Malware-Befall? Virenscans dauern ewig

Nick1977 · 25.03.2012, 08:21

Zitat:

Es gibt auch ein paar mehr User nicht nur die die du angelegt hast!

Guten Morgen Arne,

mit dieser Erklärung hätte es sofort verstanden. Vielleicht können wir das damit abhaken.

Gruß
Nick

cosinus · 25.03.2012, 14:55

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:

ATTFilter

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A4E7FD70-9963-4C39-9505-0A56D19A8C51}
IE:64bit: - HKLM\..\SearchScopes\{A4E7FD70-9963-4C39-9505-0A56D19A8C51}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKLM\..\SearchScopes\{F57C6424-A6A7-4E9D-91D2-8D13AC1DC0A7}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKU\S-1-5-21-2437589058-2030733987-1912823889-1000\..\SearchScopes,DefaultScope = {68547C31-E818-4203-8C3D-19D391981CDF}
IE - HKU\S-1-5-21-2437589058-2030733987-1912823889-1000\..\SearchScopes\{68547C31-E818-4203-8C3D-19D391981CDF}: "URL" = http://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - user.js - File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2437589058-2030733987-1912823889-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\***\Startup\Dell Dock.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
:Commands
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Nick1977 · 25.03.2012, 18:55

Erledigt. Unten das Log. Leider öffnet sich mein Dell-Dock nun nicht mehr!!!

Gruß
Nick

Code:

ATTFilter

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A4E7FD70-9963-4C39-9505-0A56D19A8C51}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4E7FD70-9963-4C39-9505-0A56D19A8C51}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F57C6424-A6A7-4E9D-91D2-8D13AC1DC0A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F57C6424-A6A7-4E9D-91D2-8D13AC1DC0A7}\ not found.
HKEY_USERS\S-1-5-21-2437589058-2030733987-1912823889-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2437589058-2030733987-1912823889-1000\Software\Microsoft\Internet Explorer\SearchScopes\{68547C31-E818-4203-8C3D-19D391981CDF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68547C31-E818-4203-8C3D-19D391981CDF}\ not found.
Prefs.js: "Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2437589058-2030733987-1912823889-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\***\Startup\Dell Dock.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 718321 bytes
->Temporary Internet Files folder emptied: 2454379 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 103804496 bytes
->Flash cache emptied: 17213 bytes
 
User: ***
->Temp folder emptied: 1008494 bytes
->Temporary Internet Files folder emptied: 81574471 bytes
->Java cache emptied: 31316147 bytes
->FireFox cache emptied: 380487787 bytes
->Apple Safari cache emptied: 600064 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 32837 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1368002 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50501 bytes
RecycleBin emptied: 144392215 bytes
 
Total Files Cleaned = 713,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.39.1 log created on 03252012_194127

Files\Folders moved on Reboot...
C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

cosinus · 26.03.2012, 12:10

Zitat:

Erledigt. Unten das Log. Leider öffnet sich mein Dell-Dock nun nicht mehr!!!

Muss denn IMMER ALLES automatisch starten? Warum muss das in den Autostart rein

Nick1977 · 26.03.2012, 21:34

Schon wahr, ich kann mir das ja noch überlegen...

Gruß
Nick

cosinus · 27.03.2012, 10:27

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Nick1977 · 28.03.2012, 06:33

Guten Morgen Arne,

TDSS hat zwei Dinge gefunden. Hier das Log dazu:

Code:

