Trojaner-Board
Seite 3 von 4 12 3 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Avira findet "BOO/Whistler.A" in Masterbootsektor HD0 Bootsektor 'C:\', lässt sich nicht entfernen (https://www.trojaner-board.de/119128-avira-findet-boo-whistler-a-masterbootsektor-hd0-bootsektor-c-laesst-entfernen.html)

v2k 30.07.2012 18:19
Ich denk, morgen geht's.

Ach Gott, tut mir leid, dass ich's jetzt erst gemacht hab. Hätt ich gewusst, dass das wieder so schnell geht, hätt ich das eher gemacht. :D

Code:
08:47:35.0203 3464        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
08:47:35.0671 3464        ============================================================
08:47:35.0671 3464        Current date / time: 2012/07/31 08:47:35.0671
08:47:35.0671 3464        SystemInfo:
08:47:35.0671 3464       
08:47:35.0671 3464        OS Version: 5.1.2600 ServicePack: 3.0
08:47:35.0671 3464        Product type: Workstation
08:47:35.0687 3464        ComputerName: ANDREAS-IE3OGLJ
08:47:35.0703 3464        UserName: Andreas
08:47:35.0703 3464        Windows directory: C:\WINDOWS
08:47:35.0703 3464        System windows directory: C:\WINDOWS
08:47:35.0703 3464        Processor architecture: Intel x86
08:47:35.0703 3464        Number of processors: 1
08:47:35.0703 3464        Page size: 0x1000
08:47:35.0703 3464        Boot type: Normal boot
08:47:35.0703 3464        ============================================================
08:47:38.0078 3464        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:47:38.0078 3464        Drive \Device\Harddisk1\DR2 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:47:38.0093 3464        ============================================================
08:47:38.0093 3464        \Device\Harddisk0\DR0:
08:47:38.0093 3464        MBR partitions:
08:47:38.0093 3464        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05
08:47:38.0093 3464        \Device\Harddisk1\DR2:
08:47:38.0093 3464        MBR partitions:
08:47:38.0093 3464        \Device\Harddisk1\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
08:47:38.0093 3464        ============================================================
08:47:38.0187 3464        C: <-> \Device\Harddisk0\DR0\Partition0
08:47:38.0234 3464        E: <-> \Device\Harddisk1\DR2\Partition0
08:47:38.0265 3464        ============================================================
08:47:38.0265 3464        Initialize success
08:47:38.0265 3464        ============================================================
08:50:01.0406 2852        ============================================================
08:50:01.0406 2852        Scan started
08:50:01.0406 2852        Mode: Manual; SigCheck; TDLFS;
08:50:01.0406 2852        ============================================================
08:50:01.0703 2852        Abiosdsk - ok
08:50:01.0718 2852        abp480n5 - ok
08:50:01.0765 2852        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:50:03.0953 2852        ACPI - ok
08:50:04.0015 2852        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:50:04.0203 2852        ACPIEC - ok
08:50:04.0218 2852        adpu160m - ok
08:50:04.0250 2852        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:50:04.0375 2852        aec - ok
08:50:04.0421 2852        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:50:04.0484 2852        AFD - ok
08:50:04.0484 2852        Aha154x - ok
08:50:04.0500 2852        aic78u2 - ok
08:50:04.0515 2852        aic78xx - ok
08:50:04.0640 2852        ALCXWDM        (8eaa98894a004a47964dcd84f57493c1) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
08:50:04.0906 2852        ALCXWDM - ok
08:50:04.0984 2852        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
08:50:05.0125 2852        Alerter - ok
08:50:05.0140 2852        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
08:50:05.0281 2852        ALG - ok
08:50:05.0281 2852        AliIde - ok
08:50:05.0296 2852        amsint - ok
08:50:05.0406 2852        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
08:50:05.0437 2852        AntiVirSchedulerService - ok
08:50:05.0484 2852        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
08:50:05.0500 2852        AntiVirService - ok
08:50:05.0546 2852        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
08:50:05.0703 2852        AppMgmt - ok
08:50:05.0703 2852        asc - ok
08:50:05.0718 2852        asc3350p - ok
08:50:05.0734 2852        asc3550 - ok
08:50:05.0781 2852        ASPI            (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\System32\DRIVERS\ASPI32.sys
08:50:05.0781 2852        ASPI ( UnsignedFile.Multi.Generic ) - warning
08:50:05.0781 2852        ASPI - detected UnsignedFile.Multi.Generic (1)
08:50:05.0859 2852        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
08:50:05.0921 2852        aspnet_state - ok
08:50:05.0953 2852        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:50:06.0078 2852        AsyncMac - ok
08:50:06.0109 2852        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:50:06.0250 2852        atapi - ok
08:50:06.0250 2852        Atdisk - ok
08:50:06.0281 2852        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:50:06.0406 2852        Atmarpc - ok
08:50:06.0453 2852        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
08:50:06.0593 2852        AudioSrv - ok
08:50:06.0609 2852        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:50:06.0765 2852        audstub - ok
08:50:06.0796 2852        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
08:50:07.0781 2852        avgntflt - ok
08:50:07.0843 2852        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
08:50:07.0859 2852        avipbb - ok
08:50:07.0875 2852        avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
08:50:07.0890 2852        avkmgr - ok
08:50:07.0921 2852        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:50:08.0093 2852        Beep - ok
08:50:08.0125 2852        BIOS            (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\System32\drivers\BIOS.sys
08:50:08.0140 2852        BIOS ( UnsignedFile.Multi.Generic ) - warning
08:50:08.0140 2852        BIOS - detected UnsignedFile.Multi.Generic (1)
08:50:08.0187 2852        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\System32\qmgr.dll
08:50:08.0421 2852        BITS - ok
08:50:08.0453 2852        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
08:50:08.0578 2852        Browser - ok
08:50:08.0609 2852        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:50:08.0812 2852        cbidf2k - ok
08:50:08.0828 2852        cd20xrnt - ok
08:50:08.0859 2852        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:50:09.0031 2852        Cdaudio - ok
08:50:09.0078 2852        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:50:09.0218 2852        Cdfs - ok
08:50:09.0250 2852        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:50:09.0359 2852        Cdrom - ok
08:50:09.0375 2852        Changer - ok
08:50:09.0406 2852        cisvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\System32\cisvc.exe
08:50:09.0531 2852        cisvc - ok
08:50:09.0578 2852        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
08:50:09.0734 2852        ClipSrv - ok
08:50:09.0781 2852        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:50:09.0937 2852        clr_optimization_v2.0.50727_32 - ok
08:50:09.0953 2852        CmdIde - ok
08:50:09.0953 2852        COMSysApp - ok
08:50:09.0984 2852        Cpqarray - ok
08:50:10.0031 2852        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
08:50:10.0140 2852        CryptSvc - ok
08:50:10.0156 2852        dac2w2k - ok
08:50:10.0156 2852        dac960nt - ok
08:50:10.0250 2852        dbustrcm - ok
08:50:10.0296 2852        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
08:50:10.0421 2852        DcomLaunch - ok
08:50:10.0453 2852        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
08:50:10.0578 2852        Dhcp - ok
08:50:10.0609 2852        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:50:10.0734 2852        Disk - ok
08:50:10.0750 2852        dmadmin - ok
08:50:10.0812 2852        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
08:50:10.0968 2852        dmboot - ok
08:50:10.0968 2852        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
08:50:11.0109 2852        dmio - ok
08:50:11.0156 2852        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:50:11.0328 2852        dmload - ok
08:50:11.0359 2852        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
08:50:11.0484 2852        dmserver - ok
08:50:11.0515 2852        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:50:11.0656 2852        DMusic - ok
08:50:11.0687 2852        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
08:50:11.0765 2852        Dnscache - ok
08:50:11.0796 2852        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
08:50:11.0921 2852        Dot3svc - ok
08:50:11.0921 2852        dpti2o - ok
08:50:11.0984 2852        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:50:12.0109 2852        drmkaud - ok
08:50:12.0156 2852        dtsoftbus01    (16c5891c6d1fa0b5d9014f85a482eb20) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
08:50:12.0171 2852        dtsoftbus01 - ok
08:50:12.0234 2852        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
08:50:12.0359 2852        EapHost - ok
08:50:12.0406 2852        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
08:50:12.0531 2852        ERSvc - ok
08:50:12.0578 2852        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
08:50:12.0593 2852        Eventlog - ok
08:50:12.0625 2852        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
08:50:12.0656 2852        EventSystem - ok
08:50:12.0687 2852        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:50:12.0812 2852        Fastfat - ok
08:50:12.0843 2852        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:50:12.0890 2852        FastUserSwitchingCompatibility - ok
08:50:12.0906 2852        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:50:13.0031 2852        Fdc - ok
08:50:13.0062 2852        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
08:50:13.0171 2852        Fips - ok
08:50:13.0187 2852        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:50:13.0312 2852        Flpydisk - ok
08:50:13.0343 2852        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:50:13.0484 2852        FltMgr - ok
08:50:13.0562 2852        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:50:13.0578 2852        FontCache3.0.0.0 - ok
08:50:13.0625 2852        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:50:13.0796 2852        Fs_Rec - ok
08:50:13.0828 2852        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:50:14.0000 2852        Ftdisk - ok
08:50:14.0000 2852        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:50:14.0140 2852        Gpc - ok
08:50:14.0265 2852        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
08:50:14.0281 2852        gupdate - ok
08:50:14.0281 2852        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
08:50:14.0296 2852        gupdatem - ok
08:50:14.0375 2852        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:50:14.0500 2852        helpsvc - ok
08:50:14.0515 2852        HidServ - ok
08:50:14.0531 2852        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:50:14.0640 2852        HidUsb - ok
08:50:14.0671 2852        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
08:50:14.0796 2852        hkmsvc - ok
08:50:14.0796 2852        hpn - ok
08:50:14.0812 2852        hpt3xx - ok
08:50:14.0843 2852        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:50:14.0906 2852        HTTP - ok
08:50:14.0953 2852        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
08:50:15.0078 2852        HTTPFilter - ok
08:50:15.0078 2852        i2omgmt - ok
08:50:15.0093 2852        i2omp - ok
08:50:15.0125 2852        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:50:15.0250 2852        i8042prt - ok
08:50:15.0312 2852        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:50:15.0375 2852        idsvc - ok
08:50:15.0390 2852        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:50:15.0515 2852        Imapi - ok
08:50:15.0546 2852        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe
08:50:15.0671 2852        ImapiService - ok
08:50:15.0687 2852        ini910u - ok
08:50:15.0718 2852        IntelIde - ok
08:50:15.0765 2852        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:50:15.0875 2852        ip6fw - ok
08:50:15.0906 2852        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:50:16.0093 2852        IpFilterDriver - ok
08:50:16.0109 2852        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:50:16.0234 2852        IpInIp - ok
08:50:16.0250 2852        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:50:16.0375 2852        IpNat - ok
08:50:16.0390 2852        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:50:16.0531 2852        IPSec - ok
08:50:16.0578 2852        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
08:50:16.0687 2852        irda - ok
08:50:16.0703 2852        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:50:16.0828 2852        IRENUM - ok
08:50:16.0843 2852        Irmon          (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
08:50:16.0953 2852        Irmon - ok
08:50:17.0000 2852        IrUSB          (198f123f95f7fd86d8d5c8ca90e79d8a) C:\WINDOWS\system32\DRIVERS\IrUSB.sys
08:50:17.0015 2852        IrUSB ( UnsignedFile.Multi.Generic ) - warning
08:50:17.0015 2852        IrUSB - detected UnsignedFile.Multi.Generic (1)
08:50:17.0046 2852        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:50:17.0171 2852        isapnp - ok
08:50:17.0265 2852        JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Programme\Java\jre6\bin\jqs.exe
08:50:17.0296 2852        JavaQuickStarterService - ok
08:50:17.0312 2852        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:50:17.0437 2852        Kbdclass - ok
08:50:17.0453 2852        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:50:17.0578 2852        kmixer - ok
08:50:17.0625 2852        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:50:17.0687 2852        KSecDD - ok
08:50:17.0718 2852        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
08:50:17.0765 2852        lanmanserver - ok
08:50:17.0796 2852        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
08:50:17.0843 2852        lanmanworkstation - ok
08:50:17.0859 2852        lbrtfdc - ok
08:50:17.0906 2852        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
08:50:18.0015 2852        LmHosts - ok
08:50:18.0062 2852        MBAMProtector - ok
08:50:18.0125 2852        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
08:50:18.0171 2852        MBAMService - ok
08:50:18.0218 2852        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
08:50:18.0343 2852        Messenger - ok
08:50:18.0359 2852        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:50:18.0531 2852        mnmdd - ok
08:50:18.0562 2852        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
08:50:18.0671 2852        mnmsrvc - ok
08:50:18.0718 2852        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
08:50:18.0828 2852        Modem - ok
08:50:18.0859 2852        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:50:18.0968 2852        Mouclass - ok
08:50:19.0015 2852        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:50:19.0171 2852        mouhid - ok
08:50:19.0187 2852        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:50:19.0328 2852        MountMgr - ok
08:50:19.0375 2852        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
08:50:19.0390 2852        MozillaMaintenance - ok
08:50:19.0406 2852        mraid35x - ok
08:50:19.0453 2852        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:50:19.0578 2852        MRxDAV - ok
08:50:19.0625 2852        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:50:19.0718 2852        MRxSmb - ok
08:50:19.0750 2852        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe
08:50:19.0890 2852        MSDTC - ok
08:50:19.0906 2852        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:50:20.0078 2852        Msfs - ok
08:50:20.0109 2852        MSIRCOMM        (95c6432151ccff8617352f8e616a1aa4) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
08:50:20.0218 2852        MSIRCOMM - ok
08:50:20.0234 2852        MSIServer - ok
08:50:20.0265 2852        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:50:20.0375 2852        MSKSSRV - ok
08:50:20.0390 2852        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:50:20.0500 2852        MSPCLOCK - ok
08:50:20.0515 2852        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:50:20.0640 2852        MSPQM - ok
08:50:20.0671 2852        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:50:20.0781 2852        mssmbios - ok
08:50:20.0796 2852        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:50:20.0843 2852        Mup - ok
08:50:20.0890 2852        MxlW2k          (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys
08:50:20.0890 2852        MxlW2k ( UnsignedFile.Multi.Generic ) - warning
08:50:20.0890 2852        MxlW2k - detected UnsignedFile.Multi.Generic (1)
08:50:20.0937 2852        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
08:50:21.0078 2852        napagent - ok
08:50:21.0093 2852        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:50:21.0203 2852        NDIS - ok
08:50:21.0250 2852        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:50:21.0281 2852        NdisTapi - ok
08:50:21.0312 2852        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:50:21.0421 2852        Ndisuio - ok
08:50:21.0453 2852        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:50:21.0593 2852        NdisWan - ok
08:50:21.0640 2852        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:50:21.0687 2852        NDProxy - ok
08:50:21.0687 2852        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:50:21.0812 2852        NetBIOS - ok
08:50:21.0828 2852        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:50:21.0953 2852        NetBT - ok
08:50:22.0000 2852        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
08:50:22.0140 2852        NetDDE - ok
08:50:22.0140 2852        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
08:50:22.0250 2852        NetDDEdsdm - ok
08:50:22.0281 2852        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
08:50:22.0406 2852        Netlogon - ok
08:50:22.0421 2852        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
08:50:22.0546 2852        Netman - ok
08:50:22.0656 2852        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:50:22.0671 2852        NetTcpPortSharing - ok
08:50:22.0703 2852        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
08:50:22.0734 2852        Nla - ok
08:50:22.0750 2852        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:50:22.0875 2852        Npfs - ok
08:50:22.0906 2852        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:50:23.0078 2852        Ntfs - ok
08:50:23.0093 2852        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
08:50:23.0203 2852        NtLmSsp - ok
08:50:23.0234 2852        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
08:50:23.0406 2852        NtmsSvc - ok
08:50:23.0437 2852        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:50:23.0609 2852        Null - ok
08:50:23.0734 2852        nv              (cd2acd06129c4107df4483b298a05290) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:50:23.0953 2852        nv - ok
08:50:24.0031 2852        nvata          (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
08:50:24.0062 2852        nvata - ok
08:50:24.0140 2852        NVENETFD        (b9333604527e02cd2223f200c0bae7e0) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
08:50:24.0171 2852        NVENETFD - ok
08:50:24.0187 2852        nvnetbus        (5e9e55f7ee644c7c5fd78a206fbe37ab) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
08:50:24.0234 2852        nvnetbus - ok
08:50:24.0250 2852        NVSvc          (4a6124c70c9e46565d31ff799750dc64) C:\WINDOWS\System32\nvsvc32.exe
08:50:24.0265 2852        NVSvc - ok
08:50:24.0312 2852        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:50:24.0484 2852        NwlnkFlt - ok
08:50:24.0500 2852        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:50:24.0656 2852        NwlnkFwd - ok
08:50:24.0687 2852        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
08:50:24.0812 2852        Parport - ok
08:50:24.0812 2852        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:50:24.0953 2852        PartMgr - ok
08:50:24.0968 2852        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
08:50:25.0109 2852        ParVdm - ok
08:50:25.0140 2852        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
08:50:25.0250 2852        PCI - ok
08:50:25.0265 2852        PCIDump - ok
08:50:25.0312 2852        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:50:25.0484 2852        PCIIde - ok
08:50:25.0500 2852        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:50:25.0640 2852        Pcmcia - ok
08:50:25.0640 2852        PDCOMP - ok
08:50:25.0656 2852        PDFRAME - ok
08:50:25.0671 2852        PDRELI - ok
08:50:25.0687 2852        PDRFRAME - ok
08:50:25.0687 2852        perc2 - ok
08:50:25.0703 2852        perc2hib - ok
08:50:25.0765 2852        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
08:50:25.0781 2852        PlugPlay - ok
08:50:25.0828 2852        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
08:50:25.0953 2852        PolicyAgent - ok
08:50:26.0000 2852        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:50:26.0109 2852        PptpMiniport - ok
08:50:26.0125 2852        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
08:50:26.0234 2852        Processor - ok
08:50:26.0265 2852        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:50:26.0375 2852        ProtectedStorage - ok
08:50:26.0390 2852        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:50:26.0515 2852        PSched - ok
08:50:26.0562 2852        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:50:26.0718 2852        Ptilink - ok
08:50:26.0718 2852        ql1080 - ok
08:50:26.0734 2852        Ql10wnt - ok
08:50:26.0750 2852        ql12160 - ok
08:50:26.0750 2852        ql1240 - ok
08:50:26.0765 2852        ql1280 - ok
08:50:26.0781 2852        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:50:26.0937 2852        RasAcd - ok
08:50:26.0968 2852        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
08:50:27.0093 2852        RasAuto - ok
08:50:27.0109 2852        Rasirda        (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
08:50:27.0171 2852        Rasirda - ok
08:50:27.0203 2852        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:50:27.0312 2852        Rasl2tp - ok
08:50:27.0359 2852        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
08:50:27.0484 2852        RasMan - ok
08:50:27.0500 2852        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:50:27.0609 2852        RasPppoe - ok
08:50:27.0625 2852        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:50:27.0781 2852        Raspti - ok
08:50:27.0812 2852        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:50:27.0937 2852        Rdbss - ok
08:50:27.0984 2852        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:50:28.0125 2852        RDPCDD - ok
08:50:28.0171 2852        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:50:28.0281 2852        rdpdr - ok
08:50:28.0328 2852        RDPWD          (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
08:50:28.0390 2852        RDPWD - ok
08:50:28.0421 2852        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
08:50:28.0546 2852        RDSessMgr - ok
08:50:28.0562 2852        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:50:28.0687 2852        redbook - ok
08:50:28.0703 2852        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
08:50:28.0828 2852        RemoteAccess - ok
08:50:28.0875 2852        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
08:50:29.0000 2852        RemoteRegistry - ok
08:50:29.0015 2852        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
08:50:29.0140 2852        RpcLocator - ok
08:50:29.0187 2852        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
08:50:29.0203 2852        RpcSs - ok
08:50:29.0250 2852        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
08:50:29.0406 2852        RSVP - ok
08:50:29.0437 2852        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
08:50:29.0546 2852        SamSs - ok
08:50:29.0562 2852        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
08:50:29.0687 2852        SCardSvr - ok
08:50:29.0734 2852        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
08:50:29.0843 2852        Schedule - ok
08:50:29.0937 2852        SearchAnonymizer (f4bd8926afb3b2067f2bd210032ec3be) C:\Dokumente und Einstellungen\Andreas\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
08:50:29.0953 2852        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
08:50:29.0953 2852        SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
08:50:30.0000 2852        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:50:30.0109 2852        Secdrv - ok
08:50:30.0140 2852        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
08:50:30.0265 2852        seclogon - ok
08:50:30.0312 2852        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
08:50:30.0421 2852        SENS - ok
08:50:30.0453 2852        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:50:30.0578 2852        serenum - ok
08:50:30.0609 2852        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
08:50:30.0718 2852        Serial - ok
08:50:30.0750 2852        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:50:30.0859 2852        Sfloppy - ok
08:50:30.0890 2852        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
08:50:31.0031 2852        SharedAccess - ok
08:50:31.0078 2852        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:50:31.0093 2852        ShellHWDetection - ok
08:50:31.0093 2852        Simbad - ok
08:50:31.0109 2852        Sparrow - ok
08:50:31.0140 2852        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:50:31.0265 2852        splitter - ok
08:50:31.0328 2852        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
08:50:31.0343 2852        Spooler - ok
08:50:31.0343 2852        sptd - ok
08:50:31.0375 2852        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
08:50:31.0500 2852        sr - ok
08:50:31.0531 2852        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
08:50:31.0656 2852        srservice - ok
08:50:31.0687 2852        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:50:31.0765 2852        Srv - ok
08:50:31.0796 2852        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
08:50:31.0921 2852        SSDPSRV - ok
08:50:31.0984 2852        SSHDRV61        (90dcc161d96689e770519c76accea8b1) C:\WINDOWS\System32\drivers\SSHDRV61.sys
08:50:32.0000 2852        SSHDRV61 ( UnsignedFile.Multi.Generic ) - warning
08:50:32.0000 2852        SSHDRV61 - detected UnsignedFile.Multi.Generic (1)
08:50:32.0015 2852        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
08:50:32.0031 2852        ssmdrv - ok
08:50:32.0031 2852        StarOpen - ok
08:50:32.0078 2852        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
08:50:32.0234 2852        stisvc - ok
08:50:32.0296 2852        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:50:32.0406 2852        swenum - ok
08:50:32.0437 2852        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:50:32.0562 2852        swmidi - ok
08:50:32.0578 2852        SwPrv - ok
08:50:32.0593 2852        symc810 - ok
08:50:32.0593 2852        symc8xx - ok
08:50:32.0609 2852        sym_hi - ok
08:50:32.0625 2852        sym_u3 - ok
08:50:32.0656 2852        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:50:32.0765 2852        sysaudio - ok
08:50:32.0796 2852        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
08:50:32.0937 2852        SysmonLog - ok
08:50:32.0968 2852        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
08:50:33.0093 2852        TapiSrv - ok
08:50:33.0140 2852        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:50:33.0171 2852        Tcpip - ok
08:50:33.0218 2852        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:50:33.0328 2852        TDPIPE - ok
08:50:33.0343 2852        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:50:33.0453 2852        TDTCP - ok
08:50:33.0484 2852        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:50:33.0609 2852        TermDD - ok
08:50:33.0640 2852        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
08:50:33.0765 2852        TermService - ok
08:50:33.0796 2852        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
08:50:33.0812 2852        Themes - ok
08:50:33.0843 2852        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
08:50:33.0968 2852        TlntSvr - ok
08:50:33.0984 2852        TosIde - ok
08:50:34.0015 2852        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
08:50:34.0125 2852        TrkWks - ok
08:50:34.0156 2852        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:50:34.0265 2852        Udfs - ok
08:50:34.0265 2852        ultra - ok
08:50:34.0312 2852        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:50:34.0453 2852        Update - ok
08:50:34.0500 2852        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
08:50:34.0625 2852        upnphost - ok
08:50:34.0640 2852        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
08:50:34.0781 2852        UPS - ok
08:50:34.0796 2852        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:50:34.0906 2852        usbccgp - ok
08:50:34.0953 2852        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:50:35.0062 2852        usbhub - ok
08:50:35.0093 2852        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:50:35.0203 2852        usbohci - ok
08:50:35.0218 2852        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:50:35.0343 2852        usbprint - ok
08:50:35.0359 2852        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:50:35.0468 2852        usbscan - ok
08:50:35.0500 2852        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:50:35.0609 2852        USBSTOR - ok
08:50:35.0640 2852        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:50:35.0750 2852        VgaSave - ok
08:50:35.0765 2852        ViaIde - ok
08:50:35.0796 2852        VolSnap        (4dc8a879a7f7c136e5fa10c6295d6d31) C:\WINDOWS\system32\drivers\VolSnap.sys
08:50:35.0796 2852        Suspicious file (Forged): C:\WINDOWS\system32\drivers\VolSnap.sys. Real md5: 4dc8a879a7f7c136e5fa10c6295d6d31, Fake md5: a5a712f4e880874a477af790b5186e1d
08:50:35.0796 2852        VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - infected
08:50:35.0796 2852        VolSnap - detected Rootkit.Win32.TDSS.tdl3 (0)
08:50:35.0812 2852        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
08:50:35.0937 2852        VSS - ok
08:50:35.0968 2852        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll
08:50:36.0093 2852        W32Time - ok
08:50:36.0125 2852        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:50:36.0234 2852        Wanarp - ok
08:50:36.0250 2852        WDICA - ok
08:50:36.0281 2852        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:50:36.0390 2852        wdmaud - ok
08:50:36.0421 2852        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
08:50:36.0562 2852        WebClient - ok
08:50:36.0609 2852        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:50:36.0718 2852        winmgmt - ok
08:50:36.0781 2852        WmdmPmSN        (6e18978b749f0696a774de3f2cb142dd) C:\WINDOWS\system32\MsPMSNSv.dll
08:50:36.0890 2852        WmdmPmSN - ok
08:50:36.0953 2852        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
08:50:37.0078 2852        Wmi - ok
08:50:37.0109 2852        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
08:50:37.0234 2852        WmiApSrv - ok
08:50:37.0265 2852        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
08:50:37.0390 2852        wscsvc - ok
08:50:37.0421 2852        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
08:50:37.0546 2852        wuauserv - ok
08:50:37.0578 2852        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:50:37.0640 2852        WudfPf - ok
08:50:37.0671 2852        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:50:37.0703 2852        WudfRd - ok
08:50:37.0718 2852        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
08:50:37.0750 2852        WudfSvc - ok
08:50:37.0812 2852        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
08:50:37.0984 2852        WZCSVC - ok
08:50:38.0000 2852        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
08:50:38.0140 2852        xmlprov - ok
08:50:38.0171 2852        MBR (0x1B8)    (e24810ee950b6f5f27cb02111df934e3) \Device\Harddisk0\DR0
08:50:38.0187 2852        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
08:50:38.0187 2852        \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
08:50:38.0281 2852        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2
08:50:38.0875 2852        \Device\Harddisk1\DR2 - ok
08:50:38.0875 2852        Boot (0x1200)  (3c104e373481fcbd06de79f1d8059706) \Device\Harddisk0\DR0\Partition0
08:50:38.0875 2852        \Device\Harddisk0\DR0\Partition0 - ok
08:50:38.0906 2852        Boot (0x1200)  (b8edbc127af70cf160cb0b62c107b092) \Device\Harddisk1\DR2\Partition0
08:50:38.0906 2852        \Device\Harddisk1\DR2\Partition0 - ok
08:50:38.0921 2852        ============================================================
08:50:38.0921 2852        Scan finished
08:50:38.0921 2852        ============================================================
08:50:39.0046 2764        Detected object count: 8
08:50:39.0046 2764        Actual detected object count: 8
08:51:21.0906 2764        ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:21.0906 2764        ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:21.0906 2764        BIOS ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:21.0906 2764        BIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:21.0906 2764        IrUSB ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:21.0906 2764        IrUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:21.0921 2764        MxlW2k ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:21.0921 2764        MxlW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:21.0921 2764        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:21.0921 2764        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:21.0921 2764        SSHDRV61 ( UnsignedFile.Multi.Generic ) - skipped by user
08:51:21.0921 2764        SSHDRV61 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:51:21.0921 2764        VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - skipped by user
08:51:21.0921 2764        VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Skip
08:51:21.0921 2764        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - skipped by user
08:51:21.0921 2764        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Skip
Was geht jetzt? Ich hab den Kram als 'neuen Beitrag' abgeschickt ... die 'Beitrag ändern'-Schaltfläche seh ich nicht ... o.O

