| |
| |||||||
Log-Analyse und Auswertung: Weisser BildschirmWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
22.03.2012, 15:16
| #1 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Weisser BildschirmZitat:
Wenn man dir hier effektiv helfen soll, dann lass bitte solche Einzelaktionen ohne Absprache. Das kannst du machen wenn wir hier durch sind. Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {7869CA46-DDD7-4269-BA0D-0818E068087A}
IE - HKLM\..\SearchScopes\{7869CA46-DDD7-4269-BA0D-0818E068087A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {7869CA46-DDD7-4269-BA0D-0818E068087A}
IE - HKU\.DEFAULT\..\SearchScopes\{7869CA46-DDD7-4269-BA0D-0818E068087A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {7869CA46-DDD7-4269-BA0D-0818E068087A}
IE - HKU\S-1-5-18\..\SearchScopes\{7869CA46-DDD7-4269-BA0D-0818E068087A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
IE - HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\..\SearchScopes\{52002016-113A-4408-AAFD-EC23A311C470}: "URL" = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\..\SearchScopes\{7869CA46-DDD7-4269-BA0D-0818E068087A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={41EE988A-F236-4052-8864-951BE642CF48}&mid=4f7b85581e04eca3159d5e7c2e5460e4-0a29ff648c694266526404b22a98f23dba9cd4c0&lang=en&ds=tg025&pr=sa&d=2011-08-30 19:08:09&v=8.0.0.33&sap=dsp&q={searchTerms}
[2012.03.22 13:11:09 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com
[2012.03.06 18:16:47 | 000,003,915 | ---- | M] () -- C:\Users\Ante\AppData\Roaming\Mozilla\Firefox\Profiles\qz9z2jrz.default\searchplugins\sweetim.xml
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableCAD = 1
:Files
C:\Program Files\Ask.com
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.03.2012, 15:46
| #2 |
 | Weisser Bildschirm Für eine Aktion sollte ich ja vorübergehend Firewall und Virenscanner ausschalten und danach wieder aktivieren.
__________________Antivir ließ sich aber nicht wieder aktivieren. Habe ein Upgrade gemacht ( neueste Version). Fix hat geklappt mit Neustart. Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7869CA46-DDD7-4269-BA0D-0818E068087A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7869CA46-DDD7-4269-BA0D-0818E068087A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{7869CA46-DDD7-4269-BA0D-0818E068087A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7869CA46-DDD7-4269-BA0D-0818E068087A}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{7869CA46-DDD7-4269-BA0D-0818E068087A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7869CA46-DDD7-4269-BA0D-0818E068087A}\ not found.
HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1444866907-2281666419-1979655289-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
HKEY_USERS\S-1-5-21-1444866907-2281666419-1979655289-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1444866907-2281666419-1979655289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{52002016-113A-4408-AAFD-EC23A311C470}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52002016-113A-4408-AAFD-EC23A311C470}\ not found.
Registry key HKEY_USERS\S-1-5-21-1444866907-2281666419-1979655289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7869CA46-DDD7-4269-BA0D-0818E068087A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7869CA46-DDD7-4269-BA0D-0818E068087A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1444866907-2281666419-1979655289-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-22-Mar-2012-12-11-09-GMT folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Users\Ante\AppData\Roaming\mozilla\Firefox\Profiles\qz9z2jrz.default\extensions\toolbar@ask.com folder moved successfully.
C:\Users\Ante\AppData\Roaming\Mozilla\Firefox\Profiles\qz9z2jrz.default\searchplugins\sweetim.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully.
C:\Programme\Windows Live\Toolbar\wltcore.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
File C:\Programme\Windows Live\Toolbar\wltcore.dll not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
File C:\Programme\Windows Live\Toolbar\wltcore.dll not found.
Registry value HKEY_USERS\S-1-5-21-1444866907-2281666419-1979655289-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
File C:\Programme\Windows Live\Toolbar\wltcore.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\disableCAD deleted successfully.
========== FILES ==========
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Ante
->Temp folder emptied: 841516123 bytes
->Java cache emptied: 230110093 bytes
->FireFox cache emptied: 62709373 bytes
->Flash cache emptied: 2251963 bytes
User: Default
->Temp folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
User: Gast
->Temp folder emptied: 644013 bytes
->FireFox cache emptied: 45367282 bytes
->Flash cache emptied: 566 bytes
User: Public
User: TEMP
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 449355676 bytes
RecycleBin emptied: 1542071528 bytes
Total Files Cleaned = 3.027,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.39.2 log created on 03222012_153607
Files\Folders moved on Reboot...
File\Folder C:\Users\Ante\AppData\Local\Temp\termin mit atmos, Herr Reichenbach, not found!
Registry entries deleted on Reboot...
|
|
22.03.2012, 16:03
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Weisser Bildschirm Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
22.03.2012, 16:24
| #4 |
| | Weisser Bildschirm Erledigt. Code:
ATTFilter 16:20:39.0723 5232 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
16:20:39.0941 5232 ============================================================
16:20:39.0941 5232 Current date / time: 2012/03/22 16:20:39.0941
16:20:39.0941 5232 SystemInfo:
16:20:39.0941 5232
16:20:39.0941 5232 OS Version: 6.0.6001 ServicePack: 1.0
16:20:39.0941 5232 Product type: Workstation
16:20:39.0941 5232 ComputerName: XPS
16:20:39.0941 5232 UserName: Ante
16:20:39.0941 5232 Windows directory: C:\Windows
16:20:39.0941 5232 System windows directory: C:\Windows
16:20:39.0941 5232 Processor architecture: Intel x86
16:20:39.0941 5232 Number of processors: 2
16:20:39.0941 5232 Page size: 0x1000
16:20:39.0941 5232 Boot type: Normal boot
16:20:39.0941 5232 ============================================================
16:20:40.0550 5232 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:20:40.0550 5232 \Device\Harddisk0\DR0:
16:20:40.0550 5232 MBR used
16:20:40.0550 5232 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x43000, BlocksNum 0x1E00000
16:20:40.0550 5232 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E43000, BlocksNum 0x230EAFF8
16:20:40.0690 5232 Initialize success
16:20:40.0690 5232 ============================================================
16:21:41.0356 4856 ============================================================
16:21:41.0356 4856 Scan started
16:21:41.0356 4856 Mode: Manual; SigCheck; TDLFS;
16:21:41.0356 4856 ============================================================
16:21:41.0793 4856 AAV UpdateService (7eeb488346fbfa3731276c3ee8a8fd9e) C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
16:21:41.0934 4856 AAV UpdateService - ok
16:21:42.0058 4856 ACPI (c7c7606b37c77632949bf55e7fde494e) C:\Windows\system32\drivers\acpi.sys
16:21:42.0090 4856 ACPI - ok
16:21:42.0308 4856 Adobe LM Service (a4ffc35a661d42dd424f22905c333979) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:21:42.0370 4856 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
16:21:42.0370 4856 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
16:21:42.0480 4856 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
16:21:42.0495 4856 adp94xx - ok
16:21:42.0542 4856 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
16:21:42.0558 4856 adpahci - ok
16:21:42.0636 4856 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
16:21:42.0636 4856 adpu160m - ok
16:21:42.0682 4856 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
16:21:42.0698 4856 adpu320 - ok