ATTFilter

07:13:48.0819 0608	TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
07:13:48.0955 0608	============================================================
07:13:48.0955 0608	Current date / time: 2012/03/28 07:13:48.0955
07:13:48.0955 0608	SystemInfo:
07:13:48.0955 0608	
07:13:48.0955 0608	OS Version: 6.1.7601 ServicePack: 1.0
07:13:48.0955 0608	Product type: Workstation
07:13:48.0955 0608	ComputerName: ***
07:13:48.0956 0608	UserName: ***
07:13:48.0956 0608	Windows directory: C:\Windows
07:13:48.0956 0608	System windows directory: C:\Windows
07:13:48.0956 0608	Running under WOW64
07:13:48.0956 0608	Processor architecture: Intel x64
07:13:48.0956 0608	Number of processors: 2
07:13:48.0956 0608	Page size: 0x1000
07:13:48.0956 0608	Boot type: Normal boot
07:13:48.0956 0608	============================================================
07:13:52.0592 0608	Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:13:52.0605 0608	\Device\Harddisk0\DR0:
07:13:52.0605 0608	MBR used
07:13:52.0605 0608	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
07:13:52.0605 0608	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x1B4657AB
07:13:52.0735 0608	Initialize success
07:13:52.0735 0608	============================================================
07:14:52.0596 3296	============================================================
07:14:52.0596 3296	Scan started
07:14:52.0596 3296	Mode: Manual; SigCheck; TDLFS; 
07:14:52.0596 3296	============================================================
07:14:54.0765 3296	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
07:14:55.0030 3296	1394ohci - ok
07:14:55.0342 3296	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:14:55.0373 3296	ACPI - ok
07:14:55.0685 3296	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:14:55.0779 3296	AcpiPmi - ok
07:14:56.0106 3296	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
07:14:56.0138 3296	adp94xx - ok
07:14:56.0372 3296	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
07:14:56.0403 3296	adpahci - ok
07:14:56.0824 3296	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
07:14:56.0855 3296	adpu320 - ok
07:14:57.0401 3296	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
07:14:57.0510 3296	AeLookupSvc - ok
07:14:58.0368 3296	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
07:14:58.0509 3296	AFD - ok
07:14:59.0008 3296	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:14:59.0039 3296	agp440 - ok
07:14:59.0289 3296	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
07:14:59.0351 3296	ALG - ok
07:14:59.0726 3296	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:14:59.0741 3296	aliide - ok
07:15:00.0209 3296	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:15:00.0225 3296	amdide - ok
07:15:00.0755 3296	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
07:15:00.0865 3296	AmdK8 - ok
07:15:01.0256 3296	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
07:15:01.0334 3296	AmdPPM - ok
07:15:01.0864 3296	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:15:01.0895 3296	amdsata - ok
07:15:02.0363 3296	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
07:15:02.0379 3296	amdsbs - ok
07:15:03.0549 3296	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:15:03.0564 3296	amdxata - ok
07:15:04.0422 3296	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:15:04.0500 3296	AppID - ok
07:15:05.0171 3296	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
07:15:05.0280 3296	AppIDSvc - ok
07:15:05.0561 3296	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
07:15:05.0624 3296	Appinfo - ok
07:15:05.0967 3296	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:15:05.0982 3296	Apple Mobile Device - ok
07:15:06.0840 3296	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
07:15:06.0856 3296	arc - ok
07:15:07.0277 3296	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
07:15:07.0293 3296	arcsas - ok
07:15:08.0322 3296	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:15:08.0400 3296	AsyncMac - ok
07:15:08.0775 3296	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:15:08.0790 3296	atapi - ok
07:15:09.0071 3296	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:15:09.0165 3296	AudioEndpointBuilder - ok
07:15:09.0227 3296	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:15:09.0274 3296	AudioSrv - ok
07:15:09.0695 3296	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
07:15:09.0758 3296	AxInstSV - ok
07:15:10.0584 3296	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
07:15:10.0678 3296	b06bdrv - ok
07:15:11.0052 3296	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:15:11.0115 3296	b57nd60a - ok
07:15:11.0411 3296	BCM42RLY        (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
07:15:11.0489 3296	BCM42RLY - ok
07:15:12.0269 3296	BCM43XX         (f4cd5f52850bf2c978de178f256ba372) C:\Windows\system32\DRIVERS\bcmwl664.sys
07:15:12.0332 3296	BCM43XX - ok
07:15:12.0690 3296	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
07:15:12.0722 3296	BDESVC - ok
07:15:13.0642 3296	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:15:13.0736 3296	Beep - ok
07:15:14.0578 3296	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
07:15:14.0718 3296	BFE - ok
07:15:15.0186 3296	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
07:15:15.0264 3296	BITS - ok
07:15:15.0623 3296	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:15:15.0686 3296	blbdrive - ok
07:15:16.0122 3296	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
07:15:16.0138 3296	Bonjour Service - ok
07:15:16.0746 3296	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:15:16.0824 3296	bowser - ok
07:15:16.0996 3296	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:15:17.0043 3296	BrFiltLo - ok
07:15:17.0308 3296	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:15:17.0324 3296	BrFiltUp - ok
07:15:17.0792 3296	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
07:15:17.0963 3296	Browser - ok
07:15:18.0400 3296	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:15:18.0462 3296	Brserid - ok
07:15:19.0258 3296	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:15:19.0305 3296	BrSerWdm - ok
07:15:19.0773 3296	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:15:19.0866 3296	BrUsbMdm - ok
07:15:20.0646 3296	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:15:20.0724 3296	BrUsbSer - ok
07:15:21.0489 3296	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
07:15:21.0536 3296	BTHMODEM - ok
07:15:21.0816 3296	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
07:15:21.0926 3296	bthserv - ok
07:15:22.0316 3296	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:15:22.0409 3296	cdfs - ok
07:15:22.0737 3296	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
07:15:22.0799 3296	cdrom - ok
07:15:23.0236 3296	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:15:23.0345 3296	CertPropSvc - ok
07:15:23.0829 3296	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
07:15:23.0860 3296	circlass - ok
07:15:24.0312 3296	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:15:24.0375 3296	CLFS - ok
07:15:24.0749 3296	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:15:24.0765 3296	clr_optimization_v2.0.50727_32 - ok
07:15:25.0061 3296	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:15:25.0077 3296	clr_optimization_v2.0.50727_64 - ok
07:15:26.0262 3296	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:15:26.0309 3296	clr_optimization_v4.0.30319_32 - ok
07:15:26.0824 3296	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:15:26.0840 3296	clr_optimization_v4.0.30319_64 - ok
07:15:27.0120 3296	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:15:27.0167 3296	CmBatt - ok
07:15:27.0526 3296	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:15:27.0542 3296	cmdide - ok
07:15:28.0337 3296	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
07:15:28.0400 3296	CNG - ok
07:15:29.0055 3296	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:15:29.0070 3296	Compbatt - ok
07:15:29.0585 3296	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
07:15:29.0632 3296	CompositeBus - ok
07:15:29.0866 3296	COMSysApp - ok
07:15:30.0849 3296	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
07:15:30.0911 3296	crcdisk - ok
07:15:31.0239 3296	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
07:15:31.0364 3296	CryptSvc - ok
07:15:31.0785 3296	CtClsFlt        (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
07:15:31.0832 3296	CtClsFlt - ok
07:15:32.0378 3296	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:15:32.0487 3296	DcomLaunch - ok
07:15:32.0861 3296	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
07:15:32.0955 3296	defragsvc - ok
07:15:33.0438 3296	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:15:33.0532 3296	DfsC - ok
07:15:33.0782 3296	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
07:15:33.0875 3296	Dhcp - ok
07:15:34.0156 3296	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:15:34.0234 3296	discache - ok
07:15:34.0780 3296	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
07:15:34.0796 3296	Disk - ok
07:15:35.0092 3296	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
07:15:35.0154 3296	Dnscache - ok
07:15:35.0560 3296	DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