Verrückt .

v2k 02.08.2012 13:39
jetzt geht's ja wieder ...

cosinus 03.08.2012 13:01
Code:
08:51:21.0921 2764        VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Skip
08:51:21.0921 2764        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - skipped by user
Diese beiden Einträge TDSS File System und Rootkit.Boot.Wistler.a bitte mit dem TDSS-Killer fixen. Aber bitte nur diese Einträge!
Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.

v2k 03.08.2012 13:33
Wie komme ich in das Menü, die Einträge zu fixen?
Soll ich dazu den Scan nochmal durchführen?

cosinus 03.08.2012 19:57
Ja den Scan nochmal durchführen
Bitte nur die von mir erwähnten Einträge löschen! Mit löschen wird gemeint: CURE oder DELETE, je nachdem was angeboten wird

v2k 06.08.2012 12:44
Jo, 'cure' war's.

Code:
13:32:18.0531 2064        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:32:19.0046 2064        ============================================================
13:32:19.0046 2064        Current date / time: 2012/08/06 13:32:19.0046
13:32:19.0046 2064        SystemInfo:
13:32:19.0046 2064       
13:32:19.0078 2064        OS Version: 5.1.2600 ServicePack: 3.0
13:32:19.0078 2064        Product type: Workstation
13:32:19.0078 2064        ComputerName: ANDREAS-IE3OGLJ
13:32:19.0078 2064        UserName: Andreas
13:32:19.0078 2064        Windows directory: C:\WINDOWS
13:32:19.0078 2064        System windows directory: C:\WINDOWS
13:32:19.0078 2064        Processor architecture: Intel x86
13:32:19.0078 2064        Number of processors: 1
13:32:19.0078 2064        Page size: 0x1000
13:32:19.0078 2064        Boot type: Normal boot
13:32:19.0078 2064        ============================================================
13:32:21.0328 2064        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:32:21.0531 2064        Drive \Device\Harddisk1\DR2 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:32:21.0531 2064        ============================================================
13:32:21.0531 2064        \Device\Harddisk0\DR0:
13:32:21.0546 2064        MBR partitions:
13:32:21.0546 2064        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05
13:32:21.0546 2064        \Device\Harddisk1\DR2:
13:32:21.0546 2064        MBR partitions:
13:32:21.0546 2064        \Device\Harddisk1\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
13:32:21.0546 2064        ============================================================
13:32:21.0640 2064        C: <-> \Device\Harddisk0\DR0\Partition0
13:32:21.0671 2064        E: <-> \Device\Harddisk1\DR2\Partition0
13:32:21.0718 2064        ============================================================
13:32:21.0718 2064        Initialize success
13:32:21.0718 2064        ============================================================
13:32:51.0453 1784        ============================================================
13:32:51.0453 1784        Scan started
13:32:51.0453 1784        Mode: Manual; SigCheck; TDLFS;
13:32:51.0453 1784        ============================================================
13:32:52.0015 1784        Abiosdsk - ok
13:32:52.0015 1784        abp480n5 - ok
13:32:52.0078 1784        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:32:54.0046 1784        ACPI - ok
13:32:54.0078 1784        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:32:54.0250 1784        ACPIEC - ok
13:32:54.0265 1784        adpu160m - ok
13:32:54.0328 1784        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:32:54.0468 1784        aec - ok
13:32:54.0500 1784        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:32:54.0546 1784        AFD - ok
13:32:54.0562 1784        Aha154x - ok
13:32:54.0578 1784        aic78u2 - ok
13:32:54.0593 1784        aic78xx - ok
13:32:54.0718 1784        ALCXWDM        (8eaa98894a004a47964dcd84f57493c1) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
13:32:55.0000 1784        ALCXWDM - ok
13:32:55.0078 1784        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
13:32:55.0281 1784        Alerter - ok
13:32:55.0328 1784        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
13:32:55.0468 1784        ALG - ok
13:32:55.0468 1784        AliIde - ok
13:32:55.0484 1784        amsint - ok
13:32:55.0546 1784        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
13:32:55.0593 1784        AntiVirSchedulerService - ok
13:32:55.0640 1784        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
13:32:55.0656 1784        AntiVirService - ok
13:32:55.0687 1784        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
13:32:55.0843 1784        AppMgmt - ok
13:32:55.0859 1784        asc - ok
13:32:55.0859 1784        asc3350p - ok
13:32:55.0875 1784        asc3550 - ok
13:32:55.0937 1784        ASPI            (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\System32\DRIVERS\ASPI32.sys
13:32:55.0953 1784        ASPI ( UnsignedFile.Multi.Generic ) - warning
13:32:55.0953 1784        ASPI - detected UnsignedFile.Multi.Generic (1)
13:32:56.0031 1784        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:32:56.0109 1784        aspnet_state - ok
13:32:56.0140 1784        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:32:56.0281 1784        AsyncMac - ok
13:32:56.0312 1784        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:32:56.0453 1784        atapi - ok
13:32:56.0468 1784        Atdisk - ok
13:32:56.0484 1784        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:32:56.0625 1784        Atmarpc - ok
13:32:56.0640 1784        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
13:32:56.0781 1784        AudioSrv - ok
13:32:56.0796 1784        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:32:56.0968 1784        audstub - ok
13:32:56.0984 1784        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
13:32:57.0375 1784        avgntflt - ok
13:32:57.0421 1784        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
13:32:57.0437 1784        avipbb - ok
13:32:57.0468 1784        avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
13:32:57.0468 1784        avkmgr - ok
13:32:57.0515 1784        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:32:57.0671 1784        Beep - ok
13:32:57.0718 1784        BIOS            (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\System32\drivers\BIOS.sys
13:32:57.0734 1784        BIOS ( UnsignedFile.Multi.Generic ) - warning
13:32:57.0734 1784        BIOS - detected UnsignedFile.Multi.Generic (1)
13:32:57.0781 1784        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\System32\qmgr.dll
13:32:58.0000 1784        BITS - ok
13:32:58.0015 1784        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
13:32:58.0140 1784        Browser - ok
13:32:58.0171 1784        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:32:58.0359 1784        cbidf2k - ok
13:32:58.0359 1784        cd20xrnt - ok
13:32:58.0390 1784        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:32:58.0562 1784        Cdaudio - ok
13:32:58.0593 1784        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:32:58.0718 1784        Cdfs - ok
13:32:58.0750 1784        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:32:58.0875 1784        Cdrom - ok
13:32:58.0890 1784        Changer - ok
13:32:58.0906 1784        cisvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\System32\cisvc.exe
13:32:59.0031 1784        cisvc - ok
13:32:59.0062 1784        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
13:32:59.0203 1784        ClipSrv - ok
13:32:59.0234 1784        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:32:59.0390 1784        clr_optimization_v2.0.50727_32 - ok
13:32:59.0390 1784        CmdIde - ok
13:32:59.0406 1784        COMSysApp - ok
13:32:59.0421 1784        Cpqarray - ok
13:32:59.0453 1784        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
13:32:59.0578 1784        CryptSvc - ok
13:32:59.0578 1784        dac2w2k - ok
13:32:59.0609 1784        dac960nt - ok
13:32:59.0687 1784        dbustrcm - ok
13:32:59.0750 1784        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
13:32:59.0937 1784        DcomLaunch - ok
13:33:00.0015 1784        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
13:33:00.0203 1784        Dhcp - ok
13:33:00.0296 1784        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:33:00.0421 1784        Disk - ok
13:33:00.0437 1784        dmadmin - ok
13:33:00.0531 1784        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
13:33:00.0718 1784        dmboot - ok
13:33:00.0750 1784        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
13:33:00.0890 1784        dmio - ok
13:33:00.0937 1784        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:33:01.0109 1784        dmload - ok
13:33:01.0140 1784        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
13:33:01.0281 1784        dmserver - ok
13:33:01.0296 1784        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:33:01.0437 1784        DMusic - ok
13:33:01.0484 1784        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
13:33:01.0562 1784        Dnscache - ok
13:33:01.0593 1784        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
13:33:01.0734 1784        Dot3svc - ok
13:33:01.0734 1784        dpti2o - ok
13:33:01.0781 1784        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:33:01.0890 1784        drmkaud - ok
13:33:01.0921 1784        dtsoftbus01    (16c5891c6d1fa0b5d9014f85a482eb20) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
13:33:01.0953 1784        dtsoftbus01 - ok
13:33:01.0984 1784        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
13:33:02.0125 1784        EapHost - ok
13:33:02.0156 1784        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
13:33:02.0296 1784        ERSvc - ok
13:33:02.0343 1784        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
13:33:02.0390 1784        Eventlog - ok
13:33:02.0406 1784        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
13:33:02.0437 1784        EventSystem - ok
13:33:02.0468 1784        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:33:02.0609 1784        Fastfat - ok
13:33:02.0640 1784        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
13:33:02.0703 1784        FastUserSwitchingCompatibility - ok
13:33:02.0718 1784        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:33:02.0843 1784        Fdc - ok
13:33:02.0890 1784        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
13:33:03.0000 1784        Fips - ok
13:33:03.0015 1784        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:33:03.0187 1784        Flpydisk - ok
13:33:03.0250 1784        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:33:03.0406 1784        FltMgr - ok
13:33:03.0500 1784        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:33:03.0515 1784        FontCache3.0.0.0 - ok
13:33:03.0546 1784        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:33:03.0718 1784        Fs_Rec - ok
13:33:03.0765 1784        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:33:03.0953 1784        Ftdisk - ok
13:33:03.0968 1784        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:33:04.0125 1784        Gpc - ok
13:33:04.0250 1784        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
13:33:04.0265 1784        gupdate - ok
13:33:04.0296 1784        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
13:33:04.0312 1784        gupdatem - ok
13:33:04.0359 1784        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:33:04.0484 1784        helpsvc - ok
13:33:04.0484 1784        HidServ - ok
13:33:04.0500 1784        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:33:04.0640 1784        HidUsb - ok
13:33:04.0703 1784        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
13:33:04.0875 1784        hkmsvc - ok
13:33:04.0875 1784        hpn - ok
13:33:04.0890 1784        hpt3xx - ok
13:33:04.0984 1784        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:33:05.0062 1784        HTTP - ok
13:33:05.0125 1784        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
13:33:05.0281 1784        HTTPFilter - ok
13:33:05.0281 1784        i2omgmt - ok
13:33:05.0296 1784        i2omp - ok
13:33:05.0359 1784        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:33:05.0484 1784        i8042prt - ok
13:33:05.0562 1784        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:33:05.0625 1784        idsvc - ok
13:33:05.0656 1784        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:33:05.0765 1784        Imapi - ok
13:33:05.0796 1784        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe
13:33:05.0937 1784        ImapiService - ok
13:33:05.0937 1784        ini910u - ok
13:33:05.0968 1784        IntelIde - ok
13:33:06.0015 1784        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:33:06.0140 1784        ip6fw - ok
13:33:06.0171 1784        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:33:06.0343 1784        IpFilterDriver - ok
13:33:06.0375 1784        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:33:06.0500 1784        IpInIp - ok
13:33:06.0531 1784        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:33:06.0671 1784        IpNat - ok
13:33:06.0687 1784        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:33:06.0812 1784        IPSec - ok
13:33:06.0859 1784        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
13:33:06.0984 1784        irda - ok
13:33:07.0015 1784        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:33:07.0156 1784        IRENUM - ok
13:33:07.0187 1784        Irmon          (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
13:33:07.0296 1784        Irmon - ok
13:33:07.0343 1784        IrUSB          (198f123f95f7fd86d8d5c8ca90e79d8a) C:\WINDOWS\system32\DRIVERS\IrUSB.sys
13:33:07.0359 1784        IrUSB ( UnsignedFile.Multi.Generic ) - warning
13:33:07.0359 1784        IrUSB - detected UnsignedFile.Multi.Generic (1)
13:33:07.0421 1784        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:33:07.0546 1784        isapnp - ok
13:33:07.0656 1784        JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Programme\Java\jre6\bin\jqs.exe
13:33:07.0671 1784        JavaQuickStarterService - ok
13:33:07.0703 1784        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:33:07.0828 1784        Kbdclass - ok
13:33:07.0875 1784        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:33:08.0000 1784        kmixer - ok
13:33:08.0015 1784        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:33:08.0109 1784        KSecDD - ok
13:33:08.0156 1784        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
13:33:08.0203 1784        lanmanserver - ok
13:33:08.0265 1784        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
13:33:08.0312 1784        lanmanworkstation - ok
13:33:08.0312 1784        lbrtfdc - ok
13:33:08.0359 1784        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
13:33:08.0500 1784        LmHosts - ok
13:33:08.0515 1784        MBAMProtector - ok
13:33:08.0578 1784        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
13:33:08.0640 1784        MBAMService - ok
13:33:08.0687 1784        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
13:33:08.0796 1784        Messenger - ok
13:33:08.0828 1784        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:33:09.0031 1784        mnmdd - ok
13:33:09.0078 1784        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
13:33:09.0187 1784        mnmsrvc - ok
13:33:09.0234 1784        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
13:33:09.0359 1784        Modem - ok
13:33:09.0390 1784        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:33:09.0531 1784        Mouclass - ok
13:33:09.0593 1784        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:33:09.0734 1784        mouhid - ok
13:33:09.0750 1784        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:33:09.0890 1784        MountMgr - ok
13:33:09.0953 1784        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
13:33:10.0000 1784        MozillaMaintenance - ok
13:33:10.0000 1784        mraid35x - ok
13:33:10.0031 1784        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:33:10.0171 1784        MRxDAV - ok
13:33:10.0218 1784        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:33:10.0312 1784        MRxSmb - ok
13:33:10.0343 1784        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe
13:33:10.0484 1784        MSDTC - ok
13:33:10.0515 1784        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:33:10.0640 1784        Msfs - ok
13:33:10.0750 1784        MSIRCOMM        (95c6432151ccff8617352f8e616a1aa4) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
13:33:10.0875 1784        MSIRCOMM - ok
13:33:10.0890 1784        MSIServer - ok
13:33:10.0921 1784        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:33:11.0062 1784        MSKSSRV - ok
13:33:11.0093 1784        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:33:11.0234 1784        MSPCLOCK - ok
13:33:11.0265 1784        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:33:11.0375 1784        MSPQM - ok
13:33:11.0406 1784        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:33:11.0515 1784        mssmbios - ok
13:33:11.0546 1784        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:33:11.0593 1784        Mup - ok
13:33:11.0625 1784        MxlW2k          (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys
13:33:11.0640 1784        MxlW2k ( UnsignedFile.Multi.Generic ) - warning
13:33:11.0640 1784        MxlW2k - detected UnsignedFile.Multi.Generic (1)
13:33:11.0687 1784        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
13:33:11.0828 1784        napagent - ok
13:33:11.0843 1784        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:33:11.0968 1784        NDIS - ok
13:33:12.0015 1784        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:33:12.0078 1784        NdisTapi - ok
13:33:12.0109 1784        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:33:12.0234 1784        Ndisuio - ok
13:33:12.0281 1784        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:33:12.0406 1784        NdisWan - ok
13:33:12.0437 1784        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:33:12.0484 1784        NDProxy - ok