16:21:42.0745 4856 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:21:42.0870 4856 AeLookupSvc - ok
16:21:42.0901 4856 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\system32\aestsrv.exe
16:21:42.0948 4856 AESTFilters - ok
16:21:43.0088 4856 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
16:21:43.0182 4856 AFD - ok
16:21:43.0322 4856 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
16:21:43.0338 4856 agp440 - ok
16:21:43.0369 4856 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:21:43.0369 4856 aic78xx - ok
16:21:43.0478 4856 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
16:21:43.0572 4856 ALG - ok
16:21:43.0728 4856 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
16:21:43.0743 4856 aliide - ok
16:21:43.0946 4856 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
16:21:43.0946 4856 amdagp - ok
16:21:44.0055 4856 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
16:21:44.0071 4856 amdide - ok
16:21:44.0570 4856 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
16:21:44.0632 4856 AmdK7 - ok
16:21:44.0835 4856 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
16:21:44.0898 4856 AmdK8 - ok
16:21:46.0426 4856 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:21:46.0442 4856 AntiVirSchedulerService - ok
16:21:47.0113 4856 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:21:47.0128 4856 AntiVirService - ok
16:21:48.0002 4856 AntiVirWebService (cc62fdc25725267a702f48c90c5cdf31) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
16:21:48.0049 4856 AntiVirWebService - ok
16:21:48.0189 4856 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:21:48.0345 4856 ApfiltrService - ok
16:21:48.0470 4856 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
16:21:48.0517 4856 Appinfo - ok
16:21:48.0626 4856 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
16:21:48.0626 4856 arc - ok
16:21:48.0735 4856 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
16:21:48.0751 4856 arcsas - ok
16:21:48.0829 4856 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:21:48.0844 4856 aspnet_state - ok
16:21:48.0922 4856 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
16:21:49.0000 4856 AsyncMac - ok
16:21:49.0156 4856 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
16:21:49.0172 4856 atapi - ok
16:21:49.0297 4856 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
16:21:49.0359 4856 AudioEndpointBuilder - ok
16:21:49.0390 4856 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
16:21:49.0453 4856 Audiosrv - ok
16:21:49.0593 4856 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
16:21:49.0609 4856 avgntflt - ok
16:21:49.0702 4856 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
16:21:49.0702 4856 avipbb - ok
16:21:49.0734 4856 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
16:21:49.0734 4856 avkmgr - ok
16:21:49.0780 4856 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
16:21:49.0827 4856 Beep - ok
16:21:49.0858 4856 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
16:21:49.0952 4856 BFE - ok
16:21:50.0014 4856 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
16:21:50.0139 4856 BITS - ok
16:21:50.0280 4856 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
16:21:50.0326 4856 blbdrive - ok
16:21:50.0404 4856 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
16:21:50.0451 4856 bowser - ok
16:21:50.0529 4856 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:21:50.0560 4856 BrFiltLo - ok
16:21:50.0560 4856 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:21:50.0592 4856 BrFiltUp - ok
16:21:50.0638 4856 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
16:21:50.0732 4856 Browser - ok
16:21:50.0794 4856 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:21:50.0935 4856 Brserid - ok
16:21:51.0138 4856 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:21:51.0247 4856 BrSerWdm - ok
16:21:51.0387 4856 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:21:51.0465 4856 BrUsbMdm - ok
16:21:51.0574 4856 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
16:21:51.0621 4856 BrUsbSer - ok
16:21:51.0652 4856 BthEnum (c7065fa296c91bf054f421b0ebf93461) C:\Windows\system32\DRIVERS\BthEnum.sys
16:21:51.0699 4856 BthEnum - ok
16:21:51.0746 4856 BTHMODEM (5ffa6988ff9597986ff2ada736cc90c0) C:\Windows\system32\DRIVERS\bthmodem.sys
16:21:51.0793 4856 BTHMODEM - ok
16:21:51.0824 4856 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
16:21:51.0840 4856 BthPan - ok
16:21:51.0871 4856 BTHPORT (1712d956e5a96f866d6791869e99b1d6) C:\Windows\system32\Drivers\BTHport.sys
16:21:51.0933 4856 BTHPORT - ok
16:21:51.0980 4856 BthServ (58ee7f5e68310bc8d4e7cebd8358c12e) C:\Windows\System32\bthserv.dll
16:21:52.0074 4856 BthServ - ok
16:21:52.0167 4856 BTHUSB (66088e161e769d11c3134bc23d0e6144) C:\Windows\system32\Drivers\BTHUSB.sys
16:21:52.0230 4856 BTHUSB - ok
16:21:52.0276 4856 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
16:21:52.0292 4856 btwaudio - ok
16:21:52.0354 4856 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
16:21:52.0354 4856 btwavdt - ok
16:21:52.0432 4856 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
16:21:52.0448 4856 btwrchid - ok
16:21:52.0495 4856 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
16:21:52.0557 4856 cdfs - ok
16:21:52.0604 4856 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
16:21:52.0651 4856 cdrom - ok
16:21:52.0744 4856 CEDRIVER60 - ok
16:21:52.0807 4856 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
16:21:52.0838 4856 CertPropSvc - ok
16:21:52.0885 4856 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
16:21:52.0947 4856 circlass - ok
16:21:52.0994 4856 CLFS (0703b9dee7eec6d6370edebd43d0f5c2) C:\Windows\system32\CLFS.sys
16:21:53.0010 4856 CLFS - ok
16:21:53.0119 4856 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:53.0134 4856 clr_optimization_v2.0.50727_32 - ok
16:21:53.0181 4856 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
16:21:53.0212 4856 CmBatt - ok
16:21:53.0244 4856 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
16:21:53.0244 4856 cmdide - ok
16:21:53.0290 4856 Compbatt (4fc0a44da7603229e1a9454126a59efd) C:\Windows\system32\DRIVERS\compbatt.sys
16:21:53.0290 4856 Compbatt - ok
16:21:53.0306 4856 COMSysApp - ok
16:21:53.0353 4856 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
16:21:53.0353 4856 crcdisk - ok
16:21:53.0462 4856 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
16:21:53.0509 4856 Crusoe - ok
16:21:53.0556 4856 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
16:21:53.0618 4856 CryptSvc - ok
16:21:53.0680 4856 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
16:21:53.0758 4856 DcomLaunch - ok
16:21:53.0805 4856 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
16:21:53.0836 4856 DfsC - ok
16:21:53.0930 4856 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
16:21:54.0148 4856 DFSR - ok
16:21:54.0211 4856 DgiVecp (770471de2550820feeb7e5d24bf2e273) C:\Windows\system32\Drivers\DgiVecp.sys
16:21:54.0211 4856 DgiVecp ( UnsignedFile.Multi.Generic ) - warning
16:21:54.0211 4856 DgiVecp - detected UnsignedFile.Multi.Generic (1)
16:21:54.0258 4856 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
16:21:54.0336 4856 Dhcp - ok
16:21:54.0414 4856 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
16:21:54.0414 4856 disk - ok
16:21:54.0476 4856 Dnscache (f5a0f1da1ed8b429597e71d27d976e31) C:\Windows\System32\dnsrslvr.dll
16:21:54.0507 4856 Dnscache - ok
16:21:54.0601 4856 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
16:21:54.0616 4856 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
16:21:54.0616 4856 DockLoginService - detected UnsignedFile.Multi.Generic (1)
16:21:54.0710 4856 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
16:21:54.0772 4856 dot3svc - ok
16:21:54.0819 4856 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
16:21:54.0882 4856 DPS - ok