07:15:35.0607 3296	DockLoginService ( UnsignedFile.Multi.Generic ) - warning
07:15:35.0607 3296	DockLoginService - detected UnsignedFile.Multi.Generic (1)
07:15:36.0137 3296	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
07:15:36.0309 3296	dot3svc - ok
07:15:36.0855 3296	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
07:15:36.0933 3296	DPS - ok
07:15:37.0182 3296	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:15:37.0245 3296	drmkaud - ok
07:15:37.0572 3296	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:15:37.0604 3296	DXGKrnl - ok
07:15:37.0838 3296	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
07:15:37.0931 3296	EapHost - ok
07:15:38.0462 3296	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
07:15:38.0633 3296	ebdrv - ok
07:15:38.0852 3296	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
07:15:38.0945 3296	EFS - ok
07:15:39.0335 3296	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
07:15:39.0382 3296	ehRecvr - ok
07:15:39.0647 3296	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
07:15:39.0756 3296	ehSched - ok
07:15:40.0053 3296	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
07:15:40.0084 3296	elxstor - ok
07:15:40.0349 3296	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:15:40.0396 3296	ErrDev - ok
07:15:40.0646 3296	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
07:15:40.0739 3296	EventSystem - ok
07:15:41.0036 3296	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:15:41.0082 3296	exfat - ok
07:15:41.0285 3296	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:15:41.0363 3296	fastfat - ok
07:15:41.0831 3296	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
07:15:41.0894 3296	Fax - ok
07:15:42.0112 3296	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
07:15:42.0143 3296	fdc - ok
07:15:42.0377 3296	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
07:15:42.0455 3296	fdPHost - ok
07:15:42.0814 3296	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
07:15:42.0908 3296	FDResPub - ok
07:15:43.0360 3296	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:15:43.0376 3296	FileInfo - ok
07:15:43.0922 3296	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:15:44.0031 3296	Filetrace - ok
07:15:44.0296 3296	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
07:15:44.0358 3296	flpydisk - ok
07:15:44.0608 3296	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:15:44.0639 3296	FltMgr - ok
07:15:44.0967 3296	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
07:15:45.0029 3296	FontCache - ok
07:15:45.0357 3296	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:15:45.0372 3296	FontCache3.0.0.0 - ok
07:15:45.0653 3296	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:15:45.0669 3296	FsDepends - ok
07:15:45.0856 3296	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
07:15:45.0872 3296	Fs_Rec - ok
07:15:46.0184 3296	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:15:46.0199 3296	fvevol - ok
07:15:46.0464 3296	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:15:46.0480 3296	gagp30kx - ok
07:15:46.0698 3296	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:15:46.0714 3296	GEARAspiWDM - ok
07:15:47.0338 3296	ggflt           (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
07:15:47.0354 3296	ggflt - ok
07:15:47.0650 3296	ggsemc          (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
07:15:47.0666 3296	ggsemc - ok
07:15:47.0931 3296	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
07:15:48.0009 3296	gpsvc - ok
07:15:48.0352 3296	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:15:48.0414 3296	hcw85cir - ok
07:15:48.0742 3296	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
07:15:48.0804 3296	HDAudBus - ok
07:15:49.0132 3296	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
07:15:49.0179 3296	HidBatt - ok
07:15:49.0382 3296	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
07:15:49.0444 3296	HidBth - ok
07:15:49.0678 3296	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
07:15:49.0709 3296	HidIr - ok
07:15:49.0974 3296	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
07:15:50.0052 3296	hidserv - ok
07:15:50.0396 3296	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
07:15:50.0427 3296	HidUsb - ok
07:15:50.0676 3296	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
07:15:50.0770 3296	hkmsvc - ok
07:15:51.0176 3296	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
07:15:51.0222 3296	HomeGroupListener - ok
07:15:51.0456 3296	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
07:15:51.0534 3296	HomeGroupProvider - ok
07:15:52.0018 3296	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:15:52.0034 3296	HpSAMD - ok
07:15:52.0720 3296	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:15:52.0782 3296	HTTP - ok
07:15:53.0094 3296	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:15:53.0110 3296	hwpolicy - ok
07:15:53.0516 3296	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
07:15:53.0547 3296	i8042prt - ok
07:15:53.0843 3296	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:15:53.0874 3296	iaStorV - ok
07:15:54.0358 3296	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:15:54.0436 3296	idsvc - ok
07:15:55.0263 3296	igfx            (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
07:15:55.0590 3296	igfx - ok
07:15:55.0996 3296	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
07:15:56.0027 3296	iirsp - ok
07:15:56.0386 3296	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
07:15:56.0526 3296	IKEEXT - ok
07:15:56.0792 3296	IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
07:15:56.0823 3296	IntcHdmiAddService - ok
07:15:57.0166 3296	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:15:57.0182 3296	intelide - ok
07:15:57.0572 3296	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:15:57.0603 3296	intelppm - ok
07:15:58.0164 3296	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
07:15:58.0227 3296	IPBusEnum - ok
07:15:58.0461 3296	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:15:58.0539 3296	IpFilterDriver - ok
07:15:58.0742 3296	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
07:15:58.0851 3296	iphlpsvc - ok
07:15:59.0194 3296	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:15:59.0256 3296	IPMIDRV - ok
07:15:59.0522 3296	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:15:59.0600 3296	IPNAT - ok
07:15:59.0865 3296	iPod Service    (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
07:15:59.0974 3296	iPod Service - ok
07:16:00.0239 3296	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:16:00.0302 3296	IRENUM - ok
07:16:00.0629 3296	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:16:00.0645 3296	isapnp - ok
07:16:00.0941 3296	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:16:00.0972 3296	iScsiPrt - ok
07:16:01.0206 3296	k57nd60a        (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys
07:16:01.0284 3296	k57nd60a - ok
07:16:01.0628 3296	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
07:16:01.0643 3296	kbdclass - ok
07:16:01.0986 3296	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
07:16:02.0002 3296	kbdhid - ok
07:16:02.0189 3296	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:16:02.0220 3296	KeyIso - ok
07:16:02.0548 3296	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
07:16:02.0564 3296	KSecDD - ok
07:16:02.0860 3296	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
07:16:02.0891 3296	KSecPkg - ok
07:16:03.0156 3296	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:16:03.0359 3296	ksthunk - ok
07:16:03.0640 3296	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
07:16:03.0718 3296	KtmRm - ok
07:16:03.0983 3296	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
07:16:04.0061 3296	LanmanServer - ok
07:16:04.0326 3296	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
07:16:04.0420 3296	LanmanWorkstation - ok
07:16:04.0670 3296	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:16:04.0732 3296	lltdio - ok
07:16:05.0028 3296	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
07:16:05.0091 3296	lltdsvc - ok
07:16:05.0699 3296	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
07:16:05.0746 3296	lmhosts - ok
07:16:06.0417 3296	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:16:06.0432 3296	LSI_FC - ok
07:16:06.0947 3296	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:16:06.0963 3296	LSI_SAS - ok
07:16:07.0446 3296	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:16:07.0462 3296	LSI_SAS2 - ok
07:16:07.0680 3296	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:16:07.0696 3296	LSI_SCSI - ok
07:16:08.0180 3296	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:16:08.0242 3296	luafv - ok
07:16:08.0429 3296	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
07:16:08.0476 3296	Mcx2Svc - ok
07:16:09.0459 3296	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
07:16:09.0474 3296	megasas - ok
07:16:10.0504 3296	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
07:16:10.0535 3296	MegaSR - ok
07:16:12.0204 3296	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:16:12.0485 3296	MMCSS - ok
07:16:13.0811 3296	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:16:13.0874 3296	Modem - ok
07:16:14.0186 3296	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:16:14.0232 3296	monitor - ok