13:33:12.0500 1784        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:33:12.0609 1784        NetBIOS - ok
13:33:12.0640 1784        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:33:12.0765 1784        NetBT - ok
13:33:12.0812 1784        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
13:33:12.0953 1784        NetDDE - ok
13:33:12.0953 1784        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
13:33:13.0093 1784        NetDDEdsdm - ok
13:33:13.0109 1784        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
13:33:13.0250 1784        Netlogon - ok
13:33:13.0296 1784        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
13:33:13.0406 1784        Netman - ok
13:33:13.0500 1784        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:33:13.0515 1784        NetTcpPortSharing - ok
13:33:13.0546 1784        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
13:33:13.0578 1784        Nla - ok
13:33:13.0593 1784        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:33:13.0718 1784        Npfs - ok
13:33:13.0750 1784        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:33:13.0906 1784        Ntfs - ok
13:33:13.0921 1784        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
13:33:14.0046 1784        NtLmSsp - ok
13:33:14.0109 1784        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
13:33:14.0265 1784        NtmsSvc - ok
13:33:14.0312 1784        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:33:14.0484 1784        Null - ok
13:33:14.0593 1784        nv              (cd2acd06129c4107df4483b298a05290) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:33:14.0812 1784        nv - ok
13:33:14.0859 1784        nvata          (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
13:33:14.0890 1784        nvata - ok
13:33:14.0921 1784        NVENETFD        (b9333604527e02cd2223f200c0bae7e0) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
13:33:14.0937 1784        NVENETFD - ok
13:33:14.0953 1784        nvnetbus        (5e9e55f7ee644c7c5fd78a206fbe37ab) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
13:33:15.0000 1784        nvnetbus - ok
13:33:15.0015 1784        NVSvc          (4a6124c70c9e46565d31ff799750dc64) C:\WINDOWS\System32\nvsvc32.exe
13:33:15.0031 1784        NVSvc - ok
13:33:15.0062 1784        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:33:15.0250 1784        NwlnkFlt - ok
13:33:15.0265 1784        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:33:15.0421 1784        NwlnkFwd - ok
13:33:15.0437 1784        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
13:33:15.0578 1784        Parport - ok
13:33:15.0578 1784        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:33:15.0718 1784        PartMgr - ok
13:33:15.0734 1784        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
13:33:15.0890 1784        ParVdm - ok
13:33:15.0906 1784        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
13:33:16.0031 1784        PCI - ok
13:33:16.0046 1784        PCIDump - ok
13:33:16.0093 1784        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:33:16.0250 1784        PCIIde - ok
13:33:16.0281 1784        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:33:16.0390 1784        Pcmcia - ok
13:33:16.0390 1784        PDCOMP - ok
13:33:16.0406 1784        PDFRAME - ok
13:33:16.0421 1784        PDRELI - ok
13:33:16.0437 1784        PDRFRAME - ok
13:33:16.0437 1784        perc2 - ok
13:33:16.0453 1784        perc2hib - ok
13:33:16.0531 1784        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
13:33:16.0546 1784        PlugPlay - ok
13:33:16.0593 1784        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
13:33:16.0703 1784        PolicyAgent - ok
13:33:16.0718 1784        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:33:16.0843 1784        PptpMiniport - ok
13:33:16.0859 1784        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
13:33:16.0984 1784        Processor - ok
13:33:16.0984 1784        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
13:33:17.0125 1784        ProtectedStorage - ok
13:33:17.0140 1784        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:33:17.0265 1784        PSched - ok
13:33:17.0296 1784        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:33:17.0437 1784        Ptilink - ok
13:33:17.0437 1784        ql1080 - ok
13:33:17.0453 1784        Ql10wnt - ok
13:33:17.0468 1784        ql12160 - ok
13:33:17.0484 1784        ql1240 - ok
13:33:17.0484 1784        ql1280 - ok
13:33:17.0546 1784        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:33:17.0703 1784        RasAcd - ok
13:33:17.0718 1784        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
13:33:17.0859 1784        RasAuto - ok
13:33:17.0875 1784        Rasirda        (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
13:33:17.0937 1784        Rasirda - ok
13:33:17.0953 1784        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:33:18.0078 1784        Rasl2tp - ok
13:33:18.0109 1784        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
13:33:18.0250 1784        RasMan - ok
13:33:18.0250 1784        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:33:18.0390 1784        RasPppoe - ok
13:33:18.0390 1784        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:33:18.0578 1784        Raspti - ok
13:33:18.0609 1784        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:33:18.0734 1784        Rdbss - ok
13:33:18.0750 1784        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:33:18.0906 1784        RDPCDD - ok
13:33:19.0031 1784        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:33:19.0203 1784        rdpdr - ok
13:33:19.0328 1784        RDPWD          (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
13:33:19.0531 1784        RDPWD - ok
13:33:19.0687 1784        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
13:33:19.0859 1784        RDSessMgr - ok
13:33:19.0921 1784        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:33:20.0109 1784        redbook - ok
13:33:20.0187 1784        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
13:33:20.0375 1784        RemoteAccess - ok
13:33:20.0468 1784        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
13:33:20.0625 1784        RemoteRegistry - ok
13:33:20.0781 1784        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
13:33:20.0937 1784        RpcLocator - ok
13:33:20.0984 1784        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
13:33:21.0062 1784        RpcSs - ok
13:33:21.0125 1784        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
13:33:21.0328 1784        RSVP - ok
13:33:21.0375 1784        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
13:33:21.0500 1784        SamSs - ok
13:33:21.0531 1784        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
13:33:21.0687 1784        SCardSvr - ok
13:33:21.0718 1784        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
13:33:21.0890 1784        Schedule - ok
13:33:22.0031 1784        SearchAnonymizer (f4bd8926afb3b2067f2bd210032ec3be) C:\Dokumente und Einstellungen\Andreas\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
13:33:22.0093 1784        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
13:33:22.0093 1784        SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
13:33:22.0156 1784        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:33:22.0281 1784        Secdrv - ok
13:33:22.0312 1784        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
13:33:22.0453 1784        seclogon - ok
13:33:22.0484 1784        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
13:33:22.0625 1784        SENS - ok
13:33:22.0640 1784        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:33:22.0796 1784        serenum - ok
13:33:22.0812 1784        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
13:33:22.0953 1784        Serial - ok
13:33:23.0000 1784        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:33:23.0156 1784        Sfloppy - ok
13:33:23.0203 1784        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
13:33:23.0390 1784        SharedAccess - ok
13:33:23.0421 1784        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
13:33:23.0468 1784        ShellHWDetection - ok
13:33:23.0468 1784        Simbad - ok
13:33:23.0500 1784        Sparrow - ok
13:33:23.0531 1784        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:33:23.0656 1784        splitter - ok
13:33:23.0718 1784        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:33:23.0781 1784        Spooler - ok
13:33:23.0796 1784        sptd - ok
13:33:23.0812 1784        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
13:33:23.0937 1784        sr - ok
13:33:23.0968 1784        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
13:33:24.0125 1784        srservice - ok
13:33:24.0203 1784        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:33:24.0328 1784        Srv - ok
13:33:24.0359 1784        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
13:33:24.0500 1784        SSDPSRV - ok
13:33:24.0531 1784        SSHDRV61        (90dcc161d96689e770519c76accea8b1) C:\WINDOWS\System32\drivers\SSHDRV61.sys
13:33:24.0578 1784        SSHDRV61 ( UnsignedFile.Multi.Generic ) - warning
13:33:24.0578 1784        SSHDRV61 - detected UnsignedFile.Multi.Generic (1)
13:33:24.0625 1784        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
13:33:24.0640 1784        ssmdrv - ok
13:33:24.0640 1784        StarOpen - ok
13:33:24.0687 1784        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
13:33:24.0890 1784        stisvc - ok
13:33:24.0937 1784        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:33:25.0093 1784        swenum - ok
13:33:25.0125 1784        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:33:25.0265 1784        swmidi - ok
13:33:25.0296 1784        SwPrv - ok
13:33:25.0312 1784        symc810 - ok
13:33:25.0328 1784        symc8xx - ok
13:33:25.0343 1784        sym_hi - ok
13:33:25.0359 1784        sym_u3 - ok
13:33:25.0375 1784        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:33:25.0546 1784        sysaudio - ok
13:33:25.0625 1784        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
13:33:25.0781 1784        SysmonLog - ok
13:33:25.0937 1784        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
13:33:26.0140 1784        TapiSrv - ok
13:33:26.0359 1784        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:33:26.0500 1784        Tcpip - ok
13:33:26.0578 1784        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:33:26.0718 1784        TDPIPE - ok
13:33:26.0765 1784        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:33:26.0921 1784        TDTCP - ok
13:33:27.0000 1784        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:33:27.0140 1784        TermDD - ok
13:33:27.0281 1784        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
13:33:27.0468 1784        TermService - ok
13:33:27.0578 1784        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
13:33:27.0609 1784        Themes - ok
13:33:27.0671 1784        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
13:33:27.0828 1784        TlntSvr - ok
13:33:27.0843 1784        TosIde - ok
13:33:27.0921 1784        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
13:33:28.0125 1784        TrkWks - ok
13:33:28.0203 1784        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:33:28.0375 1784        Udfs - ok
13:33:28.0375 1784        ultra - ok
13:33:28.0484 1784        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:33:28.0718 1784        Update - ok
13:33:28.0828 1784        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
13:33:29.0000 1784        upnphost - ok
13:33:29.0046 1784        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
13:33:29.0203 1784        UPS - ok
13:33:29.0265 1784        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:33:29.0437 1784        usbccgp - ok
13:33:29.0468 1784        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:33:29.0640 1784        usbhub - ok
13:33:29.0687 1784        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:33:29.0843 1784        usbohci - ok
13:33:29.0906 1784        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:33:30.0093 1784        usbprint - ok
13:33:30.0171 1784        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:33:30.0343 1784        usbscan - ok
13:33:30.0390 1784        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:33:30.0562 1784        USBSTOR - ok
13:33:30.0593 1784        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:33:30.0781 1784        VgaSave - ok
13:33:30.0781 1784        ViaIde - ok
13:33:30.0828 1784        VolSnap        (4dc8a879a7f7c136e5fa10c6295d6d31) C:\WINDOWS\system32\drivers\VolSnap.sys
13:33:30.0828 1784        Suspicious file (Forged): C:\WINDOWS\system32\drivers\VolSnap.sys. Real md5: 4dc8a879a7f7c136e5fa10c6295d6d31, Fake md5: a5a712f4e880874a477af790b5186e1d
13:33:30.0843 1784        VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - infected
13:33:30.0843 1784        VolSnap - detected Rootkit.Win32.TDSS.tdl3 (0)
13:33:30.0921 1784        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
13:33:31.0437 1784        VSS - ok
13:33:31.0500 1784        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll
13:33:31.0750 1784        W32Time - ok
13:33:31.0843 1784        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:33:32.0046 1784        Wanarp - ok
13:33:32.0046 1784        WDICA - ok
13:33:32.0109 1784        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:33:32.0265 1784        wdmaud - ok
13:33:32.0328 1784        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
13:33:32.0484 1784        WebClient - ok
13:33:32.0703 1784        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:33:32.0890 1784        winmgmt - ok
13:33:33.0031 1784        WmdmPmSN        (6e18978b749f0696a774de3f2cb142dd) C:\WINDOWS\system32\MsPMSNSv.dll
13:33:33.0218 1784        WmdmPmSN - ok
13:33:33.0453 1784        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
13:33:33.0828 1784        Wmi - ok
13:33:33.0937 1784        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
13:33:34.0187 1784        WmiApSrv - ok
13:33:34.0312 1784        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
13:33:34.0687 1784        wscsvc - ok
13:33:34.0750 1784        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
13:33:34.0953 1784        wuauserv - ok
13:33:35.0078 1784        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:33:35.0453 1784        WudfPf - ok
13:33:35.0484 1784        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:33:35.0671 1784        WudfRd - ok
13:33:35.0718 1784        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:33:35.0859 1784        WudfSvc - ok
13:33:36.0203 1784        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
13:33:36.0718 1784        WZCSVC - ok
13:33:36.0734 1784        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
13:33:36.0953 1784        xmlprov - ok
13:33:36.0968 1784        MBR (0x1B8)    (e24810ee950b6f5f27cb02111df934e3) \Device\Harddisk0\DR0
13:33:36.0984 1784        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
13:33:36.0984 1784        \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
13:33:37.0281 1784        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2
13:33:38.0343 1784        \Device\Harddisk1\DR2 - ok
13:33:38.0375 1784        Boot (0x1200)  (3c104e373481fcbd06de79f1d8059706) \Device\Harddisk0\DR0\Partition0
13:33:38.0390 1784        \Device\Harddisk0\DR0\Partition0 - ok
13:33:38.0406 1784        Boot (0x1200)  (b8edbc127af70cf160cb0b62c107b092) \Device\Harddisk1\DR2\Partition0
13:33:38.0421 1784        \Device\Harddisk1\DR2\Partition0 - ok
13:33:38.0421 1784        ============================================================
13:33:38.0421 1784        Scan finished
13:33:38.0421 1784        ============================================================
13:33:38.0625 0992        Detected object count: 8
13:33:38.0625 0992        Actual detected object count: 8
13:35:39.0921 0992        ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:39.0921 0992        ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:35:39.0921 0992        BIOS ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:39.0921 0992        BIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:35:39.0937 0992        IrUSB ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:39.0937 0992        IrUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:35:39.0937 0992        MxlW2k ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:39.0937 0992        MxlW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:35:39.0937 0992        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:39.0937 0992        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:35:39.0937 0992        SSHDRV61 ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:39.0937 0992        SSHDRV61 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:35:40.0187 0992        C:\WINDOWS\system32\drivers\VolSnap.sys - copied to quarantine
13:35:40.0890 0992        Backup copy found, using it..
13:35:40.0984 0992        C:\WINDOWS\system32\drivers\VolSnap.sys - will be cured on reboot
13:35:40.0984 0992        VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Cure
13:35:41.0390 0992        \Device\Harddisk0\DR0\# - copied to quarantine
13:35:41.0390 0992        \Device\Harddisk0\DR0 - copied to quarantine
13:35:41.0390 0992        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - will be cured on reboot
13:35:41.0390 0992        \Device\Harddisk0\DR0 - ok
13:35:41.0390 0992        \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure
13:35:55.0078 2088        Deinitialize success
Öhm ... ich hab wohl so'n Mail-Bot am Start ... ich hab grad meine Mails gecheckt und seh in meinem Posteingang eine Mail.
Absender: meine eigene Adresse
Betreff "RE: FW: whats up..."
Empfänger: ALLE eMailadressen, mit denen ich derletzt verkehrt hab + aus'm Adressenbuch
Inhalt: "I guess your job search is going well. ..." und so'n webcams.holidayvalley.com-Link, den ich nich anklicken werd.