16:21:54.0928 4856 drmkaud (a261867e0862be565bc1f86d387c0805) C:\Windows\system32\drivers\drmkaud.sys
16:21:55.0006 4856 drmkaud - ok
16:21:55.0053 4856 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
16:21:55.0162 4856 DXGKrnl - ok
16:21:55.0209 4856 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
16:21:55.0272 4856 e1express - ok
16:21:55.0318 4856 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:21:55.0365 4856 E1G60 - ok
16:21:55.0412 4856 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
16:21:55.0428 4856 EapHost - ok
16:21:55.0459 4856 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
16:21:55.0459 4856 Ecache - ok
16:21:55.0568 4856 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
16:21:55.0646 4856 ehRecvr - ok
16:21:55.0662 4856 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
16:21:55.0708 4856 ehSched - ok
16:21:55.0724 4856 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
16:21:55.0740 4856 ehstart - ok
16:21:55.0833 4856 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
16:21:55.0864 4856 elxstor - ok
16:21:55.0911 4856 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
16:21:55.0989 4856 EMDMgmt - ok
16:21:56.0005 4856 ErrDev (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
16:21:56.0020 4856 ErrDev - ok
16:21:56.0083 4856 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
16:21:56.0114 4856 EventSystem - ok
16:21:56.0270 4856 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
16:21:56.0301 4856 EvtEng ( UnsignedFile.Multi.Generic ) - warning
16:21:56.0301 4856 EvtEng - detected UnsignedFile.Multi.Generic (1)
16:21:56.0457 4856 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
16:21:56.0520 4856 exfat - ok
16:21:56.0582 4856 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
16:21:56.0644 4856 fastfat - ok
16:21:56.0691 4856 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
16:21:56.0722 4856 fdc - ok
16:21:56.0754 4856 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
16:21:56.0769 4856 fdPHost - ok
16:21:56.0816 4856 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:21:56.0863 4856 FDResPub - ok
16:21:56.0941 4856 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
16:21:56.0956 4856 FileInfo - ok
16:21:57.0097 4856 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
16:21:57.0175 4856 Filetrace - ok
16:21:57.0393 4856 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:21:57.0440 4856 flpydisk - ok
16:21:57.0502 4856 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
16:21:57.0518 4856 FltMgr - ok
16:21:57.0580 4856 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:21:57.0580 4856 FontCache3.0.0.0 - ok
16:21:57.0627 4856 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
16:21:57.0643 4856 Fs_Rec - ok
16:21:57.0658 4856 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
16:21:57.0674 4856 gagp30kx - ok
16:21:57.0736 4856 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
16:21:57.0736 4856 GoToAssist - ok
16:21:57.0877 4856 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
16:21:57.0955 4856 gpsvc - ok
16:21:58.0095 4856 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:21:58.0111 4856 gupdate - ok
16:21:58.0158 4856 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:21:58.0158 4856 gupdatem - ok
16:21:58.0314 4856 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
16:21:58.0345 4856 HdAudAddService - ok
16:21:58.0376 4856 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:21:58.0423 4856 HDAudBus - ok
16:21:58.0454 4856 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
16:21:58.0501 4856 HidBth - ok
16:21:58.0532 4856 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:21:58.0610 4856 HidIr - ok
16:21:58.0641 4856 hidserv (53d5a2f9ce6ae47d7507727df1da79f8) C:\Windows\system32\hidserv.dll
16:21:58.0672 4856 hidserv - ok
16:21:58.0704 4856 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
16:21:58.0750 4856 HidUsb - ok
16:21:58.0797 4856 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
16:21:58.0844 4856 hkmsvc - ok
16:21:58.0875 4856 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
16:21:58.0891 4856 HpCISSs - ok
16:21:58.0922 4856 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
16:21:58.0969 4856 HTTP - ok
16:21:58.0984 4856 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
16:21:58.0984 4856 i2omp - ok
16:21:59.0000 4856 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
16:21:59.0031 4856 i8042prt - ok
16:21:59.0140 4856 IAANTMON (ae38a12f79a4980ddb88f36514f8a1da) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
16:21:59.0172 4856 IAANTMON - ok
16:21:59.0250 4856 iaNvStor (92b37e0a61cd710a0c66dc3567a8bf3c) C:\Windows\system32\drivers\ianvstor.sys
16:21:59.0312 4856 iaNvStor - ok
16:21:59.0468 4856 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
16:21:59.0468 4856 iaStor - ok
16:21:59.0608 4856 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
16:21:59.0624 4856 iaStorV - ok
16:21:59.0889 4856 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:21:59.0920 4856 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:21:59.0920 4856 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:22:00.0030 4856 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:22:00.0139 4856 idsvc - ok
16:22:00.0201 4856 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:22:00.0217 4856 iirsp - ok
16:22:00.0295 4856 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
16:22:00.0342 4856 IKEEXT - ok
16:22:00.0404 4856 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
16:22:00.0404 4856 intelide - ok
16:22:00.0435 4856 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
16:22:00.0451 4856 intelppm - ok
16:22:00.0513 4856 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
16:22:00.0560 4856 IPBusEnum - ok
16:22:00.0576 4856 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:22:00.0607 4856 IpFilterDriver - ok
16:22:00.0685 4856 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
16:22:00.0763 4856 iphlpsvc - ok
16:22:00.0794 4856 IpInIp - ok
16:22:00.0825 4856 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
16:22:00.0856 4856 IPMIDRV - ok
16:22:00.0872 4856 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
16:22:00.0919 4856 IPNAT - ok
16:22:00.0950 4856 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
16:22:00.0981 4856 IRENUM - ok
16:22:01.0012 4856 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
16:22:01.0028 4856 isapnp - ok
16:22:01.0059 4856 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
16:22:01.0059 4856 iScsiPrt - ok
16:22:01.0090 4856 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:22:01.0106 4856 iteatapi - ok
16:22:01.0184 4856 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:22:01.0200 4856 iteraid - ok
16:22:01.0246 4856 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:22:01.0246 4856 kbdclass - ok
16:22:01.0356 4856 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
16:22:01.0418 4856 kbdhid - ok
16:22:01.0527 4856 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:22:01.0621 4856 KeyIso - ok
16:22:01.0652 4856 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
16:22:01.0730 4856 KSecDD - ok
16:22:01.0777 4856 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
16:22:01.0902 4856 KtmRm - ok
16:22:01.0948 4856 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\system32\srvsvc.dll
16:22:01.0995 4856 LanmanServer - ok
16:22:02.0042 4856 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
16:22:02.0104 4856 LanmanWorkstation - ok
16:22:02.0151 4856 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
16:22:02.0214 4856 lltdio - ok
16:22:02.0260 4856 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
16:22:02.0307 4856 lltdsvc - ok
16:22:02.0323 4856 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:22:02.0385 4856 lmhosts - ok
16:22:02.0463 4856 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