07:16:14.0732 3296	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
07:16:14.0747 3296	mouclass - ok
07:16:14.0934 3296	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:16:14.0981 3296	mouhid - ok
07:16:15.0044 3296	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:16:15.0059 3296	mountmgr - ok
07:16:15.0293 3296	MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
07:16:15.0309 3296	MpFilter - ok
07:16:15.0543 3296	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:16:15.0558 3296	mpio - ok
07:16:15.0730 3296	MpNWMon         (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
07:16:15.0730 3296	MpNWMon - ok
07:16:15.0902 3296	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:16:15.0933 3296	mpsdrv - ok
07:16:16.0229 3296	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
07:16:16.0292 3296	MpsSvc - ok
07:16:16.0494 3296	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:16:16.0526 3296	MRxDAV - ok
07:16:16.0713 3296	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:16:16.0760 3296	mrxsmb - ok
07:16:16.0962 3296	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:16:16.0994 3296	mrxsmb10 - ok
07:16:17.0212 3296	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:16:17.0243 3296	mrxsmb20 - ok
07:16:17.0508 3296	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:16:17.0524 3296	msahci - ok
07:16:17.0742 3296	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:16:17.0758 3296	msdsm - ok
07:16:17.0961 3296	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
07:16:18.0008 3296	MSDTC - ok
07:16:18.0304 3296	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:16:18.0335 3296	Msfs - ok
07:16:18.0569 3296	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:16:18.0647 3296	mshidkmdf - ok
07:16:18.0897 3296	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:16:18.0912 3296	msisadrv - ok
07:16:19.0178 3296	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
07:16:19.0256 3296	MSiSCSI - ok
07:16:19.0521 3296	msiserver - ok
07:16:20.0051 3296	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:16:20.0114 3296	MSKSSRV - ok
07:16:20.0270 3296	MsMpSvc         (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
07:16:20.0285 3296	MsMpSvc - ok
07:16:20.0504 3296	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:16:20.0582 3296	MSPCLOCK - ok
07:16:20.0784 3296	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:16:20.0972 3296	MSPQM - ok
07:16:22.0641 3296	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:16:22.0656 3296	MsRPC - ok
07:16:22.0968 3296	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
07:16:22.0984 3296	mssmbios - ok
07:16:23.0202 3296	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:16:23.0280 3296	MSTEE - ok
07:16:24.0014 3296	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
07:16:24.0076 3296	MTConfig - ok
07:16:24.0357 3296	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:16:24.0372 3296	Mup - ok
07:16:24.0528 3296	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
07:16:24.0591 3296	napagent - ok
07:16:24.0840 3296	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:16:24.0887 3296	NativeWifiP - ok
07:16:25.0230 3296	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
07:16:25.0262 3296	NDIS - ok
07:16:26.0276 3296	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:16:26.0338 3296	NdisCap - ok
07:16:26.0556 3296	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:16:26.0619 3296	NdisTapi - ok
07:16:26.0868 3296	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:16:26.0946 3296	Ndisuio - ok
07:16:27.0180 3296	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:16:27.0243 3296	NdisWan - ok
07:16:27.0789 3296	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:16:27.0851 3296	NDProxy - ok
07:16:28.0085 3296	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:16:28.0132 3296	NetBIOS - ok
07:16:28.0319 3296	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:16:28.0382 3296	NetBT - ok
07:16:28.0569 3296	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:16:28.0584 3296	Netlogon - ok
07:16:28.0787 3296	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
07:16:28.0850 3296	Netman - ok
07:16:29.0068 3296	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
07:16:29.0146 3296	netprofm - ok
07:16:30.0176 3296	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:16:30.0285 3296	NetTcpPortSharing - ok
07:16:30.0612 3296	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
07:16:30.0628 3296	nfrd960 - ok
07:16:30.0800 3296	NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:16:30.0815 3296	NisDrv - ok
07:16:30.0940 3296	NisSrv          (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
07:16:30.0971 3296	NisSrv - ok
07:16:31.0190 3296	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
07:16:31.0268 3296	NlaSvc - ok
07:16:31.0704 3296	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:16:31.0751 3296	Npfs - ok
07:16:32.0016 3296	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
07:16:32.0079 3296	nsi - ok
07:16:32.0328 3296	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:16:32.0391 3296	nsiproxy - ok
07:16:32.0687 3296	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:16:32.0734 3296	Ntfs - ok
07:16:32.0968 3296	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:16:32.0999 3296	Null - ok
07:16:33.0202 3296	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:16:33.0218 3296	nvraid - ok
07:16:33.0592 3296	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:16:33.0608 3296	nvstor - ok
07:16:33.0779 3296	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:16:33.0795 3296	nv_agp - ok
07:16:34.0029 3296	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:16:34.0076 3296	ohci1394 - ok
07:16:34.0294 3296	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:16:34.0341 3296	p2pimsvc - ok
07:16:34.0622 3296	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
07:16:34.0653 3296	p2psvc - ok
07:16:34.0871 3296	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:16:34.0918 3296	Parport - ok
07:16:35.0246 3296	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
07:16:35.0261 3296	partmgr - ok
07:16:35.0979 3296	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
07:16:36.0026 3296	PcaSvc - ok
07:16:36.0275 3296	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:16:36.0291 3296	pci - ok
07:16:36.0572 3296	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:16:36.0572 3296	pciide - ok
07:16:36.0743 3296	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
07:16:36.0774 3296	pcmcia - ok
07:16:36.0993 3296	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:16:37.0008 3296	pcw - ok
07:16:37.0352 3296	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:16:37.0492 3296	PEAUTH - ok
07:16:37.0695 3296	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
07:16:37.0742 3296	PerfHost - ok
07:16:38.0085 3296	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
07:16:38.0163 3296	pla - ok
07:16:38.0381 3296	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
07:16:38.0412 3296	PlugPlay - ok
07:16:38.0584 3296	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
07:16:38.0615 3296	PNRPAutoReg - ok
07:16:38.0818 3296	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:16:38.0834 3296	PNRPsvc - ok
07:16:39.0099 3296	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
07:16:39.0161 3296	PolicyAgent - ok
07:16:39.0458 3296	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
07:16:39.0551 3296	Power - ok
07:16:39.0754 3296	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:16:39.0848 3296	PptpMiniport - ok
07:16:40.0066 3296	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
07:16:40.0097 3296	Processor - ok
07:16:40.0316 3296	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
07:16:40.0378 3296	ProfSvc - ok
07:16:40.0565 3296	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:16:40.0581 3296	ProtectedStorage - ok
07:16:40.0799 3296	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:16:40.0893 3296	Psched - ok
07:16:41.0486 3296	PxHlpa64        (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
07:16:41.0501 3296	PxHlpa64 - ok
07:16:41.0735 3296	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
07:16:41.0782 3296	ql2300 - ok
07:16:42.0110 3296	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
07:16:42.0125 3296	ql40xx - ok
07:16:42.0266 3296	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
07:16:42.0297 3296	QWAVE - ok
07:16:42.0500 3296	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:16:42.0515 3296	QWAVEdrv - ok
07:16:42.0702 3296	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:16:42.0765 3296	RasAcd - ok
07:16:42.0999 3296	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:16:43.0046 3296	RasAgileVpn - ok
07:16:43.0233 3296	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
07:16:43.0311 3296	RasAuto - ok
07:16:43.0654 3296	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:16:43.0716 3296	Rasl2tp - ok
07:16:43.0904 3296	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
07:16:43.0997 3296	RasMan - ok
07:16:44.0247 3296	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:16:44.0325 3296	RasPppoe - ok
07:16:44.0559 3296	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:16:44.0652 3296	RasSstp - ok