Kranke Sache, soll ich nen extra-Thread aufmachen?

cosinus 06.08.2012 13:19
Du solltest auch ein neues Log mit dem TDSS-Killer machen! Wieder alles skippen!

v2k 06.08.2012 13:58
Sorry, ich hatte das wohl nich richtig verstanden/ ich war durch den Wind wegen der Mails ...

Code:
14:55:37.0984 1640        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
14:55:39.0984 1640        ============================================================
14:55:39.0984 1640        Current date / time: 2012/08/06 14:55:39.0984
14:55:39.0984 1640        SystemInfo:
14:55:39.0984 1640       
14:55:39.0984 1640        OS Version: 5.1.2600 ServicePack: 3.0
14:55:39.0984 1640        Product type: Workstation
14:55:39.0984 1640        ComputerName: ANDREAS-IE3OGLJ
14:55:39.0984 1640        UserName: Andreas
14:55:39.0984 1640        Windows directory: C:\WINDOWS
14:55:39.0984 1640        System windows directory: C:\WINDOWS
14:55:39.0984 1640        Processor architecture: Intel x86
14:55:39.0984 1640        Number of processors: 1
14:55:39.0984 1640        Page size: 0x1000
14:55:39.0984 1640        Boot type: Normal boot
14:55:39.0984 1640        ============================================================
14:55:42.0046 1640        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:55:42.0109 1640        Drive \Device\Harddisk1\DR2 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:55:49.0500 1640        ============================================================
14:55:49.0500 1640        \Device\Harddisk0\DR0:
14:55:49.0500 1640        MBR partitions:
14:55:49.0500 1640        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05
14:55:49.0500 1640        \Device\Harddisk1\DR2:
14:55:49.0515 1640        MBR partitions:
14:55:49.0515 1640        \Device\Harddisk1\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
14:55:49.0515 1640        ============================================================
14:55:49.0609 1640        C: <-> \Device\Harddisk0\DR0\Partition0
14:55:49.0703 1640        E: <-> \Device\Harddisk1\DR2\Partition0
14:55:49.0734 1640        ============================================================
14:55:49.0734 1640        Initialize success
14:55:49.0734 1640        ============================================================
14:55:57.0468 0716        ============================================================
14:55:57.0468 0716        Scan started
14:55:57.0468 0716        Mode: Manual; SigCheck; TDLFS;
14:55:57.0468 0716        ============================================================
14:55:57.0718 0716        Abiosdsk - ok
14:55:57.0734 0716        abp480n5 - ok
14:55:57.0796 0716        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:56:00.0781 0716        ACPI - ok
14:56:00.0843 0716        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:56:01.0046 0716        ACPIEC - ok
14:56:01.0062 0716        adpu160m - ok
14:56:01.0140 0716        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:56:01.0375 0716        aec - ok
14:56:01.0421 0716        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:56:01.0515 0716        AFD - ok
14:56:01.0531 0716        Aha154x - ok
14:56:01.0546 0716        aic78u2 - ok
14:56:01.0578 0716        aic78xx - ok
14:56:01.0703 0716        ALCXWDM        (8eaa98894a004a47964dcd84f57493c1) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
14:56:01.0984 0716        ALCXWDM - ok
14:56:02.0093 0716        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
14:56:02.0281 0716        Alerter - ok
14:56:02.0312 0716        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
14:56:02.0453 0716        ALG - ok
14:56:02.0484 0716        AliIde - ok
14:56:02.0500 0716        amsint - ok
14:56:02.0625 0716        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
14:56:02.0718 0716        AntiVirSchedulerService - ok
14:56:02.0765 0716        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
14:56:02.0812 0716        AntiVirService - ok
14:56:02.0843 0716        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
14:56:03.0078 0716        AppMgmt - ok
14:56:03.0093 0716        asc - ok
14:56:03.0109 0716        asc3350p - ok
14:56:03.0125 0716        asc3550 - ok
14:56:03.0203 0716        ASPI            (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\System32\DRIVERS\ASPI32.sys
14:56:03.0265 0716        ASPI ( UnsignedFile.Multi.Generic ) - warning
14:56:03.0265 0716        ASPI - detected UnsignedFile.Multi.Generic (1)
14:56:03.0359 0716        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:56:03.0453 0716        aspnet_state - ok
14:56:03.0500 0716        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:56:03.0671 0716        AsyncMac - ok
14:56:03.0703 0716        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:56:03.0906 0716        atapi - ok
14:56:03.0921 0716        Atdisk - ok
14:56:03.0968 0716        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:56:04.0156 0716        Atmarpc - ok
14:56:04.0203 0716        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
14:56:04.0390 0716        AudioSrv - ok
14:56:04.0421 0716        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:56:04.0625 0716        audstub - ok
14:56:04.0656 0716        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:56:05.0875 0716        avgntflt - ok
14:56:05.0968 0716        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:56:06.0031 0716        avipbb - ok
14:56:06.0171 0716        avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:56:06.0250 0716        avkmgr - ok
14:56:06.0312 0716        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:56:06.0593 0716        Beep - ok
14:56:06.0640 0716        BIOS            (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\System32\drivers\BIOS.sys
14:56:06.0734 0716        BIOS ( UnsignedFile.Multi.Generic ) - warning
14:56:06.0734 0716        BIOS - detected UnsignedFile.Multi.Generic (1)
14:56:06.0812 0716        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\System32\qmgr.dll
14:56:07.0250 0716        BITS - ok
14:56:07.0281 0716        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
14:56:07.0531 0716        Browser - ok
14:56:07.0562 0716        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:56:07.0781 0716        cbidf2k - ok
14:56:07.0796 0716        cd20xrnt - ok
14:56:07.0843 0716        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:56:08.0171 0716        Cdaudio - ok
14:56:08.0234 0716        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:56:08.0421 0716        Cdfs - ok
14:56:08.0468 0716        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:56:08.0781 0716        Cdrom - ok
14:56:08.0796 0716        Changer - ok
14:56:08.0828 0716        cisvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\System32\cisvc.exe
14:56:09.0125 0716        cisvc - ok
14:56:09.0156 0716        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
14:56:09.0390 0716        ClipSrv - ok
14:56:09.0468 0716        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:56:09.0906 0716        clr_optimization_v2.0.50727_32 - ok
14:56:09.0921 0716        CmdIde - ok
14:56:09.0937 0716        COMSysApp - ok
14:56:09.0984 0716        Cpqarray - ok
14:56:10.0031 0716        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
14:56:10.0250 0716        CryptSvc - ok
14:56:10.0265 0716        dac2w2k - ok
14:56:10.0296 0716        dac960nt - ok
14:56:10.0390 0716        dbustrcm - ok
14:56:10.0453 0716        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:56:10.0562 0716        DcomLaunch - ok
14:56:10.0640 0716        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
14:56:10.0890 0716        Dhcp - ok
14:56:10.0937 0716        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:56:11.0218 0716        Disk - ok
14:56:11.0250 0716        dmadmin - ok
14:56:11.0328 0716        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:56:11.0640 0716        dmboot - ok
14:56:11.0687 0716        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:56:11.0875 0716        dmio - ok
14:56:11.0968 0716        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:56:12.0203 0716        dmload - ok
14:56:12.0281 0716        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
14:56:12.0500 0716        dmserver - ok
14:56:12.0546 0716        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:56:12.0734 0716        DMusic - ok
14:56:12.0843 0716        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
14:56:13.0265 0716        Dnscache - ok
14:56:13.0796 0716        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
14:56:14.0156 0716        Dot3svc - ok
14:56:14.0171 0716        dpti2o - ok
14:56:14.0250 0716        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:56:14.0515 0716        drmkaud - ok
14:56:14.0703 0716        dtsoftbus01    (16c5891c6d1fa0b5d9014f85a482eb20) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
14:56:14.0734 0716        dtsoftbus01 - ok
14:56:15.0078 0716        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
14:56:15.0328 0716        EapHost - ok
14:56:15.0468 0716        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
14:56:16.0000 0716        ERSvc - ok
14:56:16.0093 0716        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:56:16.0234 0716        Eventlog - ok
14:56:16.0437 0716        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
14:56:16.0515 0716        EventSystem - ok
14:56:16.0546 0716        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:56:16.0875 0716        Fastfat - ok
14:56:16.0921 0716        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:56:17.0031 0716        FastUserSwitchingCompatibility - ok
14:56:17.0078 0716        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:56:17.0312 0716        Fdc - ok
14:56:17.0343 0716        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:56:17.0578 0716        Fips - ok
14:56:17.0609 0716        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:56:17.0812 0716        Flpydisk - ok
14:56:17.0859 0716        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:56:18.0109 0716        FltMgr - ok
14:56:18.0265 0716        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:56:18.0359 0716        FontCache3.0.0.0 - ok
14:56:18.0421 0716        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:56:18.0703 0716        Fs_Rec - ok
14:56:18.0734 0716        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:56:18.0968 0716        Ftdisk - ok
14:56:19.0031 0716        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:56:19.0203 0716        Gpc - ok
14:56:19.0359 0716        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
14:56:19.0390 0716        gupdate - ok
14:56:19.0421 0716        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
14:56:19.0437 0716        gupdatem - ok
14:56:19.0531 0716        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:56:19.0718 0716        helpsvc - ok
14:56:19.0718 0716        HidServ - ok
14:56:19.0750 0716        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:56:19.0953 0716        HidUsb - ok
14:56:20.0031 0716        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
14:56:20.0265 0716        hkmsvc - ok
14:56:20.0281 0716        hpn - ok
14:56:20.0328 0716        hpt3xx - ok
14:56:20.0484 0716        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:56:20.0562 0716        HTTP - ok
14:56:20.0593 0716        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
14:56:20.0843 0716        HTTPFilter - ok
14:56:20.0859 0716        i2omgmt - ok
14:56:20.0875 0716        i2omp - ok
14:56:20.0921 0716        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:56:21.0171 0716        i8042prt - ok
14:56:21.0359 0716        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:56:21.0921 0716        idsvc - ok
14:56:21.0953 0716        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:56:22.0234 0716        Imapi - ok
14:56:22.0281 0716        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe
14:56:22.0468 0716        ImapiService - ok
14:56:22.0515 0716        ini910u - ok
14:56:22.0546 0716        IntelIde - ok
14:56:22.0593 0716        ip6fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:56:22.0812 0716        ip6fw - ok
14:56:22.0859 0716        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:56:23.0171 0716        IpFilterDriver - ok
14:56:23.0328 0716        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:56:23.0593 0716        IpInIp - ok
14:56:23.0640 0716        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:56:23.0906 0716        IpNat - ok
14:56:23.0953 0716        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:56:24.0171 0716        IPSec - ok
14:56:24.0218 0716        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:56:24.0468 0716        irda - ok
14:56:24.0484 0716        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:56:24.0734 0716        IRENUM - ok
14:56:24.0781 0716        Irmon          (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
14:56:25.0015 0716        Irmon - ok
14:56:25.0046 0716        IrUSB          (198f123f95f7fd86d8d5c8ca90e79d8a) C:\WINDOWS\system32\DRIVERS\IrUSB.sys
14:56:25.0093 0716        IrUSB ( UnsignedFile.Multi.Generic ) - warning
14:56:25.0093 0716        IrUSB - detected UnsignedFile.Multi.Generic (1)
14:56:25.0140 0716        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:56:25.0312 0716        isapnp - ok
14:56:25.0468 0716        JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Programme\Java\jre6\bin\jqs.exe
14:56:25.0515 0716        JavaQuickStarterService - ok
14:56:25.0578 0716        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:56:25.0750 0716        Kbdclass - ok
14:56:25.0968 0716        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:56:26.0250 0716        kmixer - ok
14:56:26.0625 0716        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:56:26.0859 0716        KSecDD - ok
14:56:26.0984 0716        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
14:56:27.0109 0716        lanmanserver - ok
14:56:27.0156 0716        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
14:56:27.0281 0716        lanmanworkstation - ok
14:56:27.0296 0716        lbrtfdc - ok
14:56:27.0390 0716        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
14:56:27.0671 0716        LmHosts - ok
14:56:27.0796 0716        MBAMProtector - ok
14:56:27.0906 0716        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
14:56:28.0031 0716        MBAMService - ok
14:56:28.0109 0716        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
14:56:28.0296 0716        Messenger - ok
14:56:28.0343 0716        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:56:28.0562 0716        mnmdd - ok
14:56:28.0593 0716        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
14:56:28.0750 0716        mnmsrvc - ok
14:56:28.0781 0716        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:56:29.0109 0716        Modem - ok
14:56:29.0125 0716        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:56:29.0546 0716        Mouclass - ok
14:56:29.0593 0716        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:56:29.0812 0716        mouhid - ok
14:56:29.0828 0716        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:56:30.0000 0716        MountMgr - ok
14:56:30.0062 0716        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
14:56:30.0140 0716        MozillaMaintenance - ok
14:56:30.0156 0716        mraid35x - ok
14:56:30.0187 0716        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:56:30.0375 0716        MRxDAV - ok
14:56:30.0437 0716        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:56:30.0562 0716        MRxSmb - ok
14:56:30.0609 0716        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe
14:56:31.0046 0716        MSDTC - ok
14:56:31.0093 0716        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:56:31.0265 0716        Msfs - ok
14:56:31.0312 0716        MSIRCOMM        (95c6432151ccff8617352f8e616a1aa4) C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
14:56:31.0484 0716        MSIRCOMM - ok
14:56:31.0500 0716        MSIServer - ok
14:56:31.0531 0716        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:56:31.0687 0716        MSKSSRV - ok
14:56:31.0718 0716        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:56:31.0890 0716        MSPCLOCK - ok
14:56:31.0953 0716        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:56:32.0125 0716        MSPQM - ok
14:56:32.0156 0716        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:56:32.0296 0716        mssmbios - ok
14:56:32.0328 0716        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:56:32.0437 0716        Mup - ok
14:56:32.0484 0716        MxlW2k          (a1520761f42dbb06db7929d6fa9753ea) C:\WINDOWS\system32\drivers\MxlW2k.sys
14:56:32.0515 0716        MxlW2k ( UnsignedFile.Multi.Generic ) - warning
14:56:32.0515 0716        MxlW2k - detected UnsignedFile.Multi.Generic (1)
14:56:32.0562 0716        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
14:56:32.0765 0716        napagent - ok
14:56:32.0812 0716        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:56:33.0046 0716        NDIS - ok
14:56:33.0093 0716        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:56:33.0171 0716        NdisTapi - ok
14:56:33.0218 0716        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:56:33.0406 0716        Ndisuio - ok
14:56:33.0453 0716        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:56:33.0625 0716        NdisWan - ok
14:56:33.0750 0716        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:56:33.0921 0716        NDProxy - ok
14:56:33.0968 0716        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:56:34.0125 0716        NetBIOS - ok
14:56:34.0203 0716        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:56:34.0375 0716        NetBT - ok
14:56:34.0421 0716        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:56:34.0578 0716        NetDDE - ok
14:56:34.0593 0716        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:56:34.0718 0716        NetDDEdsdm - ok
14:56:34.0750 0716        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
14:56:34.0906 0716        Netlogon - ok
14:56:34.0968 0716        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
14:56:35.0156 0716        Netman - ok
14:56:35.0250 0716        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:56:35.0328 0716        NetTcpPortSharing - ok
14:56:35.0375 0716        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
14:56:35.0421 0716        Nla - ok
14:56:35.0484 0716        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:56:35.0640 0716        Npfs - ok
14:56:35.0671 0716        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:56:35.0906 0716        Ntfs - ok
14:56:35.0921 0716        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
14:56:36.0062 0716        NtLmSsp - ok
14:56:36.0109 0716        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
14:56:36.0328 0716        NtmsSvc - ok
14:56:36.0375 0716        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:56:36.0562 0716        Null - ok
14:56:36.0718 0716        nv              (cd2acd06129c4107df4483b298a05290) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:56:37.0281 0716        nv - ok
14:56:37.0390 0716        nvata          (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
14:56:37.0437 0716        nvata - ok
14:56:37.0484 0716        NVENETFD        (b9333604527e02cd2223f200c0bae7e0) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:56:37.0578 0716        NVENETFD - ok
14:56:37.0609 0716        nvnetbus        (5e9e55f7ee644c7c5fd78a206fbe37ab) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:56:37.0703 0716        nvnetbus - ok
14:56:37.0750 0716        NVSvc          (4a6124c70c9e46565d31ff799750dc64) C:\WINDOWS\System32\nvsvc32.exe
14:56:37.0828 0716        NVSvc - ok
14:56:37.0859 0716        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:56:38.0062 0716        NwlnkFlt - ok
14:56:38.0078 0716        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:56:38.0296 0716        NwlnkFwd - ok
14:56:38.0328 0716        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:56:38.0500 0716        Parport - ok
14:56:38.0515 0716        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:56:38.0687 0716        PartMgr - ok
14:56:38.0718 0716        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:56:38.0906 0716        ParVdm - ok
14:56:38.0953 0716        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:56:39.0140 0716        PCI - ok
14:56:39.0156 0716        PCIDump - ok
14:56:39.0234 0716        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:56:39.0437 0716        PCIIde - ok
14:56:39.0468 0716        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:56:39.0625 0716        Pcmcia - ok
14:56:39.0640 0716        PDCOMP - ok
14:56:39.0656 0716        PDFRAME - ok
14:56:39.0671 0716        PDRELI - ok
14:56:39.0687 0716        PDRFRAME - ok
14:56:39.0703 0716        perc2 - ok
14:56:39.0718 0716        perc2hib - ok
14:56:39.0796 0716        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:56:39.0812 0716        PlugPlay - ok
14:56:39.0859 0716        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
14:56:40.0000 0716        PolicyAgent - ok
14:56:40.0031 0716        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:56:40.0187 0716        PptpMiniport - ok
14:56:40.0218 0716        Processor      (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
14:56:40.0390 0716        Processor - ok
14:56:40.0406 0716        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:56:40.0546 0716        ProtectedStorage - ok
14:56:40.0562 0716        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:56:40.0734 0716        PSched - ok
14:56:40.0765 0716        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:56:40.0968 0716        Ptilink - ok
14:56:40.0984 0716        ql1080 - ok
14:56:41.0000 0716        Ql10wnt - ok
14:56:41.0015 0716        ql12160 - ok
14:56:41.0046 0716        ql1240 - ok
14:56:41.0062 0716        ql1280 - ok
14:56:41.0078 0716        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:56:41.0437 0716        RasAcd - ok
14:56:41.0500 0716        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
14:56:41.0671 0716        RasAuto - ok
14:56:41.0703 0716        Rasirda        (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:56:41.0812 0716        Rasirda - ok
14:56:41.0828 0716        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:56:42.0015 0716        Rasl2tp - ok
14:56:42.0062 0716        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
14:56:42.0421 0716        RasMan - ok
14:56:42.0484 0716        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:56:42.0671 0716        RasPppoe - ok
14:56:42.0703 0716        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:56:42.0906 0716        Raspti - ok
14:56:42.0937 0716        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:56:43.0125 0716        Rdbss - ok
14:56:43.0156 0716        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:56:43.0531 0716        RDPCDD - ok
14:56:43.0593 0716        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:56:43.0750 0716        rdpdr - ok
14:56:43.0812 0716        RDPWD          (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
14:56:43.0890 0716        RDPWD - ok
14:56:43.0937 0716        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
14:56:44.0140 0716        RDSessMgr - ok
14:56:44.0171 0716        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:56:44.0328 0716        redbook - ok
14:56:44.0359 0716        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
14:56:44.0515 0716        RemoteAccess - ok
14:56:44.0562 0716        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
14:56:44.0734 0716        RemoteRegistry - ok
14:56:44.0750 0716        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
14:56:44.0937 0716        RpcLocator - ok
14:56:44.0984 0716        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:56:45.0078 0716        RpcSs - ok
14:56:45.0109 0716        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
14:56:45.0328 0716        RSVP - ok
14:56:45.0343 0716        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:56:45.0468 0716        SamSs - ok
14:56:45.0484 0716        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
14:56:45.0656 0716        SCardSvr - ok
14:56:45.0687 0716        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
14:56:45.0859 0716        Schedule - ok
14:56:45.0968 0716        SearchAnonymizer (f4bd8926afb3b2067f2bd210032ec3be) C:\Dokumente und Einstellungen\Andreas\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
14:56:46.0046 0716        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
14:56:46.0046 0716        SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
14:56:46.0093 0716        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:56:46.0265 0716        Secdrv - ok
14:56:46.0328 0716        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
14:56:46.0484 0716        seclogon - ok
14:56:46.0531 0716        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
14:56:46.0703 0716        SENS - ok
14:56:46.0750 0716        serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:56:46.0906 0716        serenum - ok
14:56:46.0937 0716        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:56:47.0281 0716        Serial - ok
14:56:47.0359 0716        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:56:47.0515 0716        Sfloppy - ok
14:56:47.0562 0716        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
14:56:47.0750 0716        SharedAccess - ok
14:56:47.0843 0716        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:56:47.0906 0716        ShellHWDetection - ok
14:56:47.0937 0716        Simbad - ok
14:56:48.0000 0716        Sparrow - ok
14:56:48.0125 0716        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:56:48.0281 0716        splitter - ok
14:56:48.0328 0716        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:56:48.0390 0716        Spooler - ok
14:56:48.0421 0716        sptd - ok
14:56:48.0468 0716        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:56:48.0671 0716        sr - ok
14:56:48.0781 0716        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
14:56:49.0015 0716        srservice - ok
14:56:49.0218 0716        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:56:49.0468 0716        Srv - ok
14:56:49.0578 0716        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
14:56:49.0828 0716        SSDPSRV - ok
14:56:49.0890 0716        SSHDRV61        (90dcc161d96689e770519c76accea8b1) C:\WINDOWS\System32\drivers\SSHDRV61.sys
14:56:49.0953 0716        SSHDRV61 ( UnsignedFile.Multi.Generic ) - warning
14:56:49.0953 0716        SSHDRV61 - detected UnsignedFile.Multi.Generic (1)
14:56:50.0031 0716        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:56:50.0078 0716        ssmdrv - ok
14:56:50.0093 0716        StarOpen - ok
14:56:50.0171 0716        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
14:56:50.0375 0716        stisvc - ok
14:56:50.0421 0716        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:56:50.0593 0716        swenum - ok
14:56:50.0640 0716        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:56:50.0796 0716        swmidi - ok
14:56:50.0890 0716        SwPrv - ok
14:56:50.0921 0716        symc810 - ok
14:56:50.0937 0716        symc8xx - ok
14:56:50.0968 0716        sym_hi - ok
14:56:50.0984 0716        sym_u3 - ok
14:56:51.0015 0716        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:56:51.0312 0716        sysaudio - ok
14:56:51.0375 0716        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
14:56:51.0640 0716        SysmonLog - ok
14:56:51.0703 0716        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
14:56:51.0968 0716        TapiSrv - ok
14:56:52.0015 0716        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:56:52.0250 0716        Tcpip - ok
14:56:52.0265 0716        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:56:52.0500 0716        TDPIPE - ok
14:56:52.0562 0716        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:56:52.0859 0716        TDTCP - ok
14:56:52.0953 0716        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:56:53.0609 0716        TermDD - ok
14:56:53.0687 0716        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
14:56:54.0203 0716        TermService - ok
14:56:54.0281 0716        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:56:54.0343 0716        Themes - ok
14:56:54.0437 0716        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
14:56:54.0734 0716        TlntSvr - ok
14:56:54.0781 0716        TosIde - ok
14:56:54.0828 0716        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
14:56:55.0078 0716        TrkWks - ok
14:56:55.0140 0716        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:56:55.0359 0716        Udfs - ok
14:56:55.0406 0716        ultra - ok
14:56:55.0468 0716        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:56:55.0750 0716        Update - ok
14:56:55.0843 0716        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
14:56:56.0109 0716        upnphost - ok
14:56:56.0109 0716        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
14:56:56.0359 0716        UPS - ok
14:56:56.0421 0716        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:56:56.0656 0716        usbccgp - ok
14:56:56.0703 0716        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:56:56.0937 0716        usbhub - ok
14:56:57.0062 0716        usbohci        (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:56:57.0328 0716        usbohci - ok
14:56:57.0375 0716        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:56:57.0609 0716        usbprint - ok
14:56:57.0640 0716        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:56:57.0859 0716        usbscan - ok
14:56:57.0921 0716        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:56:58.0171 0716        USBSTOR - ok
14:56:58.0234 0716        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:56:58.0453 0716        VgaSave - ok
14:56:58.0468 0716        ViaIde - ok
14:56:58.0562 0716        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:56:58.0796 0716        VolSnap - ok
14:56:58.0859 0716        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
14:56:59.0187 0716        VSS - ok
14:56:59.0218 0716        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll
14:56:59.0468 0716        W32Time - ok
14:56:59.0531 0716        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:56:59.0781 0716        Wanarp - ok
14:56:59.0796 0716        WDICA - ok
14:56:59.0875 0716        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:57:00.0140 0716        wdmaud - ok
14:57:00.0187 0716        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
14:57:00.0421 0716        WebClient - ok
14:57:00.0578 0716        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:57:00.0843 0716        winmgmt - ok
14:57:01.0593 0716        WmdmPmSN        (6e18978b749f0696a774de3f2cb142dd) C:\WINDOWS\system32\MsPMSNSv.dll
14:57:01.0734 0716        WmdmPmSN - ok
14:57:02.0015 0716        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
14:57:02.0265 0716        Wmi - ok
14:57:02.0375 0716        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
14:57:02.0500 0716        WmiApSrv - ok
14:57:02.0703 0716        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
14:57:02.0890 0716        wscsvc - ok
14:57:03.0312 0716        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
14:57:03.0656 0716        wuauserv - ok
14:57:03.0750 0716        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:57:04.0000 0716        WudfPf - ok
14:57:04.0078 0716        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:57:04.0921 0716        WudfRd - ok
14:57:04.0968 0716        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:57:05.0078 0716        WudfSvc - ok
14:57:05.0140 0716        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
14:57:05.0375 0716        WZCSVC - ok
14:57:05.0421 0716        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
14:57:05.0625 0716        xmlprov - ok
14:57:05.0656 0716        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
14:57:06.0171 0716        \Device\Harddisk0\DR0 - ok
14:57:06.0296 0716        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2
14:57:07.0156 0716        \Device\Harddisk1\DR2 - ok
14:57:07.0171 0716        Boot (0x1200)  (3c104e373481fcbd06de79f1d8059706) \Device\Harddisk0\DR0\Partition0
14:57:07.0171 0716        \Device\Harddisk0\DR0\Partition0 - ok
14:57:07.0218 0716        Boot (0x1200)  (b8edbc127af70cf160cb0b62c107b092) \Device\Harddisk1\DR2\Partition0
14:57:07.0250 0716        \Device\Harddisk1\DR2\Partition0 - ok
14:57:07.0250 0716        ============================================================
14:57:07.0250 0716        Scan finished
14:57:07.0250 0716        ============================================================
14:57:07.0500 3748        Detected object count: 6
14:57:07.0500 3748        Actual detected object count: 6
14:57:22.0750 3748        ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0750 3748        ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0750 3748        BIOS ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0750 3748        BIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0750 3748        IrUSB ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0750 3748        IrUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0750 3748        MxlW2k ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0750 3748        MxlW2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0765 3748        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0765 3748        SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:22.0765 3748        SSHDRV61 ( UnsignedFile.Multi.Generic ) - skipped by user
14:57:22.0765 3748        SSHDRV61 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:57:28.0953 3484        Deinitialize success