16:22:02.0463 4856 LSI_FC - ok
16:22:02.0494 4856 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
16:22:02.0494 4856 LSI_SAS - ok
16:22:02.0541 4856 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
16:22:02.0557 4856 LSI_SCSI - ok
16:22:02.0572 4856 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
16:22:02.0619 4856 luafv - ok
16:22:02.0682 4856 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\DRIVERS\massfilter.sys
16:22:02.0713 4856 massfilter - ok
16:22:02.0744 4856 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
16:22:02.0744 4856 MBAMProtector - ok
16:22:02.0838 4856 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:22:02.0853 4856 MBAMService - ok
16:22:02.0978 4856 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
16:22:02.0994 4856 Mcx2Svc - ok
16:22:03.0087 4856 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
16:22:03.0087 4856 megasas - ok
16:22:03.0150 4856 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
16:22:03.0165 4856 MegaSR - ok
16:22:03.0243 4856 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:22:03.0259 4856 Microsoft Office Groove Audit Service - ok
16:22:03.0477 4856 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:22:03.0508 4856 MMCSS - ok
16:22:03.0664 4856 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
16:22:03.0711 4856 Modem - ok
16:22:03.0805 4856 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
16:22:03.0867 4856 monitor - ok
16:22:03.0930 4856 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
16:22:03.0945 4856 mouclass - ok
16:22:03.0976 4856 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
16:22:04.0054 4856 mouhid - ok
16:22:04.0101 4856 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
16:22:04.0117 4856 MountMgr - ok
16:22:04.0179 4856 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
16:22:04.0195 4856 mpio - ok
16:22:04.0226 4856 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
16:22:04.0257 4856 mpsdrv - ok
16:22:04.0288 4856 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
16:22:04.0351 4856 MpsSvc - ok
16:22:04.0382 4856 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:22:04.0382 4856 Mraid35x - ok
16:22:04.0444 4856 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
16:22:04.0491 4856 MRxDAV - ok
16:22:04.0616 4856 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:22:04.0663 4856 mrxsmb - ok
16:22:04.0725 4856 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:22:04.0741 4856 mrxsmb10 - ok
16:22:04.0772 4856 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:22:04.0803 4856 mrxsmb20 - ok
16:22:04.0819 4856 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
16:22:04.0834 4856 msahci - ok
16:22:04.0850 4856 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
16:22:04.0866 4856 msdsm - ok
16:22:04.0912 4856 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
16:22:04.0944 4856 MSDTC - ok
16:22:05.0006 4856 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
16:22:05.0037 4856 Msfs - ok
16:22:05.0053 4856 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
16:22:05.0068 4856 msisadrv - ok
16:22:05.0100 4856 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
16:22:05.0115 4856 MSiSCSI - ok
16:22:05.0131 4856 msiserver - ok
16:22:05.0146 4856 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
16:22:05.0193 4856 MSKSSRV - ok
16:22:05.0224 4856 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
16:22:05.0240 4856 MSPCLOCK - ok
16:22:05.0349 4856 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
16:22:05.0396 4856 MSPQM - ok
16:22:05.0458 4856 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
16:22:05.0474 4856 MsRPC - ok
16:22:05.0490 4856 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
16:22:05.0505 4856 mssmbios - ok
16:22:05.0568 4856 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
16:22:05.0599 4856 MSTEE - ok
16:22:05.0614 4856 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
16:22:05.0630 4856 Mup - ok
16:22:05.0692 4856 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
16:22:05.0739 4856 napagent - ok
16:22:05.0786 4856 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
16:22:05.0833 4856 NativeWifiP - ok
16:22:05.0895 4856 NDIS (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys
16:22:05.0911 4856 NDIS - ok
16:22:05.0958 4856 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
16:22:05.0989 4856 NdisTapi - ok
16:22:06.0004 4856 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
16:22:06.0067 4856 Ndisuio - ok
16:22:06.0114 4856 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
16:22:06.0160 4856 NdisWan - ok
16:22:06.0207 4856 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
16:22:06.0254 4856 NDProxy - ok
16:22:06.0285 4856 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
16:22:06.0332 4856 NetBIOS - ok
16:22:06.0363 4856 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
16:22:06.0410 4856 netbt - ok
16:22:06.0488 4856 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:22:06.0504 4856 Netlogon - ok
16:22:06.0550 4856 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
16:22:06.0566 4856 Netman - ok
16:22:06.0597 4856 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
16:22:06.0628 4856 netprofm - ok
16:22:06.0691 4856 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:22:06.0691 4856 NetTcpPortSharing - ok
16:22:06.0831 4856 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
16:22:06.0909 4856 NETw4v32 - ok
16:22:06.0940 4856 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:22:06.0956 4856 nfrd960 - ok
16:22:07.0003 4856 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
16:22:07.0065 4856 NlaSvc - ok
16:22:07.0174 4856 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Program Files\CDBurnerXP\NMSAccessU.exe
16:22:07.0190 4856 NMSAccess - ok
16:22:07.0330 4856 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
16:22:07.0393 4856 Npfs - ok
16:22:07.0471 4856 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
16:22:07.0533 4856 nsi - ok
16:22:07.0580 4856 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
16:22:07.0611 4856 nsiproxy - ok
16:22:07.0752 4856 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
16:22:07.0814 4856 Ntfs - ok
16:22:08.0017 4856 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:22:08.0095 4856 ntrigdigi - ok
16:22:08.0407 4856 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
16:22:08.0438 4856 Null - ok
16:22:08.0812 4856 nvlddmkm (64fa050c9ce122792eed58b275d07c55) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:22:09.0109 4856 nvlddmkm - ok
16:22:09.0202 4856 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
16:22:09.0202 4856 nvraid - ok
16:22:09.0249 4856 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
16:22:09.0265 4856 nvstor - ok
16:22:09.0312 4856 nvsvc (3da774c807eb990589a3de65a6511d45) C:\Windows\system32\nvvsvc.exe
16:22:09.0327 4856 nvsvc - ok
16:22:09.0390 4856 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
16:22:09.0390 4856 nv_agp - ok
16:22:09.0405 4856 NwlnkFlt - ok
16:22:09.0421 4856 NwlnkFwd - ok
16:22:09.0561 4856 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:22:09.0592 4856 odserv - ok
16:22:09.0702 4856 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
16:22:09.0764 4856 OEM02Dev - ok
16:22:09.0795 4856 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
16:22:09.0826 4856 OEM02Vfx - ok
16:22:09.0873 4856 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
16:22:09.0920 4856 ohci1394 - ok
16:22:10.0138 4856 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:22:10.0154 4856 ose - ok
16:22:10.0310 4856 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:22:10.0419 4856 p2pimsvc - ok
16:22:10.0497 4856 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:22:10.0528 4856 p2psvc - ok
16:22:10.0622 4856 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:22:10.0684 4856 Parport - ok