07:16:44.0902 3296	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:16:44.0980 3296	rdbss - ok
07:16:45.0245 3296	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:16:45.0386 3296	rdpbus - ok
07:16:45.0635 3296	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:16:45.0729 3296	RDPCDD - ok
07:16:46.0041 3296	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:16:46.0150 3296	RDPENCDD - ok
07:16:46.0462 3296	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:16:46.0509 3296	RDPREFMP - ok
07:16:46.0727 3296	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
07:16:46.0774 3296	RDPWD - ok
07:16:47.0055 3296	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:16:47.0070 3296	rdyboost - ok
07:16:47.0242 3296	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
07:16:47.0414 3296	RemoteAccess - ok
07:16:47.0632 3296	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
07:16:47.0694 3296	RemoteRegistry - ok
07:16:47.0975 3296	rimmptsk        (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
07:16:48.0022 3296	rimmptsk - ok
07:16:48.0287 3296	rimsptsk        (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
07:16:48.0334 3296	rimsptsk - ok
07:16:48.0599 3296	rismxdp         (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
07:16:48.0615 3296	rismxdp - ok
07:16:48.0786 3296	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
07:16:48.0864 3296	RpcEptMapper - ok
07:16:48.0896 3296	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
07:16:48.0958 3296	RpcLocator - ok
07:16:49.0176 3296	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:16:49.0223 3296	RpcSs - ok
07:16:49.0520 3296	RRNetCap        (2abd2b3ba2ef0c3ba82284c2a5e28675) C:\Windows\system32\DRIVERS\rrnetcap.sys
07:16:49.0535 3296	RRNetCap - ok
07:16:49.0613 3296	RRNetCapMP      (2abd2b3ba2ef0c3ba82284c2a5e28675) C:\Windows\system32\DRIVERS\rrnetcap.sys
07:16:49.0613 3296	RRNetCapMP - ok
07:16:49.0878 3296	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:16:49.0956 3296	rspndr - ok
07:16:50.0331 3296	s0016bus        (ea268bce30691c2dd24f02e617fd2eb5) C:\Windows\system32\DRIVERS\s0016bus.sys
07:16:50.0346 3296	s0016bus - ok
07:16:50.0580 3296	s0016mdfl       (f5f9deb89996d333ef976624d37e24e3) C:\Windows\system32\DRIVERS\s0016mdfl.sys
07:16:50.0596 3296	s0016mdfl - ok
07:16:50.0814 3296	s0016mdm        (c17ce2aee67480febcc36eccb54c0be8) C:\Windows\system32\DRIVERS\s0016mdm.sys
07:16:50.0830 3296	s0016mdm - ok
07:16:51.0064 3296	s0016mgmt       (cc267f04c54c5ec5b7bd658d7628469f) C:\Windows\system32\DRIVERS\s0016mgmt.sys
07:16:51.0080 3296	s0016mgmt - ok
07:16:51.0345 3296	s0016nd5        (30a35bbce09d9fe67482fd62c61911fc) C:\Windows\system32\DRIVERS\s0016nd5.sys
07:16:51.0345 3296	s0016nd5 - ok
07:16:51.0594 3296	s0016obex       (ca394dcc38579c7ad82e83ee64d798a0) C:\Windows\system32\DRIVERS\s0016obex.sys
07:16:51.0594 3296	s0016obex - ok
07:16:51.0860 3296	s0016unic       (eb267ccea84e6e8598d92f73332ac67b) C:\Windows\system32\DRIVERS\s0016unic.sys
07:16:51.0875 3296	s0016unic - ok
07:16:52.0031 3296	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:16:52.0047 3296	SamSs - ok
07:16:52.0234 3296	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:16:52.0250 3296	sbp2port - ok
07:16:52.0468 3296	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
07:16:52.0546 3296	SCardSvr - ok
07:16:52.0905 3296	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:16:52.0967 3296	scfilter - ok
07:16:53.0170 3296	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
07:16:53.0264 3296	Schedule - ok
07:16:53.0576 3296	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:16:53.0622 3296	SCPolicySvc - ok
07:16:54.0044 3296	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
07:16:54.0090 3296	sdbus - ok
07:16:54.0371 3296	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
07:16:54.0418 3296	SDRSVC - ok
07:16:54.0715 3296	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:16:54.0777 3296	secdrv - ok
07:16:55.0058 3296	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
07:16:55.0151 3296	seclogon - ok
07:16:55.0573 3296	seehcri         (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
07:16:55.0619 3296	seehcri - ok
07:16:56.0384 3296	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
07:16:56.0477 3296	SENS - ok
07:16:56.0696 3296	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
07:16:56.0727 3296	SensrSvc - ok
07:16:57.0070 3296	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
07:16:57.0086 3296	Serenum - ok
07:16:57.0413 3296	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
07:16:57.0476 3296	Serial - ok
07:16:57.0679 3296	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
07:16:57.0694 3296	sermouse - ok
07:16:57.0788 3296	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
07:16:57.0881 3296	SessionEnv - ok
07:16:58.0162 3296	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:16:58.0209 3296	sffdisk - ok
07:16:58.0474 3296	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:16:58.0505 3296	sffp_mmc - ok
07:16:58.0786 3296	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:16:58.0864 3296	sffp_sd - ok
07:16:59.0145 3296	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
07:16:59.0207 3296	sfloppy - ok
07:16:59.0395 3296	SftService      (7f475425582163602ef1589c0071e521) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
07:16:59.0426 3296	SftService - ok
07:16:59.0644 3296	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
07:16:59.0707 3296	SharedAccess - ok
07:17:00.0003 3296	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
07:17:00.0081 3296	ShellHWDetection - ok
07:17:00.0315 3296	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:17:00.0331 3296	SiSRaid2 - ok
07:17:00.0580 3296	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
07:17:00.0596 3296	SiSRaid4 - ok
07:17:00.0783 3296	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:17:00.0861 3296	Smb - ok
07:17:01.0079 3296	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
07:17:01.0126 3296	SNMPTRAP - ok
07:17:01.0407 3296	Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
07:17:01.0423 3296	Sony Ericsson PCCompanion - ok
07:17:01.0672 3296	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:17:01.0688 3296	spldr - ok
07:17:01.0922 3296	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
07:17:01.0969 3296	Spooler - ok
07:17:02.0312 3296	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
07:17:02.0468 3296	sppsvc - ok
07:17:02.0655 3296	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
07:17:02.0733 3296	sppuinotify - ok
07:17:02.0905 3296	sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
07:17:02.0905 3296	sprtsvc_DellSupportCenter - ok
07:17:03.0092 3296	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:17:03.0154 3296	srv - ok
07:17:03.0341 3296	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:17:03.0404 3296	srv2 - ok
07:17:03.0653 3296	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:17:03.0731 3296	srvnet - ok
07:17:03.0919 3296	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
07:17:03.0981 3296	SSDPSRV - ok
07:17:04.0153 3296	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
07:17:04.0199 3296	SstpSvc - ok
07:17:04.0621 3296	STacSV          (444109453a2b87e6c16bcda5953e81a9) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
07:17:04.0667 3296	STacSV - ok
07:17:04.0901 3296	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
07:17:04.0917 3296	stexstor - ok
07:17:05.0135 3296	STHDA           (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
07:17:05.0182 3296	STHDA - ok
07:17:05.0416 3296	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
07:17:05.0479 3296	stisvc - ok
07:17:05.0697 3296	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
07:17:05.0697 3296	swenum - ok
07:17:05.0915 3296	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
07:17:05.0993 3296	swprv - ok
07:17:06.0243 3296	SynTP           (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys
07:17:06.0259 3296	SynTP - ok
07:17:06.0539 3296	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
07:17:06.0633 3296	SysMain - ok
07:17:06.0789 3296	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
07:17:06.0851 3296	TabletInputService - ok
07:17:06.0929 3296	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
07:17:07.0007 3296	TapiSrv - ok
07:17:07.0319 3296	tbhsd           (4430e9b4c60aab672d16e801bad0555e) C:\Windows\system32\drivers\tbhsd.sys
07:17:07.0319 3296	tbhsd - ok
07:17:07.0569 3296	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
07:17:07.0663 3296	TBS - ok
07:17:08.0146 3296	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
07:17:08.0240 3296	Tcpip - ok
07:17:08.0599 3296	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
07:17:08.0661 3296	TCPIP6 - ok
07:17:08.0957 3296	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:17:09.0035 3296	tcpipreg - ok
07:17:09.0223 3296	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:17:09.0238 3296	TDPIPE - ok
07:17:09.0441 3296	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
07:17:09.0488 3296	TDTCP - ok
07:17:09.0691 3296	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:17:09.0769 3296	tdx - ok
07:17:10.0034 3296	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
07:17:10.0049 3296	TermDD - ok
