\csrsrv.dll
2011-10-20 23:26 . 2011-10-20 23:26        94208        ----a-w-        c:\windows\SysWow64\dpl100.dll
2009-04-08 17:31 . 2009-04-08 17:31        106496        ----a-w-        c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45        155648        ----a-w-        c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08        143360        ----a-w-        c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 19550344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-06-29 2429]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-11-03 220744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Giova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-6-29 12862]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-6-29 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SmileyCentral_1vService;SmileyCentral Service;c:\progra~2\SMILEY~2\bar\1.bin\1vbarsvc.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2010-02-23 917768]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-09-07 202048]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 tmpreflt;tmpreflt;c:\windows\system32\DRIVERS\tmpreflt.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-01-16 c:\windows\Tasks\Norton Security Scan for Giova.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-11 13:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52        159744        ----a-w-        c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-02-23 1022904]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: Free YouTube Download - c:\users\Giova\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Giova\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 195.58.161.122 195.58.160.194
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
FF - ProfilePath - c:\users\Giova\AppData\Roaming\Mozilla\Firefox\Profiles\odoyzwri.default\
FF - prefs.js: browser.startup.homepage - hxxps://online.uni-salzburg.at/plus_online/webnav.ini
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-Searchqu 413 MediaBar - c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstallTB.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-17  17:08:54 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-01-17 16:08
.
Vor Suchlauf: 1.535.299.584 Bytes frei
Nach Suchlauf: 1.930.321.920 Bytes frei
.
- - End Of File - - 0D7C4122433CF7276D6810045C4C927C
--- --- ---

cosinus 17.01.2012 21:29
Zitat:
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E
Hast du wirklich Avira und TrendMicro gleichzeitig installiert? :(
Sowas geht nicht, bitte umgehend einen der beiden deinstallieren

fenice 17.01.2012 21:47
Ich hab nur Avira installiert, Trendmicro war wohl schon drauf. Passt es wenn ich es Trendmicro mit dem Ccleaner deinstalliere? Soll ich es danach auch entfernen oder reicht deinstallieren?

cosinus 17.01.2012 22:16
Bitte komplett deinstallieren. Den CCleaner kannst du nutzen, aber Finger von vom Registry-Cleaner!

fenice 17.01.2012 22:25
Ok, Trendmicro ist weg und der Computer wurde neu gestartet. Was soll ich jetzt tun?

cosinus 17.01.2012 22:28
Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
Dirlook::
c:\users\Giova\AppData\Local\DDMSettings
c:\users\Giova\AppData\Local\MetaGeek,_LLC
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