cosinus 06.08.2012 20:04
Ok, gut :daumenhoc

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

v2k 07.08.2012 09:20
:)

Es ging soweit ohne Fehlermeldungen vonstatten.

Code:
ComboFix 12-08-05.02 - Andreas 07.08.2012  9:47.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.446.202 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Andreas\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Andreas\WINDOWS
c:\programme\driver
C:\Thumbs.db
C:\Washer2.rar
c:\windows\_iserr31.ini
c:\windows\IsUn0407.exe
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\system32\kock
c:\windows\system32\UAs
c:\windows\system32\UAs\firefox.exe_UAs001.dat
c:\windows\system32\UAs\firefox.exe_UAs002.dat
c:\windows\system32\UAs\firefox.exe_UAs003.dat
c:\windows\system32\UAs\firefox.exe_UAs004.dat
c:\windows\system32\UAs\firefox.exe_UAs005.dat
c:\windows\system32\UAs\firefox.exe_UAs006.dat
c:\windows\system32\UAs\firefox.exe_UAs007.dat
c:\windows\system32\UAs\firefox.exe_UAs008.dat
c:\windows\system32\UAs\firefox.exe_UAs009.dat
c:\windows\system32\UAs\firefox.exe_UAs010.dat
c:\windows\system32\UAs\firefox.exe_UAs011.dat
c:\windows\system32\UAs\firefox.exe_UAs012.dat
c:\windows\system32\UAs\firefox.exe_UAs013.dat
c:\windows\system32\UAs\firefox.exe_UAs014.dat
c:\windows\system32\UAs\firefox.exe_UAs015.dat
c:\windows\system32\UAs\firefox.exe_UAs016.dat
c:\windows\system32\UAs\firefox.exe_UAs017.dat
c:\windows\system32\UAs\IEXPLORE.EXE_UAs001.dat
c:\windows\system32\UAs\IEXPLORE.EXE_UAs002.dat
c:\windows\system32\UAs\IEXPLORE.EXE_UAs003.dat
c:\windows\system32\UAs\iexplore.exe_UAs004.dat
c:\windows\system32\UAs\iexplore.exe_UAs005.dat
c:\windows\system32\UAs\iexplore.exe_UAs006.dat
c:\windows\system32\UAs\iexplore.exe_UAs007.dat
E:\autorun.inf
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
-------\Legacy_SVCHOST
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-07-07 bis 2012-08-07  ))))))))))))))))))))))))))))))
.
.
2012-08-06 11:35 . 2012-08-06 11:35        --------        d-----w-        C:\TDSSKiller_Quarantine
2012-07-29 08:29 . 2012-07-29 08:30        2136664        ----a-w-        C:\tdsskiller.exe
2012-07-27 21:39 . 2012-07-27 21:39        --------        d-----w-        C:\_OTL
2012-07-27 15:51 . 2012-07-27 15:51        632049        ----a-w-        C:\adwcleaner(1).exe
2012-07-27 12:32 . 2012-07-27 12:32        597504        ----a-w-        C:\OTL.exe
2012-07-24 15:47 . 2012-07-24 15:47        399264        ----a-w-        C:\unhide.exe
2012-07-23 18:06 . 2012-07-23 18:06        632049        ----a-w-        C:\adwcleaner.exe
2012-07-22 09:45 . 2012-07-22 09:45        --------        d-----w-        c:\programme\ESET
2012-07-22 09:44 . 2012-07-22 09:45        2322184        ----a-w-        C:\esetsmartinstaller_enu.exe
2012-07-15 17:39 . 2012-07-15 17:39        --------        d-----w-        C:\Musik
2012-07-14 18:07 . 2012-07-14 18:07        --------        d-----w-        c:\dokumente und einstellungen\Andreas\Anwendungsdaten\Malwarebytes
2012-07-14 18:06 . 2012-07-14 18:06        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-07-14 18:06 . 2012-07-14 18:06        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware
2012-07-14 18:01 . 2012-07-14 18:05        10652120        ----a-w-        C:\mbam-setup-1.62.0.1300.exe
2012-07-12 16:42 . 2012-07-12 16:42        --------        d-----w-        c:\dokumente und einstellungen\Andreas\Lokale Einstellungen\Anwendungsdaten\Temp
2012-07-12 08:59 . 2012-07-12 08:59        --------        d-----w-        c:\programme\Gemeinsame Dateien\Adobe
2012-07-12 08:36 . 2012-07-12 08:56        55402392        ----a-w-        C:\AdbeRdr1013_de_DE.exe
2012-07-10 19:46 . 2012-07-10 19:46        50477        ----a-w-        C:\Defogger.exe
2012-07-10 11:31 . 2012-07-10 11:31        --------        d-----w-        c:\dokumente und einstellungen\Andreas\Anwendungsdaten\Avira
2012-07-10 11:19 . 2012-04-27 08:20        137928        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-07-10 11:19 . 2012-04-24 22:32        83392        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-07-10 11:19 . 2012-04-16 19:17        36000        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2012-07-10 11:19 . 2012-07-10 11:19        --------        d-----w-        c:\programme\Avira
2012-07-10 11:19 . 2012-07-10 11:19        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira
2012-07-10 10:00 . 2012-07-10 10:38        99308192        ----a-w-        C:\avira_free_antivirus_de.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-06 11:37 . 2001-08-18 10:00        53760        ----a-w-        c:\windows\system32\drivers\volsnap.sys
2012-08-05 07:50 . 2012-04-01 09:24        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-08-05 07:50 . 2011-06-06 15:26        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-20 08:17 . 2003-03-18 20:14        499712        ----a-w-        c:\windows\system32\msvcp71.dll
2012-06-20 08:17 . 2003-02-21 02:42        348160        ----a-w-        c:\windows\system32\msvcr71.dll
2012-06-09 08:57 . 2012-06-09 08:54        1110476        ----a-w-        C:\7z920.exe
2012-06-09 08:25 . 2012-06-09 08:17        17143440        ----a-w-        C:\install_icq7.exe
2012-06-02 13:19 . 2010-01-12 11:51        329240        ----a-w-        c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2010-01-12 11:51        219160        ----a-w-        c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2010-01-12 11:51        210968        ----a-w-        c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2009-08-06 18:24        18456        ----a-w-        c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 18:24        15896        ----a-w-        c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2010-01-12 11:51        35864        ----a-w-        c:\windows\system32\wups.dll
2012-06-02 13:19 . 2010-01-12 11:28        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2010-01-12 11:16        97304        ----a-w-        c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2009-08-06 18:24        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 18:24        15896        ----a-w-        c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 18:24        23576        ----a-w-        c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2010-01-12 11:51        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2010-01-12 11:28        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-05-31 13:22 . 2010-01-12 11:16        604160        ----a-w-        c:\windows\system32\crypt32.dll
2012-05-26 15:11 . 2012-05-26 14:50        50994602        ----a-w-        C:\SUPERsetup201251.exe
2012-05-16 15:07 . 2010-01-12 11:28        916992        ----a-w-        c:\windows\system32\wininet.dll
2012-05-15 13:56 . 2001-08-18 10:00        1863296        ----a-w-        c:\windows\system32\win32k.sys
2012-05-11 14:40 . 2010-01-12 11:22        43520        ----a-w-        c:\windows\system32\licmgr10.dll
2012-05-11 14:40 . 2010-01-12 11:18        1469440        ----a-w-        c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2010-01-26 14:00        385024        ----a-w-        c:\windows\system32\html.iec
2012-07-18 08:10 . 2012-01-07 00:00        136672        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\programme\ICQ7M\ICQ.exe" [2012-06-09 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-03-31 7561216]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2006-03-31 86016]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 577536]
"Anti-Blaxx Manager"="c:\programme\Anti-Blaxx\Anti-Blaxx.exe" [2005-05-18 208896]
"PinnacleDriverCheck"="c:\windows\System32\PSDrvCheck.exe" [2003-09-19 406016]
"TkBellExe"="c:\programme\real\realplayer\update\realsched.exe" [2012-06-20 296056]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\Gast\Startmenü\Programme\Autostart\
OpenOffice.org 3.1.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WinZip Quick Pick.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^andiII^Startmenü^Programme^Autostart^OpenOffice.org 3.1.lnk]
path=c:\dokumente und einstellungen\andiII\Startmenü\Programme\Autostart\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
2004-08-29 11:52        53248        ----a-w-        c:\programme\Musicmatch\Musicmatch Jukebox\mmtask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-03-31 18:54        1519616        ----a-w-        c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44        248552        ----a-w-        c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\EA SPORTS\\FIFA 06\\fifa06.exe"=
"c:\\Programme\\ICQ7M\\ICQ.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5253:TCP"= 5253:TCP:Google Update
"23448:TCP"= 23448:TCP:Google Update
"26920:TCP"= 26920:TCP:Google Update
"5421:TCP"= 5421:TCP:Google Update
"3444:TCP"= 3444:TCP:Google Update
"28479:TCP"= 28479:TCP:Google Update
"26240:TCP"= 26240:TCP:Google Update
"7565:TCP"= 7565:TCP:Google Update
"1566:TCP"= 1566:TCP:Google Update
"19285:TCP"= 19285:TCP:Google Update
"27925:TCP"= 27925:TCP:Google Update
"22981:TCP"= 22981:TCP:Google Update
"20043:TCP"= 20043:TCP:Google Update
"2028:TCP"= 2028:TCP:Google Update
"15821:TCP"= 15821:TCP:Google Update
"13774:TCP"= 13774:TCP:Google Update
"24731:TCP"= 24731:TCP:Google Update
"25684:TCP"= 25684:TCP:Google Update
"14466:TCP"= 14466:TCP:Google Update
"4571:TCP"= 4571:TCP:Google Update
"8937:TCP"= 8937:TCP:Google Update
"19099:TCP"= 19099:TCP:Google Update
"7018:TCP"= 7018:TCP:Google Update
"21573:TCP"= 21573:TCP:Google Update
"19548:TCP"= 19548:TCP:Google Update
"12314:TCP"= 12314:TCP:Google Update
"3745:TCP"= 3745:TCP:Google Update
"14843:TCP"= 14843:TCP:Google Update
"636:TCP"= 636:TCP:Google Update
"30428:TCP"= 30428:TCP:Google Update
"26568:TCP"= 26568:TCP:Google Update
"9455:TCP"= 9455:TCP:Google Update
"20382:TCP"= 20382:TCP:Google Update
"4640:TCP"= 4640:TCP:Google Update
"21118:TCP"= 21118:TCP:Google Update
"28166:TCP"= 28166:TCP:Google Update
"3679:TCP"= 3679:TCP:Google Update
"4731:TCP"= 4731:TCP:Google Update
"3932:TCP"= 3932:TCP:Google Update
"16598:TCP"= 16598:TCP:Google Update
"23821:TCP"= 23821:TCP:Google Update
"28301:TCP"= 28301:TCP:Google Update
"11717:TCP"= 11717:TCP:Google Update
"19095:TCP"= 19095:TCP:Google Update
"31821:TCP"= 31821:TCP:Google Update
"9399:TCP"= 9399:TCP:Google Update
"26031:TCP"= 26031:TCP:Google Update
"21174:TCP"= 21174:TCP:Google Update
"14197:TCP"= 14197:TCP:Google Update
"91:TCP"= 91:TCP:Google Update
"6315:TCP"= 6315:TCP:Google Update
"11905:TCP"= 11905:TCP:Google Update
"23067:TCP"= 23067:TCP:Google Update
"23668:TCP"= 23668:TCP:Google Update
"11233:TCP"= 11233:TCP:Google Update
"2584:TCP"= 2584:TCP:Google Update
"24325:TCP"= 24325:TCP:Google Update
"14415:TCP"= 14415:TCP:Google Update
"26576:TCP"= 26576:TCP:Google Update
"21366:TCP"= 21366:TCP:Google Update
"20756:TCP"= 20756:TCP:Google Update
"26324:TCP"= 26324:TCP:Google Update
"32535:TCP"= 32535:TCP:Google Update
"32327:TCP"= 32327:TCP:Google Update
"11526:TCP"= 11526:TCP:Google Update
"16834:TCP"= 16834:TCP:Google Update
"23279:TCP"= 23279:TCP:Google Update
"28150:TCP"= 28150:TCP:Google Update
"9672:TCP"= 9672:TCP:Google Update
"11048:TCP"= 11048:TCP:Google Update
"354:TCP"= 354:TCP:Google Update
"26489:TCP"= 26489:TCP:Google Update
"21948:TCP"= 21948:TCP:Google Update
"18211:TCP"= 18211:TCP:Google Update
"6938:TCP"= 6938:TCP:Google Update
"27928:TCP"= 27928:TCP:Google Update
"899:TCP"= 899:TCP:Google Update
"10344:TCP"= 10344:TCP:Google Update
"12691:TCP"= 12691:TCP:Google Update
"14779:TCP"= 14779:TCP:Google Update
"24479:TCP"= 24479:TCP:Google Update
"23396:TCP"= 23396:TCP:Google Update
"3422:TCP"= 3422:TCP:Google Update
"28354:TCP"= 28354:TCP:Google Update
"15201:TCP"= 15201:TCP:Google Update
"24655:TCP"= 24655:TCP:Google Update
"26937:TCP"= 26937:TCP:Google Update
"9161:TCP"= 9161:TCP:Google Update
"5922:TCP"= 5922:TCP:Google Update
"32636:TCP"= 32636:TCP:Google Update
"12026:TCP"= 12026:TCP:Google Update
"21618:TCP"= 21618:TCP:Google Update
"23900:TCP"= 23900:TCP:Google Update
"17918:TCP"= 17918:TCP:Google Update
"2868:TCP"= 2868:TCP:Google Update
"16310:TCP"= 16310:TCP:Google Update
"14565:TCP"= 14565:TCP:Google Update
"22836:TCP"= 22836:TCP:Google Update
"26315:TCP"= 26315:TCP:Google Update
"652:TCP"= 652:TCP:Google Update
"14636:TCP"= 14636:TCP:Google Update
"15836:TCP"= 15836:TCP:Google Update
"26428:TCP"= 26428:TCP:Google Update
"31542:TCP"= 31542:TCP:Google Update
"5442:TCP"= 5442:TCP:Google Update
"28888:TCP"= 28888:TCP:Google Update
"17159:TCP"= 17159:TCP:Google Update
"32240:TCP"= 32240:TCP:Google Update
"23351:TCP"= 23351:TCP:Google Update
"25404:TCP"= 25404:TCP:Google Update
"2379:TCP"= 2379:TCP:Google Update
"6774:TCP"= 6774:TCP:Google Update
"14190:TCP"= 14190:TCP:Google Update
"21434:TCP"= 21434:TCP:Google Update
"25992:TCP"= 25992:TCP:Google Update
"31097:TCP"= 31097:TCP:Google Update
"4915:TCP"= 4915:TCP:Google Update
"5581:TCP"= 5581:TCP:Google Update
"12214:TCP"= 12214:TCP:Google Update
"18673:TCP"= 18673:TCP:Google Update
"24045:TCP"= 24045:TCP:Google Update
"3702:TCP"= 3702:TCP:Google Update
"3020:TCP"= 3020:TCP:Google Update
"3392:TCP"= 3392:TCP:Google Update
"26565:TCP"= 26565:TCP:Google Update
"22567:TCP"= 22567:TCP:Google Update
"22232:TCP"= 22232:TCP:Google Update
"27524:TCP"= 27524:TCP:Google Update
"1243:TCP"= 1243:TCP:Google Update
"18074:TCP"= 18074:TCP:Google Update
"13087:TCP"= 13087:TCP:Google Update
"18034:TCP"= 18034:TCP:Google Update
"24755:TCP"= 24755:TCP:Google Update
"9107:TCP"= 9107:TCP:Google Update
"3822:TCP"= 3822:TCP:Google Update