07:17:10.0252 3296	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
07:17:10.0315 3296	TermService - ok
07:17:10.0517 3296	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
07:17:10.0580 3296	Themes - ok
07:17:10.0736 3296	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:17:10.0783 3296	THREADORDER - ok
07:17:11.0017 3296	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
07:17:11.0110 3296	TrkWks - ok
07:17:11.0282 3296	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
07:17:11.0344 3296	TrustedInstaller - ok
07:17:11.0578 3296	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:17:11.0656 3296	tssecsrv - ok
07:17:11.0906 3296	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:17:11.0921 3296	TsUsbFlt - ok
07:17:12.0218 3296	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:17:12.0280 3296	tunnel - ok
07:17:12.0514 3296	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
07:17:12.0530 3296	uagp35 - ok
07:17:12.0717 3296	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:17:12.0826 3296	udfs - ok
07:17:13.0013 3296	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
07:17:13.0076 3296	UI0Detect - ok
07:17:13.0294 3296	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:17:13.0325 3296	uliagpkx - ok
07:17:13.0528 3296	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
07:17:13.0559 3296	umbus - ok
07:17:13.0731 3296	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
07:17:13.0747 3296	UmPass - ok
07:17:13.0949 3296	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
07:17:14.0043 3296	upnphost - ok
07:17:14.0293 3296	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
07:17:14.0339 3296	USBAAPL64 - ok
07:17:14.0558 3296	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
07:17:14.0605 3296	usbccgp - ok
07:17:14.0854 3296	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:17:14.0885 3296	usbcir - ok
07:17:15.0057 3296	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
07:17:15.0104 3296	usbehci - ok
07:17:15.0400 3296	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
07:17:15.0463 3296	usbhub - ok
07:17:15.0743 3296	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
07:17:15.0790 3296	usbohci - ok
07:17:16.0009 3296	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:17:16.0040 3296	usbprint - ok
07:17:16.0305 3296	usbser          (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\DRIVERS\usbser.sys
07:17:16.0352 3296	usbser - ok
07:17:16.0508 3296	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:17:16.0555 3296	USBSTOR - ok
07:17:16.0726 3296	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
07:17:16.0789 3296	usbuhci - ok
07:17:17.0023 3296	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
07:17:17.0085 3296	usbvideo - ok
07:17:17.0272 3296	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
07:17:17.0366 3296	UxSms - ok
07:17:17.0709 3296	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:17:17.0725 3296	VaultSvc - ok
07:17:17.0990 3296	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:17:18.0005 3296	vdrvroot - ok
07:17:18.0286 3296	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
07:17:18.0349 3296	vds - ok
07:17:18.0629 3296	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:17:18.0645 3296	vga - ok
07:17:19.0004 3296	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:17:19.0082 3296	VgaSave - ok
07:17:19.0394 3296	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:17:19.0409 3296	vhdmp - ok
07:17:19.0597 3296	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:17:19.0612 3296	viaide - ok
07:17:19.0753 3296	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:17:19.0784 3296	volmgr - ok
07:17:19.0987 3296	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:17:20.0018 3296	volmgrx - ok
07:17:20.0345 3296	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:17:20.0377 3296	volsnap - ok
07:17:20.0579 3296	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
07:17:20.0595 3296	vsmraid - ok
07:17:20.0923 3296	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
07:17:21.0094 3296	VSS - ok
07:17:21.0437 3296	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
07:17:21.0484 3296	vwifibus - ok
07:17:21.0703 3296	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
07:17:21.0765 3296	vwififlt - ok
07:17:22.0015 3296	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
07:17:22.0077 3296	W32Time - ok
07:17:22.0342 3296	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
07:17:22.0405 3296	WacomPen - ok
07:17:22.0639 3296	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:17:22.0701 3296	WANARP - ok
07:17:22.0795 3296	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:17:22.0841 3296	Wanarpv6 - ok
07:17:23.0356 3296	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
07:17:23.0434 3296	wbengine - ok
07:17:23.0606 3296	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
07:17:23.0637 3296	WbioSrvc - ok
07:17:23.0887 3296	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
07:17:23.0918 3296	wcncsvc - ok
07:17:24.0152 3296	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
07:17:24.0167 3296	WcsPlugInService - ok
07:17:24.0355 3296	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
07:17:24.0370 3296	Wd - ok
07:17:24.0667 3296	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:17:24.0698 3296	Wdf01000 - ok
07:17:24.0932 3296	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:17:25.0010 3296	WdiServiceHost - ok
07:17:25.0010 3296	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:17:25.0041 3296	WdiSystemHost - ok
07:17:25.0213 3296	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
07:17:25.0259 3296	WebClient - ok
07:17:25.0478 3296	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
07:17:25.0556 3296	Wecsvc - ok
07:17:25.0743 3296	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
07:17:25.0790 3296	wercplsupport - ok
07:17:26.0024 3296	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
07:17:26.0086 3296	WerSvc - ok
07:17:26.0336 3296	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:17:26.0383 3296	WfpLwf - ok
07:17:26.0663 3296	WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
07:17:26.0679 3296	WimFltr - ok
07:17:26.0944 3296	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:17:26.0944 3296	WIMMount - ok
07:17:27.0022 3296	WinDefend - ok
07:17:27.0038 3296	WinHttpAutoProxySvc - ok
07:17:27.0334 3296	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
07:17:27.0397 3296	Winmgmt - ok
07:17:27.0709 3296	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
07:17:27.0880 3296	WinRM - ok
07:17:28.0130 3296	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
07:17:28.0177 3296	WinUsb - ok
07:17:28.0411 3296	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
07:17:28.0457 3296	Wlansvc - ok
07:17:28.0535 3296	wltrysvc        (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
07:17:28.0567 3296	wltrysvc ( UnsignedFile.Multi.Generic ) - warning
07:17:28.0567 3296	wltrysvc - detected UnsignedFile.Multi.Generic (1)
07:17:28.0754 3296	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
07:17:28.0801 3296	WmiAcpi - ok
07:17:29.0097 3296	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
07:17:29.0144 3296	wmiApSrv - ok
07:17:29.0237 3296	WMPNetworkSvc - ok
07:17:29.0425 3296	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
07:17:29.0456 3296	WPCSvc - ok
07:17:29.0643 3296	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
07:17:29.0674 3296	WPDBusEnum - ok
07:17:29.0908 3296	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:17:29.0986 3296	ws2ifsl - ok
07:17:30.0220 3296	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
07:17:30.0267 3296	wscsvc - ok
07:17:30.0376 3296	WSearch - ok
07:17:30.0532 3296	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
07:17:30.0673 3296	wuauserv - ok
07:17:30.0938 3296	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:17:31.0016 3296	WudfPf - ok
07:17:31.0297 3296	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:17:31.0359 3296	WUDFRd - ok
07:17:31.0531 3296	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
07:17:31.0593 3296	wudfsvc - ok
07:17:31.0749 3296	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
07:17:31.0811 3296	WwanSvc - ok
07:17:31.0889 3296	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
07:17:32.0451 3296	\Device\Harddisk0\DR0 - ok
07:17:32.0498 3296	Boot (0x1200)   (5dedca598534c6ccd726215f95fe5d5f) \Device\Harddisk0\DR0\Partition0
07:17:32.0498 3296	\Device\Harddisk0\DR0\Partition0 - ok
07:17:32.0513 3296	Boot (0x1200)   (8b9ee1b35454bacda7de0f06582d239e) \Device\Harddisk0\DR0\Partition1
07:17:32.0513 3296	\Device\Harddisk0\DR0\Partition1 - ok
07:17:32.0513 3296	============================================================
07:17:32.0513 3296	Scan finished
07:17:32.0513 3296	============================================================
07:17:32.0529 3388	Detected object count: 2
07:17:32.0529 3388	Actual detected object count: 2
07:27:35.0486 3388	DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
07:27:35.0486 3388	DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:27:35.0486 3388	wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:27:35.0486 3388	wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:27:53.0925 2056	Deinitialize success