16:22:10.0700 4856 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
16:22:10.0716 4856 partmgr - ok
16:22:10.0731 4856 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:22:10.0794 4856 Parvdm - ok
16:22:10.0840 4856 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
16:22:10.0887 4856 PcaSvc - ok
16:22:11.0043 4856 PCD5SRVC{3F6A8B78-EC003E00-05040104} (42ede7d217325ff56cb8a9983cd7f73b) C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
16:22:11.0090 4856 PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
16:22:11.0199 4856 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
16:22:11.0215 4856 pci - ok
16:22:11.0480 4856 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
16:22:11.0480 4856 pciide - ok
16:22:11.0620 4856 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
16:22:11.0620 4856 pcmcia - ok
16:22:11.0683 4856 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:22:11.0854 4856 PEAUTH - ok
16:22:11.0964 4856 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
16:22:12.0198 4856 pla - ok
16:22:12.0307 4856 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
16:22:12.0369 4856 PlugPlay - ok
16:22:12.0432 4856 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:22:12.0510 4856 PNRPAutoReg - ok
16:22:12.0556 4856 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:22:12.0603 4856 PNRPsvc - ok
16:22:12.0666 4856 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
16:22:12.0744 4856 PolicyAgent - ok
16:22:12.0822 4856 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
16:22:12.0837 4856 PptpMiniport - ok
16:22:12.0931 4856 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
16:22:12.0946 4856 Processor - ok
16:22:13.0009 4856 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
16:22:13.0024 4856 ProfSvc - ok
16:22:13.0102 4856 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:22:13.0102 4856 ProtectedStorage - ok
16:22:13.0227 4856 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
16:22:13.0258 4856 PSched - ok
16:22:13.0352 4856 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
16:22:13.0352 4856 PxHelp20 - ok
16:22:13.0492 4856 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
16:22:13.0539 4856 ql2300 - ok
16:22:13.0555 4856 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:22:13.0570 4856 ql40xx - ok
16:22:13.0602 4856 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
16:22:13.0633 4856 QWAVE - ok
16:22:13.0664 4856 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
16:22:13.0680 4856 QWAVEdrv - ok
16:22:13.0758 4856 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
16:22:13.0867 4856 R300 - ok
16:22:13.0898 4856 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
16:22:13.0945 4856 RasAcd - ok
16:22:14.0007 4856 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
16:22:14.0038 4856 RasAuto - ok
16:22:14.0054 4856 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:22:14.0101 4856 Rasl2tp - ok
16:22:14.0163 4856 RasMan (afb474438762f0418060653f7294d92c) C:\Windows\System32\rasmans.dll
16:22:14.0179 4856 RasMan - ok
16:22:14.0210 4856 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
16:22:14.0241 4856 RasPppoe - ok
16:22:14.0288 4856 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
16:22:14.0350 4856 RasSstp - ok
16:22:14.0397 4856 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
16:22:14.0475 4856 rdbss - ok
16:22:14.0491 4856 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:22:14.0553 4856 RDPCDD - ok
16:22:14.0631 4856 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
16:22:14.0678 4856 rdpdr - ok
16:22:14.0694 4856 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
16:22:14.0725 4856 RDPENCDD - ok
16:22:14.0772 4856 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
16:22:14.0818 4856 RDPWD - ok
16:22:14.0896 4856 RegSrvc (2cf574d0965f58e514a2dc94114d7eca) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
16:22:14.0896 4856 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
16:22:14.0896 4856 RegSrvc - detected UnsignedFile.Multi.Generic (1)
16:22:15.0068 4856 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
16:22:15.0084 4856 RemoteAccess - ok
16:22:15.0162 4856 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
16:22:15.0193 4856 RemoteRegistry - ok
16:22:15.0255 4856 RFCOMM (10536b0ad6f416fc7f1149977c28ccdc) C:\Windows\system32\DRIVERS\rfcomm.sys
16:22:15.0302 4856 RFCOMM - ok
16:22:15.0333 4856 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
16:22:15.0380 4856 rimmptsk - ok
16:22:15.0411 4856 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
16:22:15.0442 4856 rimsptsk - ok
16:22:15.0474 4856 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\Windows\system32\Drivers\RimUsb.sys
16:22:15.0536 4856 RimUsb - ok
16:22:15.0567 4856 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
16:22:15.0583 4856 RimVSerPort - ok
16:22:15.0630 4856 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
16:22:15.0645 4856 rismxdp - ok
16:22:15.0676 4856 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
16:22:15.0708 4856 ROOTMODEM - ok
16:22:15.0770 4856 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:22:15.0786 4856 RpcLocator - ok
16:22:15.0879 4856 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
16:22:15.0910 4856 RpcSs - ok
16:22:15.0957 4856 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
16:22:16.0004 4856 rspndr - ok
16:22:16.0066 4856 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:22:16.0082 4856 SamSs - ok
16:22:16.0098 4856 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:22:16.0113 4856 sbp2port - ok
16:22:16.0144 4856 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
16:22:16.0191 4856 SCardSvr - ok
16:22:16.0238 4856 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
16:22:16.0363 4856 Schedule - ok
16:22:16.0410 4856 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
16:22:16.0441 4856 SCPolicySvc - ok
16:22:16.0503 4856 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
16:22:16.0534 4856 sdbus - ok
16:22:16.0566 4856 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
16:22:16.0597 4856 SDRSVC - ok
16:22:16.0722 4856 SeaPort (271077b91d7ad1b616f8afdfe8e3f981) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:22:16.0722 4856 SeaPort - ok
16:22:16.0846 4856 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:22:16.0909 4856 secdrv - ok
16:22:16.0924 4856 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
16:22:16.0987 4856 seclogon - ok
16:22:17.0002 4856 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
16:22:17.0049 4856 SENS - ok
16:22:17.0065 4856 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:22:17.0112 4856 Serenum - ok
16:22:17.0127 4856 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:22:17.0205 4856 Serial - ok
16:22:17.0252 4856 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
16:22:17.0283 4856 sermouse - ok
16:22:17.0361 4856 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
16:22:17.0424 4856 SessionEnv - ok
16:22:17.0486 4856 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
16:22:17.0517 4856 sffdisk - ok
16:22:17.0580 4856 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
16:22:17.0611 4856 sffp_mmc - ok
16:22:17.0626 4856 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:22:17.0673 4856 sffp_sd - ok
16:22:17.0704 4856 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
16:22:17.0736 4856 sfloppy - ok
16:22:17.0798 4856 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
16:22:17.0814 4856 SharedAccess - ok
16:22:17.0860 4856 ShellHWDetection (27f10f348e508243f6254846f8370d0d) C:\Windows\System32\shsvcs.dll
16:22:17.0892 4856 ShellHWDetection - ok
16:22:17.0938 4856 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
16:22:17.0938 4856 sisagp - ok
16:22:18.0063 4856 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
16:22:18.0063 4856 SiSRaid2 - ok