http://users.pandora.be/bluepatchy/m...s/CFScript.gif

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

fenice 17.01.2012 23:15
[code]
Combofix Logfile:
Code:
ComboFix 12-01-17.01 - Giova 17.01.2012  22:34:39.2.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4061.2453 [GMT 1:00]
ausgeführt von:: c:\users\Giova\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Giova\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-12-17 bis 2012-01-17  ))))))))))))))))))))))))))))))
.
.
2012-01-17 21:52 . 2012-01-17 21:52        69000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E54FE8ED-ECA6-40A3-9937-DB1BFB16D616}\offreg.dll
2012-01-17 21:47 . 2012-01-17 21:47        --------        d-----w-        c:\users\Gast\AppData\Local\temp
2012-01-17 21:47 . 2012-01-17 21:47        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-01-17 14:10 . 2012-01-17 14:10        --------        d-----w-        C:\_OTL
2012-01-17 11:42 . 2011-11-21 11:40        8822856        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E54FE8ED-ECA6-40A3-9937-DB1BFB16D616}\mpengine.dll
2012-01-16 20:53 . 2012-01-16 20:53        --------        d-----w-        c:\program files (x86)\ESET
2012-01-16 20:00 . 2012-01-16 20:00        --------        d-----w-        c:\users\Giova\AppData\Roaming\Malwarebytes
2012-01-16 19:59 . 2012-01-16 19:59        --------        d-----w-        c:\programdata\Malwarebytes
2012-01-16 19:59 . 2011-12-10 14:24        23152        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-01-16 19:59 . 2012-01-16 19:59        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-13 19:57 . 2011-12-08 12:28        311296        ----a-w-        c:\windows\SysWow64\TubeFinder.exe
2012-01-13 19:57 . 2011-09-28 08:18        9728        ----a-w-        c:\windows\SysWow64\PCCLPFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18        84512        ----a-w-        c:\windows\SysWow64\PICCLP32.OCX
2012-01-13 19:57 . 2011-09-28 08:18        364544        ----a-w-        c:\windows\SysWow64\PropertyGrid.ocx
2012-01-13 19:57 . 2011-09-28 08:18        141312        ----a-w-        c:\windows\SysWow64\MSCMCFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18        119568        ----a-w-        c:\windows\SysWow64\VB6FR.DLL
2012-01-13 19:57 . 2011-09-28 08:18        1081616        ----a-w-        c:\windows\SysWow64\mscomctl.ocx
2012-01-13 19:57 . 2011-09-28 08:18        101888        ----a-w-        c:\windows\SysWow64\VB6STKIT.DLL
2012-01-13 19:57 . 2011-09-28 08:18        32768        ----a-w-        c:\windows\SysWow64\CMDLGFR.DLL
2012-01-13 19:57 . 2011-09-28 08:18        24576        ----a-w-        c:\windows\SysWow64\ControlSubX.ocx
2012-01-13 19:57 . 2011-09-28 08:18        152848        ----a-w-        c:\windows\SysWow64\COMDLG32.OCX
2012-01-13 19:57 . 2012-01-13 19:58        --------        d-----w-        c:\users\Giova\AppData\Roaming\FreeFLVConverter
2012-01-12 16:41 . 2012-01-12 16:41        --------        d-----r-        c:\program files (x86)\Skype
2012-01-11 11:42 . 2011-10-26 05:25        1572864        ----a-w-        c:\windows\system32\quartz.dll
2012-01-11 11:42 . 2011-10-26 04:32        1328128        ----a-w-        c:\windows\SysWow64\quartz.dll
2012-01-11 11:42 . 2011-10-26 05:25        366592        ----a-w-        c:\windows\system32\qdvd.dll
2012-01-11 11:42 . 2011-10-26 04:32        514560        ----a-w-        c:\windows\SysWow64\qdvd.dll
2012-01-11 11:42 . 2011-11-17 06:41        1731920        ----a-w-        c:\windows\system32\ntdll.dll
2012-01-11 11:42 . 2011-11-17 05:38        1292080        ----a-w-        c:\windows\SysWow64\ntdll.dll
2012-01-11 11:42 . 2011-11-19 14:58        77312        ----a-w-        c:\windows\system32\packager.dll
2012-01-11 11:42 . 2011-11-19 14:01        67072        ----a-w-        c:\windows\SysWow64\packager.dll
2012-01-01 19:45 . 2012-01-01 19:45        --------        d-----w-        c:\users\Giova\AppData\Local\DDMSettings
2011-12-26 21:22 . 2011-12-26 21:22        --------        d-----w-        c:\users\Giova\AppData\Local\MetaGeek,_LLC
2011-12-19 21:09 . 2011-12-19 21:10        --------        d-----w-        c:\program files\iTunes
2011-12-19 21:09 . 2011-12-19 21:10        --------        d-----w-        c:\program files (x86)\iTunes
2011-12-19 21:09 . 2011-12-19 21:09        --------        d-----w-        c:\program files\iPod
2011-12-19 12:19 . 2011-12-19 12:19        --------        d-----w-        c:\users\Gast\AppData\Local\Microsoft Games
2011-12-19 07:39 . 2011-12-19 08:31        --------        d-----w-        c:\users\Gast\AppData\Local\Adobe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-17 14:17 . 2011-06-09 19:55        414368        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-24 04:52 . 2011-12-15 01:09        3145216        ----a-w-        c:\windows\system32\win32k.sys
2011-11-05 05:41 . 2011-12-15 01:09        1188864        ----a-w-        c:\windows\system32\wininet.dll
2011-11-05 05:32 . 2011-12-15 01:08        2048        ----a-w-        c:\windows\system32\tzres.dll
2011-11-05 04:35 . 2011-12-15 01:09        981504        ----a-w-        c:\windows\SysWow64\wininet.dll
2011-11-05 04:26 . 2011-12-15 01:08        2048        ----a-w-        c:\windows\SysWow64\tzres.dll
2011-11-05 03:32 . 2011-12-15 01:09        1638912        ----a-w-        c:\windows\system32\mshtml.tlb
2011-11-05 02:48 . 2011-12-15 01:09        1638912        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2011-10-26 05:21 . 2011-12-15 01:09        43520        ----a-w-        c:\windows\system32\csrsrv.dll
2011-10-20 23:26 . 2011-10-20 23:26        94208        ----a-w-        c:\windows\SysWow64\dpl100.dll
2009-04-08 17:31 . 2009-04-08 17:31        106496        ----a-w-        c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45        155648        ----a-w-        c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((((((((((((((((((  Look  )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Giova\AppData\Local\DDMSettings ----
.
2012-01-01 19:45 . 2012-01-06 11:56        186        ----a-w-        c:\users\Giova\AppData\Local\DDMSettings\settings.ddi
.
---- Directory of c:\users\Giova\AppData\Local\MetaGeek,_LLC ----