Gruß
Nick

cosinus · 28.03.2012, 11:05

Du solltest doch CODE-Tags und keine Zitat-Tags (QUOTE) verwenden! Ich hab das mal korrigiert für dich

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Nick1977 · 28.03.2012, 18:16

Hallo Arne,

sorry wegen den Code- bzw. Zitatfenstern! Hatte gedacht das Richtige zu tun!

Hier also das Log von Combofix! Wie sieht es aus?

Code:

ATTFilter

ComboFix 12-03-28.02 - *** 28.03.2012  18:38:49.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4029.2600 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\001e4b04.tmp
c:\users\***\1&1
c:\users\***\1&1\1+1.wps
c:\users\***\1&1\August2006.pdf
c:\users\***\1&1\fritz.box_fon_wlan_7141.40.04.15.image
c:\users\***\AppData\Local\lame_enc.dll
c:\users\***\AppData\Local\no23xwrapper.dll
c:\users\***\AppData\Local\ogg.dll
c:\users\***\AppData\Local\vorbis.dll
c:\users\***\AppData\Local\vorbisenc.dll
c:\users\***\AppData\Local\vorbisfile.dll
c:\users\***\AppData\Roaming\Help\coredb\storage
c:\windows\IsUn0407.exe
c:\windows\system32\drivers\etc\hosts.ics
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-02-28 bis 2012-03-28  ))))))))))))))))))))))))))))))
.
.
2012-03-28 16:49 . 2012-03-28 16:49	--------	d-----w-	c:\users\Fuat\AppData\Local\temp
2012-03-28 16:49 . 2012-03-28 16:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-03-28 05:35 . 2012-03-14 03:27	8669240	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{954D77FC-6878-49EF-967C-C137D7AFF898}\mpengine.dll
2012-03-25 17:41 . 2012-03-25 17:41	--------	d-----w-	C:\_OTL
2012-03-17 17:09 . 2012-03-17 17:09	592824	----a-w-	c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-17 17:09 . 2012-03-17 17:09	44472	----a-w-	c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-14 02:04 . 2011-11-19 15:20	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-14 02:04 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 02:04 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-03-13 22:47 . 2012-02-03 04:34	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-03-13 22:47 . 2012-02-10 06:36	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-03-13 22:47 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-13 22:47 . 2012-01-25 06:38	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-13 22:47 . 2012-01-25 06:38	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-13 22:47 . 2012-01-25 06:33	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-13 22:47 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-13 22:47 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-03-13 22:47 . 2012-02-17 04:58	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-13 22:47 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-13 20:34 . 2011-12-10 14:24	23152	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-11 19:12 . 2012-02-08 07:13	8643640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1621344F-D515-47A1-AE81-3A5CC20F421D}\mpengine.dll
2012-03-09 06:46 . 2012-03-09 06:46	--------	d-----w-	c:\program files\iPod
2012-03-09 06:46 . 2012-03-09 06:47	--------	d-----w-	c:\program files (x86)\iTunes
2012-03-06 18:35 . 2012-03-06 18:35	--------	d-----w-	c:\program files (x86)\ESET
2012-03-04 11:10 . 2012-03-04 11:10	--------	d-----w-	c:\program files (x86)\7-Zip
2012-03-02 17:05 . 2012-03-25 17:41	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2012-03-02 17:05 . 2012-03-02 17:46	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2012-03-01 06:46 . 2012-03-14 03:27	8669240	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-28 02:08 . 2012-02-28 02:08	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2012-02-27 21:05 . 2012-02-27 21:05	927800	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5753F3A-A975-448C-BD14-D1F550232FB3}\gapaengine.dll
2012-02-27 21:02 . 2012-02-27 21:02	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2012-02-27 21:02 . 2012-02-27 21:02	--------	d-----w-	c:\program files\Microsoft Security Client
2012-02-27 20:58 . 2012-02-27 20:58	--------	d-----w-	c:\program files\Microsoft Silverlight
2012-02-27 20:58 . 2012-02-27 20:58	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2010-01-14 14:19	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-16 05:48 . 2011-05-21 20:03	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-15 10:01 . 2012-02-15 10:01	52736	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 10:01 . 2012-02-15 10:01	4547944	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-01-04 10:44 . 2012-02-16 05:44	509952	----a-w-	c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-16 05:44	442880	----a-w-	c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-16 05:44	515584	----a-w-	c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-16 05:44	478720	----a-w-	c:\windows\SysWow64\timedate.cpl
2007-03-12 16:59 . 2007-03-12 16:59	299008	----a-w-	c:\program files (x86)\navigram_register.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
.
c:\users\Fuat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\users\***\Startup\
Dell Dock.lnk - c:\windows\Installer\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}\_E8B87CCB4730729232D8A0.exe [2010-1-8 367686]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = 
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\d2m2w9xg.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Photoshop 6.0 - c:\windows\ISUN0407.EXE
AddRemove-Adobe SVG Viewer - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-03-28  19:05:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-03-28 17:05
.
Vor Suchlauf: 12 Verzeichnis(se), 53.522.280.448 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 52.960.591.872 Bytes frei
.
- - End Of File - - 5B1026B4FB929B98FEDC50FBDDA7C65A

Ich werde morgen Früh für drei Tage weg sein und melde mich am Sonntag wieder! Danke Dir einstweilen!

Gruß
Nick

cosinus · 28.03.2012, 20:38

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Nick1977 · 29.03.2012, 07:05

Guten Morgen,

hier das Log:

Code:

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-29 07:51:07
-----------------------------
07:51:07.050    OS Version: Windows x64 6.1.7601 Service Pack 1
07:51:07.050    Number of processors: 2 586 0x170A
07:51:07.050    ComputerName: ***  UserName: 
07:51:08.314    Initialize success
07:52:33.666    AVAST engine defs: 12032802
07:54:47.623    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
07:54:47.623    Disk 0 Vendor: TOSHIBA_MK2555GSX FG000D Size: 238475MB BusType: 11
07:54:47.654    Disk 0 MBR read successfully
07:54:47.654    Disk 0 MBR scan
07:54:47.670    Disk 0 Windows VISTA default MBR code
07:54:47.670    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
07:54:47.686    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 80325
07:54:47.701    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       223434 MB offset 30800325
07:54:47.717    Disk 0 scanning C:\Windows\system32\drivers
07:55:03.910    Service scanning
07:56:06.954    Modules scanning
07:56:06.954    Disk 0 trace - called modules:
07:56:07.017    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
07:56:07.017    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c4a230]
07:56:07.032    3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800468b680]
07:56:07.797    AVAST engine scan C:\Windows
07:56:11.634    AVAST engine scan C:\Windows\system32
07:59:55.636    AVAST engine scan C:\Windows\system32\drivers
08:00:14.715    AVAST engine scan C:\Users\***
08:02:12.667    Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
08:02:12.667    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"

Dann bis Sonntag und danke

Gruß
Nick

cosinus · 29.03.2012, 14:32

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Nick1977 · 03.04.2012, 06:22

Hallo Arne,

leider waren die Scans nicht möglich bisher. Zwar hängt sich Malwarebytes nicht mehr mittendrin auf, aber die Scans dauern ewig. Bei SUPERAntiSpyware war es dasselbe. Ich musste bei beiden Prgrammen nach 9,5 Stunden abbrechen. Interessant ist allerdings, dass SuperAnti bis zum Abbruch fast 9 Stunden lang in einem bestimmten Ordner scannte: C:\WINDOS\SERVICEPROFILES\NETWORKSERVICE\APPDATA\LOCAL\MICROSOFT\MEDIA PLAYER
Vielleicht ist hier was defekt? Kann man den Mediaplayer samt aller dazugehöriger Software nicht löschen? Ich brauche ihn eh nicht. Über Systemsteuerung\Programme findet man den Media Player allerdings nicht...