"8544:TCP"= 8544:TCP:Google Update
"15500:TCP"= 15500:TCP:Google Update
"25783:TCP"= 25783:TCP:Google Update
"31871:TCP"= 31871:TCP:Google Update
"8721:TCP"= 8721:TCP:Google Update
"10885:TCP"= 10885:TCP:Google Update
"5131:TCP"= 5131:TCP:Google Update
"19531:TCP"= 19531:TCP:Google Update
"27403:TCP"= 27403:TCP:Google Update
"31395:TCP"= 31395:TCP:Google Update
"23181:TCP"= 23181:TCP:Google Update
"10373:TCP"= 10373:TCP:Google Update
"18436:TCP"= 18436:TCP:Google Update
"22129:TCP"= 22129:TCP:Google Update
"14789:TCP"= 14789:TCP:Google Update
"784:TCP"= 784:TCP:Google Update
"23035:TCP"= 23035:TCP:Google Update
"13097:TCP"= 13097:TCP:Google Update
"1450:TCP"= 1450:TCP:Google Update
"13622:TCP"= 13622:TCP:Google Update
"31048:TCP"= 31048:TCP:Google Update
"750:TCP"= 750:TCP:Google Update
"19214:TCP"= 19214:TCP:Google Update
"12434:TCP"= 12434:TCP:Google Update
"31418:TCP"= 31418:TCP:Google Update
"28062:TCP"= 28062:TCP:Google Update
"20594:TCP"= 20594:TCP:Google Update
"11445:TCP"= 11445:TCP:Google Update
"27896:TCP"= 27896:TCP:Google Update
"2284:TCP"= 2284:TCP:Google Update
"13666:TCP"= 13666:TCP:Google Update
"7968:TCP"= 7968:TCP:Google Update
"30028:TCP"= 30028:TCP:Google Update
"1076:TCP"= 1076:TCP:Google Update
"30741:TCP"= 30741:TCP:Google Update
"17907:TCP"= 17907:TCP:Google Update
"15755:TCP"= 15755:TCP:Google Update
"3607:TCP"= 3607:TCP:Google Update
"30235:TCP"= 30235:TCP:Google Update
"12041:TCP"= 12041:TCP:Google Update
"7891:TCP"= 7891:TCP:Google Update
"9148:TCP"= 9148:TCP:Google Update
"28657:TCP"= 28657:TCP:Google Update
"21714:TCP"= 21714:TCP:Google Update
"22597:TCP"= 22597:TCP:Google Update
"12599:TCP"= 12599:TCP:Google Update
"30106:TCP"= 30106:TCP:Google Update
"29170:TCP"= 29170:TCP:Google Update
"23958:TCP"= 23958:TCP:Google Update
"30104:TCP"= 30104:TCP:Google Update
"21230:TCP"= 21230:TCP:Google Update
"2673:TCP"= 2673:TCP:Google Update
"4216:TCP"= 4216:TCP:Google Update
"21456:TCP"= 21456:TCP:Google Update
"22222:TCP"= 22222:TCP:Google Update
"15713:TCP"= 15713:TCP:Google Update
"1302:TCP"= 1302:TCP:Google Update
"14628:TCP"= 14628:TCP:Google Update
"12989:TCP"= 12989:TCP:Google Update
"431:TCP"= 431:TCP:Google Update
"26355:TCP"= 26355:TCP:Google Update
"25438:TCP"= 25438:TCP:Google Update
"8548:TCP"= 8548:TCP:Google Update
"8376:TCP"= 8376:TCP:Google Update
"20331:TCP"= 20331:TCP:Google Update
"3631:TCP"= 3631:TCP:Google Update
"32087:TCP"= 32087:TCP:Google Update
"31654:TCP"= 31654:TCP:Google Update
"11075:TCP"= 11075:TCP:Google Update
"14306:TCP"= 14306:TCP:Google Update
"30827:TCP"= 30827:TCP:Google Update
"32502:TCP"= 32502:TCP:Google Update
"19343:TCP"= 19343:TCP:Google Update
"13805:TCP"= 13805:TCP:Google Update
"5293:TCP"= 5293:TCP:Google Update
"31502:TCP"= 31502:TCP:Google Update
"10879:TCP"= 10879:TCP:Google Update
"18997:TCP"= 18997:TCP:Google Update
"14930:TCP"= 14930:TCP:Google Update
"12777:TCP"= 12777:TCP:Google Update
"19718:TCP"= 19718:TCP:Google Update
"26181:TCP"= 26181:TCP:Google Update
"18504:TCP"= 18504:TCP:Google Update
"31138:TCP"= 31138:TCP:Google Update
"30283:TCP"= 30283:TCP:Google Update
"3851:TCP"= 3851:TCP:Google Update
"9284:TCP"= 9284:TCP:Google Update
"10377:TCP"= 10377:TCP:Google Update
"21033:TCP"= 21033:TCP:Google Update
"4357:TCP"= 4357:TCP:Google Update
"250:TCP"= 250:TCP:Google Update
"12158:TCP"= 12158:TCP:Google Update
"11771:TCP"= 11771:TCP:Google Update
"7413:TCP"= 7413:TCP:Google Update
"23527:TCP"= 23527:TCP:Google Update
"20506:TCP"= 20506:TCP:Google Update
"2590:TCP"= 2590:TCP:Google Update
"4490:TCP"= 4490:TCP:Google Update
"14353:TCP"= 14353:TCP:Google Update
"28500:TCP"= 28500:TCP:Google Update
"8286:TCP"= 8286:TCP:Google Update
"11438:TCP"= 11438:TCP:Google Update
"20068:TCP"= 20068:TCP:Google Update
"27803:TCP"= 27803:TCP:Google Update
"876:TCP"= 876:TCP:Google Update
"14810:TCP"= 14810:TCP:Google Update
"23118:TCP"= 23118:TCP:Google Update
"8462:TCP"= 8462:TCP:Google Update
"11738:TCP"= 11738:TCP:Google Update
"7716:TCP"= 7716:TCP:Google Update
"25376:TCP"= 25376:TCP:Google Update
"1925:TCP"= 1925:TCP:Google Update
"4383:TCP"= 4383:TCP:Google Update
"16586:TCP"= 16586:TCP:Google Update
"16185:TCP"= 16185:TCP:Google Update
"22067:TCP"= 22067:TCP:Google Update
"27954:TCP"= 27954:TCP:Google Update
"28593:TCP"= 28593:TCP:Google Update
"6936:TCP"= 6936:TCP:Google Update
"22279:TCP"= 22279:TCP:Google Update
"18721:TCP"= 18721:TCP:Google Update
"20148:TCP"= 20148:TCP:Google Update
"6223:TCP"= 6223:TCP:Google Update
"9384:TCP"= 9384:TCP:Google Update
"1412:TCP"= 1412:TCP:Google Update
"528:TCP"= 528:TCP:Google Update
"30727:TCP"= 30727:TCP:Google Update
"21344:TCP"= 21344:TCP:Google Update
"7620:TCP"= 7620:TCP:Google Update
"23198:TCP"= 23198:TCP:Google Update
"25702:TCP"= 25702:TCP:Google Update
"17002:TCP"= 17002:TCP:Google Update
"1321:TCP"= 1321:TCP:Google Update
"28921:TCP"= 28921:TCP:Google Update
"3895:TCP"= 3895:TCP:Google Update
"7772:TCP"= 7772:TCP:Google Update
"20124:TCP"= 20124:TCP:Google Update
"19544:TCP"= 19544:TCP:Google Update
"27173:TCP"= 27173:TCP:Google Update
"31284:TCP"= 31284:TCP:Google Update
"408:TCP"= 408:TCP:Google Update
"10275:TCP"= 10275:TCP:Google Update
"17683:TCP"= 17683:TCP:Google Update
"22028:TCP"= 22028:TCP:Google Update
"5201:TCP"= 5201:TCP:Google Update
"5388:TCP"= 5388:TCP:Google Update
"3363:TCP"= 3363:TCP:Google Update
"17294:TCP"= 17294:TCP:Google Update
"4369:TCP"= 4369:TCP:Google Update
"28942:TCP"= 28942:TCP:Google Update
"21643:TCP"= 21643:TCP:Google Update
"7927:TCP"= 7927:TCP:Google Update
"6672:TCP"= 6672:TCP:Google Update
"19670:TCP"= 19670:TCP:Google Update
"23947:TCP"= 23947:TCP:Google Update
"31423:TCP"= 31423:TCP:Google Update
"29950:TCP"= 29950:TCP:Google Update
"10414:TCP"= 10414:TCP:Google Update
"25205:TCP"= 25205:TCP:Google Update
"22170:TCP"= 22170:TCP:Google Update
"9189:TCP"= 9189:TCP:Google Update
"1165:TCP"= 1165:TCP:Google Update
"4967:TCP"= 4967:TCP:Google Update
"12911:TCP"= 12911:TCP:Google Update
"4697:TCP"= 4697:TCP:Google Update
"24788:TCP"= 24788:TCP:Google Update
"28245:TCP"= 28245:TCP:Google Update
"3655:TCP"= 3655:TCP:Google Update
"23500:TCP"= 23500:TCP:Google Update
"15411:TCP"= 15411:TCP:Google Update
"23063:TCP"= 23063:TCP:Google Update
"28038:TCP"= 28038:TCP:Google Update
"15704:TCP"= 15704:TCP:Google Update
"7075:TCP"= 7075:TCP:Google Update
"8345:TCP"= 8345:TCP:Google Update
"18880:TCP"= 18880:TCP:Google Update
"3600:TCP"= 3600:TCP:Google Update
"30636:TCP"= 30636:TCP:Google Update
"2514:TCP"= 2514:TCP:Google Update
"25024:TCP"= 25024:TCP:Google Update
"1994:TCP"= 1994:TCP:Google Update
"29982:TCP"= 29982:TCP:Google Update
"13773:TCP"= 13773:TCP:Google Update
"25236:TCP"= 25236:TCP:Google Update
"25529:TCP"= 25529:TCP:Google Update
"18923:TCP"= 18923:TCP:Google Update
"4546:TCP"= 4546:TCP:Google Update
"15084:TCP"= 15084:TCP:Google Update
"27044:TCP"= 27044:TCP:Google Update
"19595:TCP"= 19595:TCP:Google Update
"22811:TCP"= 22811:TCP:Google Update
"26354:TCP"= 26354:TCP:Google Update
"22185:TCP"= 22185:TCP:Google Update
"23277:TCP"= 23277:TCP:Google Update
"2316:TCP"= 2316:TCP:Google Update
"28736:TCP"= 28736:TCP:Google Update
"12375:TCP"= 12375:TCP:Google Update
"29720:TCP"= 29720:TCP:Google Update
"22314:TCP"= 22314:TCP:Google Update
"17805:TCP"= 17805:TCP:Google Update
"19582:TCP"= 19582:TCP:Google Update
"31977:TCP"= 31977:TCP:Google Update
"11689:TCP"= 11689:TCP:Google Update
"32189:TCP"= 32189:TCP:Google Update
"2456:TCP"= 2456:TCP:Google Update
"22699:TCP"= 22699:TCP:Google Update
"25968:TCP"= 25968:TCP:Google Update
"28218:TCP"= 28218:TCP:Google Update
"15967:TCP"= 15967:TCP:Google Update
"22345:TCP"= 22345:TCP:Google Update
"2959:TCP"= 2959:TCP:Google Update
"1127:TCP"= 1127:TCP:Google Update
"9479:TCP"= 9479:TCP:Google Update
"7582:TCP"= 7582:TCP:Google Update
"2549:TCP"= 2549:TCP:Google Update
"7604:TCP"= 7604:TCP:Google Update
"14626:TCP"= 14626:TCP:Google Update
"20181:TCP"= 20181:TCP:Google Update
"7117:TCP"= 7117:TCP:Google Update
"16043:TCP"= 16043:TCP:Google Update
"21379:TCP"= 21379:TCP:Google Update
"18686:TCP"= 18686:TCP:Google Update
"8807:TCP"= 8807:TCP:Google Update
"25212:TCP"= 25212:TCP:Google Update
"20557:TCP"= 20557:TCP:Google Update
"31215:TCP"= 31215:TCP:Google Update
"32316:TCP"= 32316:TCP:Google Update
"14785:TCP"= 14785:TCP:Google Update
"3245:TCP"= 3245:TCP:Google Update
"5507:TCP"= 5507:TCP:Google Update
"17524:TCP"= 17524:TCP:Google Update
"24040:TCP"= 24040:TCP:Google Update
"20025:TCP"= 20025:TCP:Google Update
"7889:TCP"= 7889:TCP:Google Update
"2598:TCP"= 2598:TCP:Google Update
"7016:TCP"= 7016:TCP:Google Update
"5052:TCP"= 5052:TCP:Google Update
"3529:TCP"= 3529:TCP:Google Update
"7556:TCP"= 7556:TCP:Google Update
"2134:TCP"= 2134:TCP:Google Update
"10020:TCP"= 10020:TCP:Google Update
"12572:TCP"= 12572:TCP:Google Update
"800:TCP"= 800:TCP:Google Update
"19225:TCP"= 19225:TCP:Google Update
"18616:TCP"= 18616:TCP:Google Update
"12261:TCP"= 12261:TCP:Google Update
"19360:TCP"= 19360:TCP:Google Update
"1534:TCP"= 1534:TCP:Google Update
"21464:TCP"= 21464:TCP:Google Update
"12495:TCP"= 12495:TCP:Google Update
"12234:TCP"= 12234:TCP:Google Update
"7750:TCP"= 7750:TCP:Google Update
"23990:TCP"= 23990:TCP:Google Update
"31591:TCP"= 31591:TCP:Google Update
"3057:TCP"= 3057:TCP:Google Update
"20280:TCP"= 20280:TCP:Google Update
"14731:TCP"= 14731:TCP:Google Update
"8698:TCP"= 8698:TCP:Google Update
"5514:TCP"= 5514:TCP:Google Update
"28064:TCP"= 28064:TCP:Google Update
"17228:TCP"= 17228:TCP:Google Update
"18614:TCP"= 18614:TCP:Google Update
"29072:TCP"= 29072:TCP:Google Update
"17529:TCP"= 17529:TCP:Google Update
"7992:TCP"= 7992:TCP:Google Update
"24578:TCP"= 24578:TCP:Google Update
"19732:TCP"= 19732:TCP:Google Update
"6993:TCP"= 6993:TCP:Google Update
"31524:TCP"= 31524:TCP:Google Update
"10383:TCP"= 10383:TCP:Google Update
"10564:TCP"= 10564:TCP:Google Update
"16909:TCP"= 16909:TCP:Google Update
"7229:TCP"= 7229:TCP:Google Update
"1731:TCP"= 1731:TCP:Google Update
"31657:TCP"= 31657:TCP:Google Update
"29580:TCP"= 29580:TCP:Google Update
"25344:TCP"= 25344:TCP:Google Update
"8598:TCP"= 8598:TCP:Google Update
"31870:TCP"= 31870:TCP:Google Update
"20347:TCP"= 20347:TCP:Google Update
"15854:TCP"= 15854:TCP:Google Update
"32110:TCP"= 32110:TCP:Google Update
"21857:TCP"= 21857:TCP:Google Update
"11101:TCP"= 11101:TCP:Google Update
"3192:TCP"= 3192:TCP:Google Update
"32648:TCP"= 32648:TCP:Google Update
"26195:TCP"= 26195:TCP:Google Update
"4699:TCP"= 4699:TCP:Google Update
"15347:TCP"= 15347:TCP:Google Update
"3656:TCP"= 3656:TCP:Google Update
"7841:TCP"= 7841:TCP:Google Update
"12935:TCP"= 12935:TCP:Google Update
"370:TCP"= 370:TCP:Google Update
"12612:TCP"= 12612:TCP:Google Update
"6719:TCP"= 6719:TCP:Google Update
"21777:TCP"= 21777:TCP:Google Update
"6449:TCP"= 6449:TCP:Google Update
"33654:TCP"= 33654:TCP:Google Update
"11267:TCP"= 11267:TCP:Google Update
"23293:TCP"= 23293:TCP:Google Update
"7568:TCP"= 7568:TCP:Google Update
"2262:TCP"= 2262:TCP:Google Update
"2300:TCP"= 2300:TCP:Google Update
"14028:TCP"= 14028:TCP:Google Update
"28563:TCP"= 28563:TCP:Google Update
"4252:TCP"= 4252:TCP:Google Update
"25306:TCP"= 25306:TCP:Google Update
"6679:TCP"= 6679:TCP:Google Update
"18413:TCP"= 18413:TCP:Google Update
"21251:TCP"= 21251:TCP:Google Update
"26685:TCP"= 26685:TCP:Google Update
"33341:TCP"= 33341:TCP:Google Update
"31120:TCP"= 31120:TCP:Google Update
"12362:TCP"= 12362:TCP:Google Update
"15104:TCP"= 15104:TCP:Google Update
"24125:TCP"= 24125:TCP:Google Update
"30414:TCP"= 30414:TCP:Google Update
"14332:TCP"= 14332:TCP:Google Update
"5035:TCP"= 5035:TCP:Google Update
"22772:TCP"= 22772:TCP:Google Update
"19235:TCP"= 19235:TCP:Google Update
"2224:TCP"= 2224:TCP:Google Update
"1106:TCP"= 1106:TCP:Google Update
"7332:TCP"= 7332:TCP:Google Update
"22252:TCP"= 22252:TCP:Google Update
"9783:TCP"= 9783:TCP:Google Update
"8683:TCP"= 8683:TCP:Google Update
"22114:TCP"= 22114:TCP:Google Update
"22739:TCP"= 22739:TCP:Google Update
"9142:TCP"= 9142:TCP:Google Update
"26651:TCP"= 26651:TCP:Google Update
"20940:TCP"= 20940:TCP:Google Update
"24736:TCP"= 24736:TCP:Google Update
"16365:TCP"= 16365:TCP:Google Update
"15630:TCP"= 15630:TCP:Google Update
"22844:TCP"= 22844:TCP:Google Update
"12316:TCP"= 12316:TCP:Google Update
"22798:TCP"= 22798:TCP:Google Update
"8810:TCP"= 8810:TCP:Google Update
"6043:TCP"= 6043:TCP:Google Update
"24919:TCP"= 24919:TCP:Google Update
"14934:TCP"= 14934:TCP:Google Update
"33639:TCP"= 33639:TCP:Google Update
"20635:TCP"= 20635:TCP:Google Update
"10502:TCP"= 10502:TCP:Google Update
"29629:TCP"= 29629:TCP:Google Update
"11404:TCP"= 11404:TCP:Google Update
"9535:TCP"= 9535:TCP:Google Update
"29724:TCP"= 29724:TCP:Google Update
"21268:TCP"= 21268:TCP:Google Update
"33027:TCP"= 33027:TCP:Google Update
"5303:TCP"= 5303:TCP:Google Update
"12087:TCP"= 12087:TCP:Google Update
"22578:TCP"= 22578:TCP:Google Update
"23840:TCP"= 23840:TCP:Google Update
"30149:TCP"= 30149:TCP:Google Update
"2802:TCP"= 2802:TCP:Google Update
"16747:TCP"= 16747:TCP:Google Update
"14516:TCP"= 14516:TCP:Google Update
"29567:TCP"= 29567:TCP:Google Update
"23005:TCP"= 23005:TCP:Google Update
"20426:TCP"= 20426:TCP:Google Update
"28775:TCP"= 28775:TCP:Google Update
"22978:TCP"= 22978:TCP:Google Update
"33435:TCP"= 33435:TCP:Google Update
"32884:TCP"= 32884:TCP:Google Update
"13190:TCP"= 13190:TCP:Google Update
"27902:TCP"= 27902:TCP:Google Update
"17250:TCP"= 17250:TCP:Google Update
"21642:TCP"= 21642:TCP:Google Update
"6056:TCP"= 6056:TCP:Google Update
"32163:TCP"= 32163:TCP:Google Update
"27266:TCP"= 27266:TCP:Google Update
"12300:TCP"= 12300:TCP:Google Update
"10222:TCP"= 10222:TCP:Google Update