16:22:18.0172 4856 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
16:22:18.0188 4856 SiSRaid4 - ok
16:22:18.0297 4856 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
16:22:18.0453 4856 slsvc - ok
16:22:18.0500 4856 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
16:22:18.0547 4856 SLUINotify - ok
16:22:18.0656 4856 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
16:22:18.0734 4856 Smb - ok
16:22:19.0030 4856 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:22:19.0062 4856 SNMPTRAP - ok
16:22:19.0124 4856 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
16:22:19.0124 4856 spldr - ok
16:22:19.0296 4856 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
16:22:19.0358 4856 Spooler - ok
16:22:19.0452 4856 sprtsvc_DellSupportCenter (777115c9cc675bd98127660712d2f784) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
16:22:19.0452 4856 sprtsvc_DellSupportCenter - ok
16:22:19.0732 4856 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys
16:22:19.0748 4856 srv - ok
16:22:19.0951 4856 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys
16:22:19.0998 4856 srv2 - ok
16:22:20.0091 4856 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys
16:22:20.0107 4856 srvnet - ok
16:22:20.0169 4856 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
16:22:20.0216 4856 SSDPSRV - ok
16:22:20.0310 4856 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
16:22:20.0325 4856 ssmdrv - ok
16:22:20.0372 4856 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
16:22:20.0388 4856 SSPORT ( UnsignedFile.Multi.Generic ) - warning
16:22:20.0388 4856 SSPORT - detected UnsignedFile.Multi.Generic (1)
16:22:20.0403 4856 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
16:22:20.0466 4856 SstpSvc - ok
16:22:20.0497 4856 STacSV (7e6dd4b34acd36af6c711d2bde91b040) C:\Windows\system32\STacSV.exe
16:22:20.0544 4856 STacSV - ok
16:22:20.0606 4856 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys
16:22:20.0637 4856 StarOpen ( UnsignedFile.Multi.Generic ) - warning
16:22:20.0637 4856 StarOpen - detected UnsignedFile.Multi.Generic (1)
16:22:20.0668 4856 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
16:22:20.0700 4856 STHDA - ok
16:22:20.0746 4856 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
16:22:20.0778 4856 StillCam - ok
16:22:20.0840 4856 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
16:22:20.0902 4856 stisvc - ok
16:22:20.0996 4856 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
16:22:21.0012 4856 stllssvr - ok
16:22:21.0152 4856 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
16:22:21.0168 4856 swenum - ok
16:22:21.0199 4856 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
16:22:21.0246 4856 swprv - ok
16:22:21.0370 4856 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:22:21.0370 4856 Symc8xx - ok
16:22:21.0386 4856 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:22:21.0402 4856 Sym_hi - ok
16:22:21.0448 4856 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:22:21.0464 4856 Sym_u3 - ok
16:22:21.0729 4856 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
16:22:21.0760 4856 SysMain - ok
16:22:21.0854 4856 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:22:21.0916 4856 TabletInputService - ok
16:22:21.0979 4856 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
16:22:21.0994 4856 TapiSrv - ok
16:22:22.0010 4856 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
16:22:22.0057 4856 TBS - ok
16:22:22.0135 4856 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
16:22:22.0228 4856 Tcpip - ok
16:22:22.0260 4856 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
16:22:22.0322 4856 Tcpip6 - ok
16:22:22.0462 4856 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
16:22:22.0494 4856 tcpipreg - ok
16:22:22.0572 4856 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
16:22:22.0587 4856 TcUsb - ok
16:22:22.0728 4856 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
16:22:22.0790 4856 TDPIPE - ok
16:22:22.0821 4856 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
16:22:22.0852 4856 TDTCP - ok
16:22:22.0884 4856 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
16:22:22.0915 4856 tdx - ok
16:22:22.0946 4856 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
16:22:22.0946 4856 TermDD - ok
16:22:23.0274 4856 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
16:22:23.0367 4856 TermService - ok
16:22:23.0508 4856 Themes (27f10f348e508243f6254846f8370d0d) C:\Windows\system32\shsvcs.dll
16:22:23.0539 4856 Themes - ok
16:22:23.0554 4856 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:22:23.0586 4856 THREADORDER - ok
16:22:23.0679 4856 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
16:22:23.0710 4856 TrkWks - ok
16:22:23.0773 4856 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
16:22:23.0804 4856 TrustedInstaller - ok
16:22:24.0069 4856 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:22:24.0100 4856 tssecsrv - ok
16:22:24.0662 4856 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
16:22:24.0756 4856 tunmp - ok
16:22:24.0818 4856 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
16:22:24.0834 4856 tunnel - ok
16:22:24.0974 4856 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
16:22:24.0990 4856 uagp35 - ok
16:22:25.0348 4856 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
16:22:25.0364 4856 udfs - ok
16:22:25.0442 4856 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
16:22:25.0489 4856 UI0Detect - ok
16:22:25.0520 4856 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
16:22:25.0520 4856 uliagpkx - ok
16:22:25.0567 4856 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
16:22:25.0582 4856 uliahci - ok
16:22:25.0614 4856 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:22:25.0614 4856 UlSata - ok
16:22:25.0801 4856 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:22:25.0816 4856 ulsata2 - ok
16:22:26.0144 4856 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
16:22:26.0175 4856 umbus - ok
16:22:26.0347 4856 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
16:22:26.0394 4856 upnphost - ok
16:22:26.0472 4856 usbccgp (4073a94046d5f1025766eefd6abdc8db) C:\Windows\system32\DRIVERS\usbccgp.sys
16:22:26.0534 4856 usbccgp - ok
16:22:26.0565 4856 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:22:26.0628 4856 usbcir - ok
16:22:26.0674 4856 usbehci (8625e96957cb855413628abb306c7b89) C:\Windows\system32\DRIVERS\usbehci.sys
16:22:26.0690 4856 usbehci - ok
16:22:26.0721 4856 usbhub (bc1912ebb127b4e0905c7574349c6dce) C:\Windows\system32\DRIVERS\usbhub.sys
16:22:26.0752 4856 usbhub - ok
16:22:26.0799 4856 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
16:22:26.0830 4856 usbohci - ok
16:22:26.0877 4856 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
16:22:26.0924 4856 usbprint - ok
16:22:27.0018 4856 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
16:22:27.0033 4856 usbscan - ok
16:22:27.0096 4856 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:22:27.0158 4856 USBSTOR - ok
16:22:27.0189 4856 usbuhci (4ba9542f67c63979761f1e0b8ab7141f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:22:27.0205 4856 usbuhci - ok
16:22:27.0267 4856 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
16:22:27.0314 4856 UxSms - ok
16:22:27.0345 4856 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
16:22:27.0439 4856 vds - ok
16:22:27.0501 4856 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
16:22:27.0532 4856 vga - ok
16:22:27.0564 4856 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
16:22:27.0579 4856 VgaSave - ok
16:22:27.0610 4856 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
16:22:27.0610 4856 viaagp - ok
16:22:27.0642 4856 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
16:22:27.0673 4856 ViaC7 - ok
16:22:27.0688 4856 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
16:22:27.0688 4856 viaide - ok