Hier jedenfalls das Log von SUPERAntiSpyware bis zum Abbruch:

Code:

ATTFilter

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 04/03/2012 at 07:18 AM

Application Version : 5.0.1146

Core Rules Database Version : 8407
Trace Rules Database Version: 6219

Scan type       : Complete Scan
Total Scan Time : 09:35:27

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 585
Memory threats detected   : 0
Registry items scanned    : 65650
Registry threats detected : 0
File items scanned        : 56539
File threats detected     : 483

Adware.Tracking Cookie
	C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\ETY6OIA8.txt [ Cookie:***@apmebf.com/ ]
	C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\W9O1BLVS.txt [ Cookie:***@mediaplex.com/ ]
	C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\9OW16LZ5.txt [ Cookie:***@smartadserver.com/ ]
	C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\ZE0GYFAP.txt [ Cookie:***@atdmt.com/ ]
	C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@msnportal.112.2o7[1].txt [ Cookie:***@msnportal.112.2o7.net/ ]
	C:\USERS\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@atdmt[1].txt [ Cookie:***@atdmt.com/ ]
	C:\USERS\***\Cookies\ETY6OIA8.txt [ Cookie:***@apmebf.com/ ]
	C:\USERS\***\Cookies\W9O1BLVS.txt [ Cookie:***@mediaplex.com/ ]
	C:\USERS\***\Cookies\9OW16LZ5.txt [ Cookie:***@smartadserver.com/ ]
	C:\USERS\***\Cookies\ZE0GYFAP.txt [ Cookie:***@atdmt.com/ ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.amazon-adsystem.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.fastclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.hightraffic.hugoboss.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.hightraffic.hugoboss.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.hightraffic.hugoboss.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tradedoubler.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.traffictrack.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	statse.webtrendslive.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	stats.computecmedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.kontera.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.prd1.netshelter.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.specificclick.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.a.revenuemax.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.paypal.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adxvalue.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.atrack.allposters.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.guj.122.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.barclaycard-adserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.static.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	in.getclicky.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	server.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	fl01.ct2.comclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.yadro.ru [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.blogads.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	partners.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.unitymedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.unitymedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.lucidmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.snapfish.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	adserver.gb5.motorpresse.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.happyfurry.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.happyfurry.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.happyfurry.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.happyfurry.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.happyfurry.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.active-tracking.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.zoosexblogs.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.zoosexblogs.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.zoosexblogs.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	trekmedia.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.zoosexblogs.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.findhe.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.businessenhanced.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.businessenhanced.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.businessenhanced.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.advertstream.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.advertstream.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.effiliation.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	trekmedia.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	trekmedia.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.gostats.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.gostats.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ero-advertising.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	zeroadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.exoclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.exoclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ads2.zeusclicks.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.banners.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.geobanner.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.geobanner.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.geobanner.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.geobanner.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.geobanner.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.geobanner.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.banners.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.banners.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.banners.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.banners.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.banners.xxxgaymatch.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adultfriendfinder.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	tracking.oggifinogi.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.komtrack.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.komtrack.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.e-2dj6wfk4uicjsko.stats.esomniture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	de.sitestat.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.nextag.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	adx.chip.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.mediamarkt.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.mediamarkt.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	software-download.mediamarkt.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	software-download.mediamarkt.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.usenext.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.stats.paypal.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	eas4.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.dyntracker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.yieldmanager.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.pro-market.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.clicksor.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.myroitracking.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	testtaketraffic.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	server.adformdsp.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adformdsp.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.soundtrackmeineslebens.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.soundtrackmeineslebens.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.soundtrackmeineslebens.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.soundtrackmeineslebens.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.soundtrackmeineslebens.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.technoratimedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	7.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.track.senzapudore.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.track.senzapudore.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.bs.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad4.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.counter.sexsuche.tv [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	counter2.sexmoney.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.rotator.wigetmedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad1.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.zanox-affiliate.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.dyntracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	media.gan-online.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.blogads.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad3.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	server.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tribalfusion.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	eas4.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	clicks.pangora.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	delivery.atkmedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.ad.adnet.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.nextag.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	rts.pgmediaserve.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.de.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.partypoker.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	track.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adform.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.overture.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.112.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adpeppermedia.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.2o7.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www.googleadservices.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	advert.istanbul.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.adition.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	www4.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.quartermedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.quartermedia.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	tracking.quisma.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad2.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ad.zanox.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adfarm1.adition.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.im.banner.t-online.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	.adtech.de [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	eas.apm.emediate.eu [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]
	ww251.smartadserver.com [ C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\D2M2W9XG.DEFAULT\COOKIES.SQLITE ]

Danke,
Gruß
Nick

cosinus · 03.04.2012, 15:57

Zitat:

Abbruch fast 9 Stunden lang in einem bestimmten Ordner scannte: C:\WINDOS\SERVICEPROFILES\NETWORKSERVICE\APPDATA\LOCAL\MICROSOFT\MEDIA PLAYER
Vielleicht ist hier was defekt? Kann man den Mediaplayer samt aller dazugehöriger Software nicht löschen? Ich brauche ihn eh nicht.

Noch nicht ganz löschen, du kannst ihn erstmal archivieren in eine ZIP oder RAR Datei mit dem Tool WinRAR oder einem anderen Packer. Danach mal den Ordner löschen

Nick1977 · 03.04.2012, 21:40

Hier wird wohl die Ursache meiner PC-Probleme liegen... Ich komme leider über den Explorer nicht in den Ordner NetworkServices, um den Media Player Ordner zu zippen. Es lädt und lädt und lädt. Der grüne Prozess-Balken ist fast am Ende, bewegt sich aber seit 30 Minuten nicht mehr weiter und der Ordner NetworkServices bleibt geschlossen. Teilweise hängt währenddessen der PC, sogar der Taskmanager obwohl kaum CPU-Auslastung angezeigt wird. Gibt es eine andere Möglichkeit an den Ordner Media Player ranzukommen? Hab schon versucht nach dem Ordner zu suchen, finde ihn aber nicht.... Irgendwelche Ideen??? :-(
Danke
GRuß
Nick

Habe auch versucht über WinRAR reinzukommen, WinRAR sagt, dass es den Inhalt nicht lesen kann. Über ein MSDOS Fenster komme ich zwar in die Ordner rein, diese sollen aber leer sein...

29.03.2012, 14:32	#42
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Malware-Befall? Virenscans dauern ewig Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

Malware-Befall? Virenscans dauern ewig

Plagegeister aller Art und deren Bekämpfung: Malware-Befall? Virenscans dauern ewig