.
2011-12-26 21:22 . 2011-12-26 21:22        2260        ----a-w-        c:\users\Giova\AppData\Local\MetaGeek,_LLC\inSSIDer.exe_Url_umwk0c2hi3qlqzox2wrhwjzw4bansefp\2.0.7.126\user.config
.
.
(((((((((((((((((((((((((((((  SnapShot@2012-01-17_15.49.46  )))))))))))))))))))))))))))))))))))))))))
.
- 2012-01-17 15:47 . 2012-01-17 15:47        13318              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2012-01-17 21:48 . 2012-01-17 21:48        13318              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2012-01-17 15:48        32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-17 21:48        32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-17 21:48        49152              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-17 15:48        49152              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-17 21:48        32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-17 15:48        32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-29 21:23 . 2012-01-17 21:50        41588              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-17 21:50        39126              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:30 . 2012-01-17 21:19        86016              c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-12-22 19:06        86016              c:\windows\system32\DriverStore\infpub.dat
- 2010-09-09 09:26 . 2012-01-17 15:49        16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-09 09:26 . 2012-01-17 21:48        16384              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-01-17 14:14 . 2012-01-17 21:48        32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-01-17 14:14 . 2012-01-17 15:49        32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-17 21:48        16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-17 15:49        16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-08 18:41 . 2012-01-17 14:17        16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-08 18:41 . 2012-01-17 21:23        16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-08 18:41 . 2012-01-17 14:17        32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-08 18:41 . 2012-01-17 21:23        32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-09-08 18:41 . 2012-01-17 14:17        16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-08 18:41 . 2012-01-17 21:23        16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-08 18:36 . 2012-01-17 15:08        16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-08 18:36 . 2012-01-17 21:23        16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-08 18:36 . 2012-01-17 15:08        16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-08 18:36 . 2012-01-17 21:23        16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-19 14:20 . 2012-01-17 14:13        7876              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-09-19 14:20 . 2012-01-17 21:20        7876              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2010-09-08 18:41 . 2012-01-17 21:50        8790              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-31118504-3028418663-3128556308-1001_UserData.bin
+ 2012-01-17 21:48 . 2012-01-17 21:48        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-17 15:48 . 2012-01-17 15:48        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-17 21:48 . 2012-01-17 21:48        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-01-17 15:48 . 2012-01-17 15:48        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:30 . 2011-12-22 19:06        143360              c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-01-17 21:19        143360              c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-01-17 21:19        143360              c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-12-19 21:07        143360              c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:01 . 2012-01-17 21:48        275420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-01-17 15:47        275420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-15 21:13 . 2012-01-17 21:48        45421192              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-31118504-3028418663-3128556308-1001-8192.dat
- 2011-07-15 21:13 . 2012-01-17 15:47        45421192              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-31118504-3028418663-3128556308-1001-8192.dat
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08        143360        ----a-w-        c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 19550344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-06-29 2429]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-11-03 220744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
c:\users\Giova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-6-29 12862]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-6-29 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SmileyCentral_1vService;SmileyCentral Service;c:\progra~2\SMILEY~2\bar\1.bin\1vbarsvc.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-09-07 202048]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-01-16 c:\windows\Tasks\Norton Security Scan for Giova.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-11 13:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52        159744        ----a-w-        c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: Free YouTube Download - c:\users\Giova\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Giova\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 195.58.161.122 195.58.160.194
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
FF - ProfilePath - c:\users\Giova\AppData\Roaming\Mozilla\Firefox\Profiles\odoyzwri.default\
FF - prefs.js: browser.startup.homepage - hxxps://online.uni-salzburg.at/plus_online/webnav.ini
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-17  23:08:59 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-01-17 22:08
ComboFix2.txt  2012-01-17 16:09
.
Vor Suchlauf: 2.330.009.600 Bytes frei
Nach Suchlauf: 2.287.067.136 Bytes frei
.
- - End Of File - - BF3A1D1DF56F9224F98B6F45759817F7
--- --- ---