16:22:27.0798 4856 VMCService (0a4605ba46c73b50e3f4a2f0d4bb4210) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
16:22:27.0798 4856 VMCService ( UnsignedFile.Multi.Generic ) - warning
16:22:27.0798 4856 VMCService - detected UnsignedFile.Multi.Generic (1)
16:22:27.0813 4856 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
16:22:27.0813 4856 volmgr - ok
16:22:27.0844 4856 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
16:22:27.0860 4856 volmgrx - ok
16:22:27.0938 4856 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
16:22:27.0954 4856 volsnap - ok
16:22:27.0985 4856 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
16:22:27.0985 4856 vsmraid - ok
16:22:28.0063 4856 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
16:22:28.0141 4856 VSS - ok
16:22:28.0188 4856 VSTHWBS2 (c466021d31ff6c0a6069d12299d80c0b) C:\Windows\system32\DRIVERS\VSTBS23.SYS
16:22:28.0219 4856 VSTHWBS2 - ok
16:22:28.0281 4856 VST_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:22:28.0344 4856 VST_DPV - ok
16:22:28.0359 4856 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
16:22:28.0390 4856 W32Time - ok
16:22:28.0422 4856 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:22:28.0468 4856 WacomPen - ok
16:22:28.0500 4856 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:22:28.0515 4856 Wanarp - ok
16:22:28.0531 4856 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:22:28.0546 4856 Wanarpv6 - ok
16:22:28.0578 4856 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
16:22:28.0593 4856 wcncsvc - ok
16:22:28.0624 4856 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:22:28.0656 4856 WcsPlugInService - ok
16:22:28.0671 4856 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
16:22:28.0671 4856 Wd - ok
16:22:28.0718 4856 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
16:22:28.0749 4856 Wdf01000 - ok
16:22:28.0780 4856 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:22:28.0812 4856 WdiServiceHost - ok
16:22:28.0812 4856 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:22:28.0858 4856 WdiSystemHost - ok
16:22:28.0874 4856 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
16:22:28.0905 4856 WebClient - ok
16:22:28.0936 4856 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
16:22:28.0968 4856 Wecsvc - ok
16:22:29.0030 4856 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
16:22:29.0061 4856 wercplsupport - ok
16:22:29.0092 4856 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
16:22:29.0186 4856 WerSvc - ok
16:22:29.0248 4856 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:22:29.0326 4856 winachsf - ok
16:22:29.0404 4856 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
16:22:29.0436 4856 WinDefend - ok
16:22:29.0436 4856 WinHttpAutoProxySvc - ok
16:22:29.0498 4856 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
16:22:29.0560 4856 Winmgmt - ok
16:22:29.0623 4856 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
16:22:29.0748 4856 WinRM - ok
16:22:29.0826 4856 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
16:22:29.0888 4856 Wlansvc - ok
16:22:29.0950 4856 WmiAcpi (48ca581c12022ac60fe82e2b96fbf5d4) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:22:29.0982 4856 WmiAcpi - ok
16:22:30.0028 4856 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
16:22:30.0075 4856 wmiApSrv - ok
16:22:30.0184 4856 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:22:30.0278 4856 WMPNetworkSvc - ok
16:22:30.0372 4856 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
16:22:30.0418 4856 WPCSvc - ok
16:22:30.0481 4856 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
16:22:30.0543 4856 WPDBusEnum - ok
16:22:30.0590 4856 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
16:22:30.0606 4856 WpdUsb - ok
16:22:30.0637 4856 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:22:30.0668 4856 ws2ifsl - ok
16:22:30.0699 4856 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll
16:22:30.0715 4856 wscsvc - ok
16:22:30.0746 4856 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:22:30.0762 4856 WSDPrintDevice - ok
16:22:30.0777 4856 WSearch - ok
16:22:30.0855 4856 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
16:22:30.0964 4856 wuauserv - ok
16:22:31.0027 4856 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:22:31.0058 4856 WUDFRd - ok
16:22:31.0074 4856 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
16:22:31.0120 4856 wudfsvc - ok
16:22:31.0167 4856 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
16:22:31.0198 4856 yukonwlh - ok
16:22:31.0245 4856 ZTEusbmdm6k (86187fb5d81781501558f8742dee4197) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
16:22:31.0292 4856 ZTEusbmdm6k - ok
16:22:31.0323 4856 ZTEusbnet (b7836ca4a95e12135e7e49fec9c29f2a) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
16:22:31.0401 4856 ZTEusbnet - ok
16:22:31.0432 4856 ZTEusbnmea (86187fb5d81781501558f8742dee4197) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
16:22:31.0448 4856 ZTEusbnmea - ok
16:22:31.0526 4856 ZTEusbser6k (86187fb5d81781501558f8742dee4197) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
16:22:31.0542 4856 ZTEusbser6k - ok
16:22:31.0604 4856 ZTEusbvoice (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
16:22:31.0635 4856 ZTEusbvoice - ok
16:22:31.0666 4856 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:22:32.0025 4856 \Device\Harddisk0\DR0 - ok
16:22:32.0119 4856 Boot (0x1200) (7252e113150d009b098c8116107ed068) \Device\Harddisk0\DR0\Partition0
16:22:32.0119 4856 \Device\Harddisk0\DR0\Partition0 - ok
16:22:32.0181 4856 Boot (0x1200) (f45933fac87f57598f2b02677b8c7182) \Device\Harddisk0\DR0\Partition1
16:22:32.0181 4856 \Device\Harddisk0\DR0\Partition1 - ok
16:22:32.0181 4856 ============================================================
16:22:32.0181 4856 Scan finished
16:22:32.0181 4856 ============================================================
16:22:32.0228 4400 Detected object count: 9
16:22:32.0228 4400 Actual detected object count: 9
16:22:43.0460 4400 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0460 4400 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:43.0460 4400 DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0460 4400 DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:43.0460 4400 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0460 4400 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:43.0476 4400 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0476 4400 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:43.0476 4400 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0476 4400 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:43.0476 4400 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0476 4400 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:43.0476 4400 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0476 4400 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:43.0476 4400 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0476 4400 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:43.0476 4400 VMCService ( UnsignedFile.Multi.Generic ) - skipped by user
16:22:43.0476 4400 VMCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:22:59.0247 1844 Deinitialize success
|
|
22.03.2012, 16:30
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Weisser Bildschirm Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.03.2012, 17:09
| #6 |
| | Weisser Bildschirm Combofix Logfile: Code:
ATTFilter ComboFix 12-03-22.01 - Ante 22.03.2012 16:39:18.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.49.1031.18.3581.2355 [GMT 1:00]
ausgeführt von:: c:\users\Ante\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
c:\users\Ante\AppData\Roaming\4D
c:\users\Ante\AppData\Roaming\4D\4D Volume Desktop Preferences v11.RSR
c:\users\Ante\AppData\Roaming\4D\4D Write Prefs v11.RSR
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-22 bis 2012-03-22 ))))))))))))))))))))))))))))))
.
.