"4266:TCP"= 4266:TCP:Google Update
"21973:TCP"= 21973:TCP:Google Update
"17128:TCP"= 17128:TCP:Google Update
"1511:TCP"= 1511:TCP:Google Update
"11716:TCP"= 11716:TCP:Google Update
"4893:TCP"= 4893:TCP:Google Update
"5665:TCP"= 5665:TCP:Google Update
"29930:TCP"= 29930:TCP:Google Update
"25842:TCP"= 25842:TCP:Google Update
"16644:TCP"= 16644:TCP:Google Update
"2254:TCP"= 2254:TCP:Google Update
"16677:TCP"= 16677:TCP:Google Update
"25089:TCP"= 25089:TCP:Google Update
"16863:TCP"= 16863:TCP:Google Update
"24967:TCP"= 24967:TCP:Google Update
"8997:TCP"= 8997:TCP:Google Update
"33661:TCP"= 33661:TCP:Google Update
"9803:TCP"= 9803:TCP:Google Update
"27308:TCP"= 27308:TCP:Google Update
"33257:TCP"= 33257:TCP:Google Update
"16732:TCP"= 16732:TCP:Google Update
"2921:TCP"= 2921:TCP:Google Update
"33261:TCP"= 33261:TCP:Google Update
"23194:TCP"= 23194:TCP:Google Update
"30972:TCP"= 30972:TCP:Google Update
"4002:TCP"= 4002:TCP:Google Update
"16496:TCP"= 16496:TCP:Google Update
"33640:TCP"= 33640:TCP:Google Update
"8559:TCP"= 8559:TCP:Google Update
"30682:TCP"= 30682:TCP:Google Update
"24197:TCP"= 24197:TCP:Google Update
"6501:TCP"= 6501:TCP:Google Update
"24699:TCP"= 24699:TCP:Google Update
"9767:TCP"= 9767:TCP:Google Update
"27251:TCP"= 27251:TCP:Google Update
"14427:TCP"= 14427:TCP:Google Update
"22145:TCP"= 22145:TCP:Google Update
"22788:TCP"= 22788:TCP:Google Update
"31194:TCP"= 31194:TCP:Google Update
"24202:TCP"= 24202:TCP:Google Update
"21469:TCP"= 21469:TCP:Google Update
"17352:TCP"= 17352:TCP:Google Update
"1909:TCP"= 1909:TCP:Google Update
"1495:TCP"= 1495:TCP:Google Update
"28656:TCP"= 28656:TCP:Google Update
"13479:TCP"= 13479:TCP:Google Update
"25071:TCP"= 25071:TCP:Google Update
"20193:TCP"= 20193:TCP:Google Update
"2529:TCP"= 2529:TCP:Google Update
"20206:TCP"= 20206:TCP:Google Update
"13277:TCP"= 13277:TCP:Google Update
"20209:TCP"= 20209:TCP:Google Update
"32510:TCP"= 32510:TCP:Google Update
"23069:TCP"= 23069:TCP:Google Update
"33292:TCP"= 33292:TCP:Google Update
"10460:TCP"= 10460:TCP:Google Update
"2782:TCP"= 2782:TCP:Google Update
"4819:TCP"= 4819:TCP:Google Update
"12618:TCP"= 12618:TCP:Google Update
"24195:TCP"= 24195:TCP:Google Update
"29893:TCP"= 29893:TCP:Google Update
"3179:TCP"= 3179:TCP:Google Update
"3691:TCP"= 3691:TCP:Google Update
"3261:TCP"= 3261:TCP:Google Update
"5658:TCP"= 5658:TCP:Google Update
"18022:TCP"= 18022:TCP:Google Update
"26035:TCP"= 26035:TCP:Google Update
"11668:TCP"= 11668:TCP:Google Update
"16187:TCP"= 16187:TCP:Google Update
"19221:TCP"= 19221:TCP:Google Update
"8254:TCP"= 8254:TCP:Google Update
"4097:TCP"= 4097:TCP:Google Update
"27620:TCP"= 27620:TCP:Google Update
"15810:TCP"= 15810:TCP:Google Update
"18317:TCP"= 18317:TCP:Google Update
"8309:TCP"= 8309:TCP:Google Update
"24726:TCP"= 24726:TCP:Google Update
"5143:TCP"= 5143:TCP:Google Update
"6623:TCP"= 6623:TCP:Google Update
"15012:TCP"= 15012:TCP:Google Update
"20679:TCP"= 20679:TCP:Google Update
"2040:TCP"= 2040:TCP:Google Update
"13591:TCP"= 13591:TCP:Google Update
"12335:TCP"= 12335:TCP:Google Update
"30167:TCP"= 30167:TCP:Google Update
"6576:TCP"= 6576:TCP:Google Update
"10386:TCP"= 10386:TCP:Google Update
"14315:TCP"= 14315:TCP:Google Update
"20427:TCP"= 20427:TCP:Google Update
"33572:TCP"= 33572:TCP:Google Update
"9951:TCP"= 9951:TCP:Google Update
"4540:TCP"= 4540:TCP:Google Update
"23560:TCP"= 23560:TCP:Google Update
"13575:TCP"= 13575:TCP:Google Update
"9617:TCP"= 9617:TCP:Google Update
"16274:TCP"= 16274:TCP:Google Update
"16704:TCP"= 16704:TCP:Google Update
"6376:TCP"= 6376:TCP:Google Update
"33226:TCP"= 33226:TCP:Google Update
"18348:TCP"= 18348:TCP:Google Update
"6422:TCP"= 6422:TCP:Google Update
"9007:TCP"= 9007:TCP:Google Update
"1194:TCP"= 1194:TCP:Google Update
"9105:TCP"= 9105:TCP:Google Update
"9736:TCP"= 9736:TCP:Google Update
"9451:TCP"= 9451:TCP:Google Update
"4610:TCP"= 4610:TCP:Google Update
"26072:TCP"= 26072:TCP:Google Update
"8609:TCP"= 8609:TCP:Google Update
"30500:TCP"= 30500:TCP:Google Update
"6798:TCP"= 6798:TCP:Google Update
"14008:TCP"= 14008:TCP:Google Update
"20454:TCP"= 20454:TCP:Google Update
"25499:TCP"= 25499:TCP:Google Update
"24633:TCP"= 24633:TCP:Google Update
"5874:TCP"= 5874:TCP:Google Update
"25784:TCP"= 25784:TCP:Google Update
"17627:TCP"= 17627:TCP:Google Update
"32451:TCP"= 32451:TCP:Google Update
"32491:TCP"= 32491:TCP:Google Update
"11631:TCP"= 11631:TCP:Google Update
"4993:TCP"= 4993:TCP:Google Update
"15217:TCP"= 15217:TCP:Google Update
"27190:TCP"= 27190:TCP:Google Update
"16113:TCP"= 16113:TCP:Google Update
"15591:TCP"= 15591:TCP:Google Update
"31170:TCP"= 31170:TCP:Google Update
"15989:TCP"= 15989:TCP:Google Update
"2693:TCP"= 2693:TCP:Google Update
"27466:TCP"= 27466:TCP:Google Update
"21934:TCP"= 21934:TCP:Google Update
"12377:TCP"= 12377:TCP:Google Update
"24837:TCP"= 24837:TCP:Google Update
"25224:TCP"= 25224:TCP:Google Update
"6569:TCP"= 6569:TCP:Google Update
"18426:TCP"= 18426:TCP:Google Update
"27529:TCP"= 27529:TCP:Google Update
"30152:TCP"= 30152:TCP:Google Update
"6316:TCP"= 6316:TCP:Google Update
"23897:TCP"= 23897:TCP:Google Update
"25722:TCP"= 25722:TCP:Google Update
"23943:TCP"= 23943:TCP:Google Update
"24154:TCP"= 24154:TCP:Google Update
"23972:TCP"= 23972:TCP:Google Update
"19223:TCP"= 19223:TCP:Google Update
"22337:TCP"= 22337:TCP:Google Update
"7778:TCP"= 7778:TCP:Google Update
"15453:TCP"= 15453:TCP:Google Update
"1633:TCP"= 1633:TCP:Google Update
"9735:TCP"= 9735:TCP:Google Update
"14303:TCP"= 14303:TCP:Google Update
"27865:TCP"= 27865:TCP:Google Update
"14642:TCP"= 14642:TCP:Google Update
"24963:TCP"= 24963:TCP:Google Update
"13752:TCP"= 13752:TCP:Google Update
"18394:TCP"= 18394:TCP:Google Update
"17215:TCP"= 17215:TCP:Google Update
"31597:TCP"= 31597:TCP:Google Update
"8288:TCP"= 8288:TCP:Google Update
"10664:TCP"= 10664:TCP:Google Update
"20544:TCP"= 20544:TCP:Google Update
"30963:TCP"= 30963:TCP:Google Update
"8710:TCP"= 8710:TCP:Google Update
"10012:TCP"= 10012:TCP:Google Update
"29220:TCP"= 29220:TCP:Google Update
"17761:TCP"= 17761:TCP:Google Update
"28385:TCP"= 28385:TCP:Google Update
"25964:TCP"= 25964:TCP:Google Update
"32157:TCP"= 32157:TCP:Google Update
"10638:TCP"= 10638:TCP:Google Update
"16516:TCP"= 16516:TCP:Google Update
"14615:TCP"= 14615:TCP:Google Update
"32360:TCP"= 32360:TCP:Google Update
"10784:TCP"= 10784:TCP:Google Update
"8283:TCP"= 8283:TCP:Google Update
"29405:TCP"= 29405:TCP:Google Update
"21715:TCP"= 21715:TCP:Google Update
"10550:TCP"= 10550:TCP:Google Update
"27809:TCP"= 27809:TCP:Google Update
"32729:TCP"= 32729:TCP:Google Update
"29912:TCP"= 29912:TCP:Google Update
"6159:TCP"= 6159:TCP:Google Update
"29349:TCP"= 29349:TCP:Google Update
"17836:TCP"= 17836:TCP:Google Update
"19767:TCP"= 19767:TCP:Google Update
"26474:TCP"= 26474:TCP:Google Update
"22123:TCP"= 22123:TCP:Google Update
"22005:TCP"= 22005:TCP:Google Update
"5437:TCP"= 5437:TCP:Google Update
"26002:TCP"= 26002:TCP:Google Update
"11553:TCP"= 11553:TCP:Google Update
"22504:TCP"= 22504:TCP:Google Update
"7230:TCP"= 7230:TCP:Google Update
"1105:TCP"= 1105:TCP:Google Update
"30570:TCP"= 30570:TCP:Google Update
"31202:TCP"= 31202:TCP:Google Update
"8006:TCP"= 8006:TCP:Google Update
"29903:TCP"= 29903:TCP:Google Update
"27217:TCP"= 27217:TCP:Google Update
"25805:TCP"= 25805:TCP:Google Update
"13621:TCP"= 13621:TCP:Google Update
"5856:TCP"= 5856:TCP:Google Update
"26964:TCP"= 26964:TCP:Google Update
"14202:TCP"= 14202:TCP:Google Update
"30772:TCP"= 30772:TCP:Google Update
"9528:TCP"= 9528:TCP:Google Update
"6251:TCP"= 6251:TCP:Google Update
"11175:TCP"= 11175:TCP:Google Update
"28273:TCP"= 28273:TCP:Google Update
"24680:TCP"= 24680:TCP:Google Update
"9010:TCP"= 9010:TCP:Google Update
"27314:TCP"= 27314:TCP:Google Update
"16582:TCP"= 16582:TCP:Google Update
"6276:TCP"= 6276:TCP:Google Update
"31765:TCP"= 31765:TCP:Google Update
"18068:TCP"= 18068:TCP:Google Update
"9151:TCP"= 9151:TCP:Google Update
"32302:TCP"= 32302:TCP:Google Update
"1952:TCP"= 1952:TCP:Google Update
"23682:TCP"= 23682:TCP:Google Update
"17966:TCP"= 17966:TCP:Google Update
"27843:TCP"= 27843:TCP:Google Update
"16443:TCP"= 16443:TCP:Google Update
"32770:TCP"= 32770:TCP:Google Update
"3125:TCP"= 3125:TCP:Google Update
"8501:TCP"= 8501:TCP:Google Update
"27570:TCP"= 27570:TCP:Google Update
"23724:TCP"= 23724:TCP:Google Update
"27694:TCP"= 27694:TCP:Google Update
"31819:TCP"= 31819:TCP:Google Update
"6646:TCP"= 6646:TCP:Google Update
"26142:TCP"= 26142:TCP:Google Update
"13399:TCP"= 13399:TCP:Google Update
"2735:TCP"= 2735:TCP:Google Update
"1767:TCP"= 1767:TCP:Google Update
"6536:TCP"= 6536:TCP:Google Update
"12069:TCP"= 12069:TCP:Google Update
"20887:TCP"= 20887:TCP:Google Update
"14647:TCP"= 14647:TCP:Google Update
"16984:TCP"= 16984:TCP:Google Update
"26369:TCP"= 26369:TCP:Google Update
"2338:TCP"= 2338:TCP:Google Update
"31644:TCP"= 31644:TCP:Google Update
"5933:TCP"= 5933:TCP:Google Update
"1901:TCP"= 1901:TCP:Google Update
"11260:TCP"= 11260:TCP:Google Update
"9897:TCP"= 9897:TCP:Google Update
"25324:TCP"= 25324:TCP:Google Update
"20578:TCP"= 20578:TCP:Google Update
"25415:TCP"= 25415:TCP:Google Update
"30998:TCP"= 30998:TCP:Google Update
"13132:TCP"= 13132:TCP:Google Update
"16436:TCP"= 16436:TCP:Google Update
"12597:TCP"= 12597:TCP:Google Update
"5489:TCP"= 5489:TCP:Google Update
"22716:TCP"= 22716:TCP:BitComet 22716 TCP
"22716:UDP"= 22716:UDP:BitComet 22716 UDP
"5910:TCP"= 5910:TCP:vnc5910
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [10.07.2012 13:19 36000]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [23.09.2009 21:12 13696]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [10.07.2012 13:19 86224]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [03.04.2011 16:48 233024]
S2 gupdate;Google Update-Dienst (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [17.01.2012 13:55 136176]
S2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [14.07.2012 20:06 655944]
S2 SearchAnonymizer;SearchAnonymizer;c:\dokumente und einstellungen\Andreas\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe [13.05.2010 11:33 40960]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [21.01.2010 15:40 16512]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [17.01.2012 13:55 136176]
S3 IrUSB;ArkMicro USB Infrared Miniport Adapter;c:\windows\system32\drivers\IrUSB.sys [01.02.2010 16:28 25088]
S3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [03.05.2012 10:48 113120]
S4 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-01-17 11:55]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-01-17 11:55]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\programme\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - ProfilePath - c:\dokumente und einstellungen\Andreas\Anwendungsdaten\Mozilla\Firefox\Profiles\932bxw2j.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://rapspot.de/wbb/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
SafeBoot-14836780.sys
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
MSConfigStartUp-NeroFilterCheck - c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-TkBellExe - c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
AddRemove-FolderSort - c:\program files\FolderSort\FolderSort.exe
AddRemove-GT Interactive - Driver - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-07 10:09
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-54fe-6f0a-79e7fd62c15f}\InprocServer32*]
"Class"=hex:46,f6,a2,15,fc,05,f0,c2,de,f0,f7,e3,8b,d3,7c,3d,13,88,b9,e0,b0,c0,
  a0,03,0f,e3,c0,f7,1f,f7,19,13,4e,eb,3b,b9,13,2a,e8,e7,fd,ef,6a,03,87,3b,1d,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-590e-8f70-00f9fd62c15f}\InprocServer32*]
"Class"=hex:8a,e5,97,ed,a4,5c,af,ff,98,fe,d8,95,b5,ad,4a,92,d6,71,c5,c2,f9,76,
  60,a8,68,03,e1,25,0a,91,2b,c1,88,d8,d1,99,07,b7,bc,17,96,32,4a,34,28,25,ae,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-790a-d4d3-0bc1fd62c15f}\InprocServer32*]
"Class"=hex:af,8e,88,da,b1,52,1d,ae,94,86,21,e0,d9,48,75,ed,24,e8,14,95,67,65,
  33,d7,36,e8,5f,16,85,14,0d,56,30,21,06,9b,c1,04,0c,ee,ba,ea,a5,96,0e,45,68,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-aac9-2100-5ea1fd62c15f}\InprocServer32*]
"Class"=hex:f0,cf,dd,b2,a8,3a,06,cf,3d,02,5e,2b,2a,48,8e,7e,05,85,96,c6,7c,c8,
  f8,75,99,7c,94,a7,4c,05,02,d5,24,3c,be,ee,0f,aa,79,bd,d6,b1,05,b5,21,15,da,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-ca0a-2085-16aafd62c15f}\InprocServer32*]
"Class"=hex:f8,a6,7d,3c,1d,e0,74,87,40,c0,58,c5,9f,af,c6,42,e2,c8,87,5a,61,24,
  fd,f3,91,fc,52,fc,ab,24,c8,9c,b5,4c,23,2a,5c,20,32,81,72,e3,25,12,ad,b6,73,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-e5cf-e030-1764fd62c15f}\InprocServer32*]
"Class"=hex:7f,a8,8a,ce,d1,12,a7,ca,56,f7,ab,11,3a,5e,e8,4e,b5,56,6a,29,44,3f,
  c3,63,2a,90,d4,1d,c8,df,3a,d1,5b,54,e8,67,27,2e,cc,8f,26,a1,35,a4,a3,ad,4a,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C09C5BC9-8988-fe2c-9b0f-0f14fd62c15f}\InprocServer32*]
"Class"=hex:2d,5a,2e,9b,44,e2,8e,82,5a,12,61,43,57,44,1b,a3,49,3c,04,f2,dc,8b,
  b3,f4,f9,4d,7b,c5,46,bd,04,48,9d,6c,8f,4c,42,01,91,52,9d,37,db,6d,58,91,5b,\
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(3904)
c:\windows\system32\webcheck.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\SOUNDMAN.EXE
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\System32\nvsvc32.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-07  10:16:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-08-07 08:16
.
Vor Suchlauf: 18 Verzeichnis(se), 72.402.665.472 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 72.326.569.984 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - EE51A1BDB1730A5DA294927938183C71