cosinus 18.01.2012 11:55
Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

fenice 18.01.2012 12:25
Code:
aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-18 11:58:24
-----------------------------
11:58:24.807    OS Version: Windows x64 6.1.7601 Service Pack 1
11:58:24.808    Number of processors: 2 586 0x170A
11:58:24.809    ComputerName: GIOVA-PC  UserName: Giova
11:58:25.500    Initialize success
12:02:32.522    AVAST engine defs: 12011800
12:02:41.301    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:02:41.304    Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
12:02:41.316    Disk 0 MBR read successfully
12:02:41.319    Disk 0 MBR scan
12:02:41.338    Disk 0 Windows 7 default MBR code
12:02:41.342    Disk 0 Partition 1 00    1C Hidd FAT32 LBA MSDOS5.0    20002 MB offset 63
12:02:41.389    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        76308 MB offset 40965750
12:02:41.395    Disk 0 Partition - 00    0F Extended LBA            208932 MB offset 197246976
12:02:41.426    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      208931 MB offset 197249024
12:02:41.433    Service scanning
12:02:46.462    Modules scanning
12:02:46.469    Disk 0 trace - called modules:
12:02:46.493    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
12:02:46.834    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a87060]
12:02:46.849    3 CLASSPNP.SYS[fffff88001bbb43f] -> nt!IofCallDriver -> [0xfffffa8004613570]
12:02:46.860    5 ACPI.sys[fffff88000f027a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004619050]
12:02:47.494    AVAST engine scan C:\Windows
12:02:56.290    AVAST engine scan C:\Windows\system32
12:05:08.221    AVAST engine scan C:\Windows\system32\drivers
12:05:19.922    AVAST engine scan C:\Users\Giova
12:22:01.017    AVAST engine scan C:\ProgramData
12:24:33.628    Scan finished successfully
12:24:59.061    Disk 0 MBR has been saved successfully to "C:\Users\Giova\Desktop\MBR.dat"
12:24:59.067    The log file has been saved successfully to "C:\Users\Giova\Desktop\aswMBR.txt"

cosinus 18.01.2012 12:27
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


fenice 18.01.2012 16:11
Hier das Log von Malwarebytes, Superantispyware ist noch in Arbeit.
Code:
Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Giova :: GIOVA-PC [Administrator]

Schutz: Deaktiviert

18.01.2012 12:28:57
mbam-log-2012-01-18 (12-28-57).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 355105
Laufzeit: 2 Stunde(n), 42 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

fenice 18.01.2012 16:44
Und hier das Log von Superantispyware. Was soll ich mit den gefundenen infizierten Dateien machen?

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/18/2012 at 04:42 PM

Application Version : 5.0.1142

Core Rules Database Version : 8139
Trace Rules Database Version: 5951

Scan type      : Complete Scan
Total Scan Time : 03:55:23

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 655
Memory threats detected  : 0
Registry items scanned    : 70939
Registry threats detected : 0
File items scanned        : 192624
File threats detected    : 167

Adware.Tracking Cookie
        C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\3SOWUB4V.txt [ /mediaplex.com ]
        C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\WS58T4AU.txt [ /c.atdmt.com ]
        C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\41208G2V.txt [ /apmebf.com ]
        C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\Q5XI3KHJ.txt [ /atdmt.com ]
        C:\Users\Giova\AppData\Roaming\Microsoft\Windows\Cookies\MISMID06.txt [ /atdmt.combing.com ]
        C:\USERS\GIOVA\Cookies\3SOWUB4V.txt [ Cookie:giova@mediaplex.com/ ]
        C:\USERS\GIOVA\Cookies\WS58T4AU.txt [ Cookie:giova@c.atdmt.com/ ]
        C:\USERS\GIOVA\Cookies\Q5XI3KHJ.txt [ Cookie:giova@atdmt.com/ ]
        C:\USERS\GIOVA\Cookies\MISMID06.txt [ Cookie:giova@atdmt.combing.com/ ]
        .doubleclick.net [ C:\USERS\GIOVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .divx.112.2o7.net [ C:\USERS\GIOVA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .getclicky.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .static.getclicky.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        in.getclicky.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .frontlinegmbh.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .gostats.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        wstat.wibiya.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.count24.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.count24.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.count24.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wjl4eoazwbq.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .ad6media.fr [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .ad6media.fr [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .guj.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wgmyeodpalo.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6aekoukcjwbq.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .eucerin.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .viewablemedia.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .fastclick.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        s04.flagcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .partypoker.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .azjmp.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mmotraffic.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mmotraffic.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.xxxmatch.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.xxxmatch.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        wt.xxxmatch.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .c.gigcount.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .ero-advertising.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .opodo.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .steelhousemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .steelhousemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        partneradserver.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .autoscout24.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .tracking.hermesworld.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .snapfish.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        fr.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        fr.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        stats.bmw.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .conrad.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .divx.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        spenden.wikimedia.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        spenden.wikimedia.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .texasinstrument.122.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mediamarkt.at [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.mediamarkt.at [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        s02.flagcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        s04.flagcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        s07.flagcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6aekysmcpgeq.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        delivery.way2traffic.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        tracking.oe24.at [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wjlyagazeeq.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wnmykkdjmep.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .paypal.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .findlauren.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        stat.aldi.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wjlooodzggp.stats.esomniture.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .googleads.g.doubleclick.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .yadro.ru [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .fastclick.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .tracking.hermesworld.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .tracking.hermesworld.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .global.beyondrichmedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .global.beyondrichmedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .global.beyondrichmedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        tracking.dc-storm.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        media.liste-grossistes-aubervilliers.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .statcounter.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .mtvn.112.2o7.net [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        statse.webtrendslive.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .stats.paypal.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .countomat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        s14.shinystat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        s14.shinystat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        .shinystat.com [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\GIOVA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ODOYZWRI.DEFAULT\COOKIES.SQLITE ]


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:14 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131