cosinus 08.08.2012 13:23
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

v2k 11.08.2012 11:17
Ich hab für's erste die Logdatei von GMER ... zu mehr komm ich wohl erst am Montag.

Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-11 12:03:46
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000069 WDC_WD5000AACS-00ZUB0 rev.01.01B01
Running: 6x09ww93.exe; Driver: C:\DOKUME~1\Andreas\LOKALE~1\Temp\afgdiaob.sys


---- System - GMER 1.0.15 ----

SSDT  F545A744                                                                                              ZwClose
SSDT  F545A6FE                                                                                              ZwCreateKey
SSDT  F545A74E                                                                                              ZwCreateSection
SSDT  F545A6F4                                                                                              ZwCreateThread
SSDT  F545A703                                                                                              ZwDeleteKey
SSDT  F545A70D                                                                                              ZwDeleteValueKey
SSDT  F545A73F                                                                                              ZwDuplicateObject
SSDT  F545A712                                                                                              ZwLoadKey
SSDT  F545A6E0                                                                                              ZwOpenProcess
SSDT  F545A6E5                                                                                              ZwOpenThread
SSDT  F545A767                                                                                              ZwQueryValueKey
SSDT  F545A71C                                                                                              ZwReplaceKey
SSDT  F545A758                                                                                              ZwRequestWaitReplyPort
SSDT  F545A717                                                                                              ZwRestoreKey
SSDT  F545A753                                                                                              ZwSetContextThread
SSDT  F545A75D                                                                                              ZwSetSecurityObject
SSDT  F545A708                                                                                              ZwSetValueKey
SSDT  F545A762                                                                                              ZwSystemDebugControl
SSDT  F545A6EF                                                                                              ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text  C:\WINDOWS\System32\DRIVERS\nv4_mini.sys                                                              section is writeable [0xF63EE380, 0x21F1AD, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text  C:\programme\real\realplayer\update\realsched.exe[2040] kernel32.dll!SetUnhandledExceptionFilter      7C84495D 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Registry - GMER 1.0.15 ----

Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) 
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                      C:\Programme\DAEMON Tools Pro\
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                     
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                  C:\Programme\DAEMON Tools Pro\
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) 
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                      C:\Programme\DAEMON Tools Pro\
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-54fe-6f0a-79e7fd62c15f}\InprocServer32                   
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-54fe-6f0a-79e7fd62c15f}\InprocServer32@Class              0x46 0xF6 0xA2 0x15 ...
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-54fe-6f0a-79e7fd62c15f}\InprocServer32@ThreadingModel      Apartment
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-54fe-6f0a-79e7fd62c15f}\InprocServer32@                    C:\WINDOWS\system32\OLE32.DLL
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-590e-8f70-00f9fd62c15f}\InprocServer32                   
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-590e-8f70-00f9fd62c15f}\InprocServer32@Class              0x8A 0xE5 0x97 0xED ...
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-590e-8f70-00f9fd62c15f}\InprocServer32@ThreadingModel      Apartment
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-590e-8f70-00f9fd62c15f}\InprocServer32@                    C:\WINDOWS\system32\OLE32.DLL
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-790a-d4d3-0bc1fd62c15f}\InprocServer32                   
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-790a-d4d3-0bc1fd62c15f}\InprocServer32@Class              0xAF 0x8E 0x88 0xDA ...
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-790a-d4d3-0bc1fd62c15f}\InprocServer32@ThreadingModel      Apartment
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-790a-d4d3-0bc1fd62c15f}\InprocServer32@                    C:\WINDOWS\system32\OLE32.DLL
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-aac9-2100-5ea1fd62c15f}\InprocServer32                   
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-aac9-2100-5ea1fd62c15f}\InprocServer32@Class              0xF0 0xCF 0xDD 0xB2 ...
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-aac9-2100-5ea1fd62c15f}\InprocServer32@ThreadingModel      Apartment
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-aac9-2100-5ea1fd62c15f}\InprocServer32@                    C:\WINDOWS\system32\OLE32.DLL
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-ca0a-2085-16aafd62c15f}\InprocServer32                   
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-ca0a-2085-16aafd62c15f}\InprocServer32@Class              0xF8 0xA6 0x7D 0x3C ...
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-ca0a-2085-16aafd62c15f}\InprocServer32@ThreadingModel      Apartment
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-ca0a-2085-16aafd62c15f}\InprocServer32@                    C:\WINDOWS\system32\OLE32.DLL
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-e5cf-e030-1764fd62c15f}\InprocServer32                   
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-e5cf-e030-1764fd62c15f}\InprocServer32@Class              0x7F 0xA8 0x8A 0xCE ...
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-e5cf-e030-1764fd62c15f}\InprocServer32@ThreadingModel      Apartment
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-e5cf-e030-1764fd62c15f}\InprocServer32@                    C:\WINDOWS\system32\OLE32.DLL
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-fe2c-9b0f-0f14fd62c15f}\InprocServer32                   
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-fe2c-9b0f-0f14fd62c15f}\InprocServer32@Class              0x2D 0x5A 0x2E 0x9B ...
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-fe2c-9b0f-0f14fd62c15f}\InprocServer32@ThreadingModel      Apartment
Reg    HKLM\SOFTWARE\Classes\CLSID\{C09C5BC9-8988-fe2c-9b0f-0f14fd62c15f}\InprocServer32@                    C:\WINDOWS\system32\OLE32.DLL

---- EOF - GMER 1.0.15 ----

v2k 13.08.2012 09:32
aswMBR hat sich beim ersten Mal Scannen aufgehängt, also bin ich so vorgegangen wie angewiesen, dann ging es.

OSAM:

Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 09:19:55 on 13.08.2012

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"alsndmgr.cpl" - ? - C:\WINDOWS\system32\alsndmgr.cpl  (File signed by Microsoft | File found, but it contains no detailed information)
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"ISUSPM.cpl" - "InstallShield Software Corporation" - C:\WINDOWS\system32\ISUSPM.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Advanced SCSI Programming Interface Driver" (ASPI) - "Adaptec" - C:\WINDOWS\System32\DRIVERS\ASPI32.sys
"ArkMicro USB Infrared Miniport Adapter" (IrUSB) - "Ark Pioneer MicroElectronics Ltd." - C:\WINDOWS\System32\DRIVERS\IrUSB.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avkmgr.sys
"BIOS" (BIOS) - "BIOSTAR Group" - C:\WINDOWS\System32\drivers\BIOS.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"DAEMON Tools Virtual Bus Driver" (dtsoftbus01) - "DT Soft Ltd" - C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys
"dbustrcm" (dbustrcm) - ? - C:\DOKUME~1\Andreas\LOKALE~1\Temp\dbustrcm.sys  (File not found)
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"MBAMProtector" (MBAMProtector) - ? - C:\WINDOWS\system32\drivers\mbam.sys  (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"SSHDRV61" (SSHDRV61) - ? - C:\WINDOWS\System32\drivers\SSHDRV61.sys  (File found, but it contains no detailed information)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys  (File not found)
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - ? - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll  (File not found)
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll
{1F77B17B-F531-44DB-ACA4-76ABB5010A28} "AIMP2: ShellExt" - "AIMP DevTeam" - C:\Programme\AIMP2\System\aimp_shell.dll
{F5D92341-0A64-11D0-9956-0000E8096023} "CD Copy Shell Extension" - ? -  (File not found | COM-object registry key not found)
{F5D92342-0A64-11D0-9956-0000E8096023} "CD Wizard Shell Extension" - ? -  (File not found | COM-object registry key not found)
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -  (File not found | COM-object registry key not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -  (File not found | COM-object registry key not found)
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Programme\ICQLite\ICQLiteShell.dll
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? -  (File not found | COM-object registry key not found)
{D9872D13-7651-4471-9EEE-F0A00218BEBB} "Multiscan" - ? -  (File not found | COM-object registry key not found)
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - ? - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll  (File not found)
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - ? - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll  (File not found)
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\programme\real\realplayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -  (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" - ? -  (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{33564D57-0000-0010-8000-00AA00389B71} "{33564D57-0000-0010-8000-00AA00389B71}" - ? -  (File not found | COM-object registry key not found) / hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}" - ? -  (File not found | COM-object registry key not found) /
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
"ICQ Lite" - ? - C:\Programme\ICQLite\ICQLite.exe  (File not found)
"ICQ7M" - "ICQ, LLC." - C:\Programme\ICQ7M\ICQ.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Andreas\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"ICQ" - "ICQ, LLC." - "C:\Programme\ICQ7M\ICQ.exe" silent loginmode=4
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Anti-Blaxx Manager" - ? - C:\Programme\Anti-Blaxx\Anti-Blaxx.exe
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"PinnacleDriverCheck" - ? - C:\WINDOWS\System32\PSDrvCheck.exe
"TkBellExe" - "RealNetworks, Inc." - "C:\programme\real\realplayer\update\realsched.exe"  -osboot

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
"SearchAnonymizer" (SearchAnonymizer) - ? - C:\Dokumente und Einstellungen\Andreas\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

aswMBR:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-13 10:24:01
-----------------------------
10:24:01.187    OS Version: Windows 5.1.2600 Service Pack 3
10:24:01.187    Number of processors: 1 586 0x2F02
10:24:01.203    ComputerName: ANDREAS-IE3OGLJ  UserName: Andreas
10:24:03.906    Initialize success
10:24:29.625    AVAST engine defs: 12081300
10:24:58.093    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000069
10:24:58.093    Disk 0 Vendor: WDC_WD5000AACS-00ZUB0 01.01B01 Size: 476940MB BusType: 3
10:24:58.109    Disk 0 MBR read successfully
10:24:58.109    Disk 0 MBR scan
10:24:58.203    Disk 0 Windows XP default MBR code
10:24:58.218    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      131061 MB offset 63
10:24:58.234    Disk 0 scanning sectors +268414020
10:24:58.437    Disk 0 scanning C:\WINDOWS\system32\drivers
10:25:26.875    Service scanning
10:25:40.781    Modules scanning
10:25:57.578    Disk 0 trace - called modules:
10:25:57.609    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
10:25:57.609    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84dcf4d8]
10:25:57.625    3 CLASSPNP.SYS[f765cfd7] -> nt!IofCallDriver -> \Device\0000006a[0x84d20a98]
10:25:57.625    5 ACPI.sys[f74f2620] -> nt!IofCallDriver -> \Device\00000069[0x84c15030]
10:25:57.625    Scan finished successfully
10:30:48.750    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Andreas\Desktop\MBR.dat"
10:30:48.796    The log file has been saved successfully to "C:\Dokumente und Einstellungen\Andreas\Desktop\aswMBR.txt"

cosinus 13.08.2012 17:39
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

v2k 13.08.2012 21:00
Gute Nachrichten, das hör ich gern. Der Malwarebytes-Scan sieht auch gut aus:

Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.13.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Andreas :: ANDREAS-IE3OGLJ [Administrator]

13.08.2012 20:15:27
mbam-log-2012-08-13 (20-15-27).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 306417
Laufzeit: 1 Stunde(n), 41 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Den zweiten werd ich morgen nachreichen.

SUPERAntiSpyware:

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 08/14/2012 at 07:18 PM

Application Version : 5.5.1012

Core Rules Database Version : 8939
Trace Rules Database Version: 6751

Scan type      : Complete Scan
Total Scan Time : 08:29:50

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned      : 467
Memory threats detected  : 0
Registry items scanned    : 34069
Registry threats detected : 0
File items scanned        : 122315
File threats detected    : 311

Adware.Tracking Cookie
        C:\Dokumente und Einstellungen\Andreas\Cookies\RZ22K3P6.txt [ /adform.net ]
        C:\Dokumente und Einstellungen\Andreas\Cookies\Q4UY5X2L.txt [ /imrworldwide.com ]
        C:\Dokumente und Einstellungen\Andreas\Cookies\TA47GXJ8.txt [ /ad.zanox.com ]
        C:\Dokumente und Einstellungen\Andreas\Cookies\8YJ4M6NR.txt [ /ad1.adfarm1.adition.com ]
        C:\Dokumente und Einstellungen\Andreas\Cookies\85P8D4V6.txt [ /ad2.adfarm1.adition.com ]
        C:\Dokumente und Einstellungen\Andreas\Cookies\FU867Y25.txt [ /serving-sys.com ]
        C:\Dokumente und Einstellungen\Andreas\Cookies\URR30XU1.txt [ /zanox.com ]
        C:\Dokumente und Einstellungen\Andreas\Cookies\FZNMICK1.txt [ /track.adform.net ]
        C:\Dokumente und Einstellungen\Andreas\Cookies\A6F8CW1H.txt [ /adfarm1.adition.com ]
        C:\DOKUMENTE UND EINSTELLUNGEN\GAST\Cookies\gast@msnportal.112.2o7[1].txt [ Cookie:gast@msnportal.112.2o7.net/ ]
        C:\DOKUMENTE UND EINSTELLUNGEN\GAST\Cookies\gast@bs.serving-sys[1].txt [ Cookie:gast@bs.serving-sys.com/ ]
        C:\DOKUMENTE UND EINSTELLUNGEN\GAST\Cookies\gast@serving-sys[1].txt [ Cookie:gast@serving-sys.com/ ]
        accounts.google.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .traffichaus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ads2.zeusclicks.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .xiti.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .a.revenuemax.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .cunda.122.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .paypal.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adserver.adtechus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .eyewonder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas4.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        r2.unicornmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        s06.flagcounter.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .banners.adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .tto2.traffictrack.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .estat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas4.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .tacoda.at.atwola.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ads.pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .autoscout24.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adxpose.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad.adnetwork.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .aim4media.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .aka-cdn-ns.adtech.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .quartermedia.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .guj.122.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ads.pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ads.pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ads.pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ads.pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ads.pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ads.pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ads.pointroll.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        openx1.overadmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adxvalue.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad.adserver01.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad.adserver01.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6afkysgajslo.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wfliajdzmco.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wblignc5mgq.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad.adition.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad.adition.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wbmiqgc5wgo.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .argentinawarez.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .argentinawarez.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        media.fragster.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        press.vouyermedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        insight.torbit.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        server.adformdsp.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adformdsp.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .advertstream.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .clicksor.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        tracking.hostgator.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        banner.sport-hosting.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.universal-traffic.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .gostats.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.counter.a-team-inside.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6aemyulajcgp.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6afkiamdzohq.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .tracker.vinsight.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        banner.testberichte.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .afe2.specificclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .bravenet.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .sexad.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .syndication.traffichaus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .syndication.traffichaus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .clickfuse.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .tribalfusion.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        dc.tremormedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .122.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .enoratraffic.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ads.trafficjunky.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        stats.sexpillguru.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wnmiemcjcbp.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .xxx.chanarchive.org [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .yieldmanager.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.easymedia-gmbh.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wjkyqgczagq.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .pornhunter.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        adserver1.mokono.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        vidasco.rotator.hadj7.adjuggler.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .hdpornleech.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        optimize.indieclick.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .myroitracking.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .myhammer.122.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ox-d.secure-clicks.org [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        foto.hcmedia.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ads.crakmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .solvemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .solvemedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.discounto.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .track.right-ads.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .srv.resultsmedia.biz [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .trafficmp.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .lucidmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .urbia.wwe-media.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .generaltracking.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        tracking.mobile.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wdmywpdzolp.stats.esomniture.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .dmtracker.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .interclick.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        stat.dealtime.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas4.emediate.eu [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .stats.paypal.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .rambler.ru [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .rambler.ru [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas.almamedia.fi [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        eas.almamedia.fi [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        media.antenne-bayern.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .legolas-media.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adultfriendfinder.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        da.virginmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]
        da.virginmedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\ANDREAS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\932BXW2J.DEFAULT\COOKIES.SQLITE ]

PUP.CNETInstaller
        C:\SYSTEM VOLUME INFORMATION\_RESTORE{E8B3E7EE-42FF-471C-B2CD-D0437A3955CC}\RP547\A0788876.EXE
Bei SUPERAntiSpyware hab ich nichts löschen lassen. Richtig so?


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:49 Uhr.
Seite 3 von 4 12 3 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131