2012-03-22 15:45 . 2012-03-22 15:45 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2012-03-22 03:04 . 2012-03-22 11:40 -------- d-----w- C:\_OTL
2012-03-22 02:14 . 2012-03-22 02:14 -------- d-----w- c:\users\Ante\AppData\Roaming\Avira
2012-03-22 02:10 . 2012-01-31 07:56 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-03-22 02:10 . 2012-01-31 07:56 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-22 02:10 . 2011-09-16 15:08 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-03-22 02:10 . 2012-03-22 02:11 -------- d-----w- c:\programdata\Avira
2012-03-22 02:10 . 2012-03-22 02:10 -------- d-----w- c:\program files\Avira
2012-03-22 01:49 . 2012-03-22 01:49 -------- d-----w- c:\program files\ESET
2012-03-22 00:29 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3100A297-AB7A-46E9-8901-3CEED38AAFFB}\mpengine.dll
2012-03-21 23:32 . 2012-03-21 23:32 -------- d-----w- c:\users\Ante\AppData\Roaming\Malwarebytes
2012-03-21 23:32 . 2012-03-21 23:32 -------- d-----w- c:\programdata\Malwarebytes
2012-03-21 23:32 . 2012-03-21 23:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-21 23:32 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-20 07:33 . 2010-10-24 05:06 598528 ----a-w- c:\windows\system32\ztv7z.dll
2012-03-20 07:33 . 2010-10-24 05:06 178176 ----a-w- c:\windows\system32\ztvunrar39.dll
2012-03-20 07:33 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2012-03-20 07:33 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2012-03-20 07:33 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2012-03-20 07:33 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2012-03-20 07:33 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2012-03-20 07:33 . 2012-03-20 07:33 -------- d-----w- c:\program files\Trojan Remover
2012-03-20 07:33 . 2012-03-20 07:33 -------- d-----w- c:\users\Ante\AppData\Roaming\Simply Super Software
2012-03-20 07:33 . 2012-03-20 07:33 -------- d-----w- c:\programdata\Simply Super Software
2012-03-20 07:17 . 2012-03-20 07:17 -------- d-----w- c:\users\Gast\AppData\Local\Stardock_Corporation
2012-03-02 18:29 . 2012-03-11 18:39 -------- d-----w- c:\program files\Steuer-Sparer 2012
2012-02-22 15:47 . 2012-02-22 15:47 -------- d-----w- c:\users\Ante\AppData\Roaming\AAV
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2009-10-12 23:56 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-14 18:20 . 2012-01-14 18:20 4608 ----a-w- c:\windows\system32\w95inf32.dll
2012-01-14 18:20 . 2012-01-14 18:20 2272 ----a-w- c:\windows\system32\w95inf16.dll
2012-01-25 16:30 . 2011-03-23 02:12 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-03-28 17:59 2953216 ----a-w- c:\program files\Protector Suite QL\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-03-28 17:59 2953216 ----a-w- c:\program files\Protector Suite QL\farchns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-01-25 167936]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-25 13552160]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-25 92704]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2008-09-25 96800]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-03-28 49168]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-01-29 206064]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-11 198160]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2010-01-19 2499584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2012-01-23 1238800]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-01-31 258512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start hxxp://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMgBHADMASwAtADgANwBXAFUAVQAtADIAVABWAEgAQQAtAFgANgBEAEYAOAAtAEwANgBQAEEATgA&inst=NwA3AC0ANAA0ADEAMwAyADAAMwAyADMALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0AWABPADkAKwAxAC0ARgA5AE0AMwArADEALQBEAEQAVAArADAA&prod=90&ver=9.0.894" [?]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"disableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-04-28 21:49 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-03-28 17:46 90112 ----a-w- c:\windows\System32\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]
2008-12-16 14:44 479232 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-12-11 08:56 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2007-03-14 13:35 520192 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
S2 AAV UpdateService;AAV UpdateService;c:\program files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [2008-10-24 128296]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-12-03 73728]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 12660968
*NewlyCreated* - SSMDRV
*Deregistered* - 12660968
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-12 08:23]
.
2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-12 08:23]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
mLocal Page =
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: In Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: In vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: Interfaces\{A99F9393-027D-4370-8D82-FFE0D9A97E11}: NameServer = 192.168.0.1
FF - ProfilePath - c:\users\Ante\AppData\Roaming\Mozilla\Firefox\Profiles\qz9z2jrz.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-03-22 16:45
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\PCD5SRVC{3F6A8B78-EC003E00-05040104}]
"ImagePath"="\??\c:\progra~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(684)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
.
- - - - - - - > 'Explorer.exe'(4056)
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infra.dll
.
Zeit der Fertigstellung: 2012-03-22 16:47:12
ComboFix-quarantined-files.txt 2012-03-22 15:47
.
Vor Suchlauf: 14 Verzeichnis(se), 165.367.365.632 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 165.626.798.080 Bytes frei
.
- - End Of File - - 6A6719B5EDD6A12FDC552DF78C305BA4
|
|
23.03.2012, 20:44
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Weisser Bildschirm Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.03.2012, 21:30
| #8 |
| | Weisser Bildschirm GMER ist mehrfach abgestürzt. Habe ihn daher übersprungen. OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:08:46 on 23.03.2012 OS: Windows Vista Home Premium Edition Service Pack 1 (Build 6001), 32-bit Default Browser: Mozilla Corporation Firefox 9.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl "iPROSet.cpl" - "Intel Corporation" - C:\Windows\system32\iPROSet.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL "PROSet Tools" - "Intel Corporation" - C:\Windows\System32\iPROSet.cpl "ProtectorSuiteInfoPanel" - "UPEK Inc." - C:\Program Files\Protector Suite QL\infopnl.cpl "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\Ante\AppData\Local\Temp\catchme.sys (File not found) "CEDRIVER60" (CEDRIVER60) - ? - C:\Program Files\Cheat Engine 6\dbk32.sys (File not found) "DgiVecp" (DgiVecp) - "Samsung Electronics Co., Ltd." - C:\Windows\system32\Drivers\DgiVecp.sys "fxldipow" (fxldipow) - ? - C:\Users\Ante\AppData\Local\Temp\fxldipow.sys (Hidden registry entry, rootkit activity | File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver" (PCD5SRVC{3F6A8B78-EC003E00-05040104}) - "PC-Doctor, Inc." - C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "SSPORT" (SSPORT) - "Samsung Electronics" - C:\Windows\system32\Drivers\SSPORT.sys "StarOpen" (StarOpen) - ? - C:\Windows\system32\drivers\StarOpen.sys (File found, but it contains no detailed information) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll {9AFDE8D6-200C-4b41-A5FC-B7251DFD1A8E} "Safearchive ContextMenu Class" - "UPEK Inc." - C:\Program Files\Protector Suite QL\farchns.dll {E6D7D89A-2232-446d-8A0F-D0F9B06DB1CA} "Safearchive ExtractIcon Class" - "UPEK Inc." - C:\Program Files\Protector Suite QL\farchns.dll {66C99756-1C92-4d3e-BA69-9400A6F731F5} "Safearchive PropertySheetHandler Class" - "UPEK Inc." - C:\Program Files\Protector Suite QL\farchns.dll {055EF591-5C38-49a0-9BDA-51B1D69D0BF4} "Safearchive ShellFolder Class" - "UPEK Inc." - C:\Program Files\Protector Suite QL\farchns.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {52B87208-9CCF-42C9-B88E-069281105805} "Trojan Remover Shell Extension" - "Simply Super Software" - C:\PROGRA~1\TROJAN~1\Trshlex.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@btrez.dll,-4015" - ? - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - ? - C:\Program Files\Windows Live\Toolbar\wltcore.dll (File not found) [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Notification packages" - "UPEK Inc." - C:\Windows\system32\psqlpwd.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Microsoft Office.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\OSA.EXE (Shortcut exists | File exists) "QuickSet.lnk" - "Dell Inc." - C:\Program Files\Dell\QuickSet\quickset.exe (Shortcut exists | File exists) "BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "dellsupportcenter" - "SupportSoft, Inc." - "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "IAAnotif" - "Intel Corporation" - "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "MobileConnect" - "Vodafone" - %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent "PCMService" - "CyberLink Corp." - "C:\Program Files\Dell\MediaDirect\PCMService.exe" "PSQLLauncher" - "UPEK Inc." - "C:\Program Files\Protector Suite QL\launcher.exe" /startup "RIMBBLaunchAgent.exe" - "Research In Motion Limited" - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "TkBellExe" - "RealNetworks, Inc." - "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot "TrojanScanner" - "Simply Super Software" - C:\Program Files\Trojan Remover\Trjscan.exe /boot [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "HP Discovery Port Monitor (HP Officejet 6500 E710a-f)" - "Hewlett-Packard Co." - C:\Windows\system32\HPDiscoPM5512.dll "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AAV UpdateService" (AAV UpdateService) - ? - C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe "Adobe LM Service" (Adobe LM Service) - "Adobe Systems" - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe "Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Dock Login Service" (DockLoginService) - "Stardock Corporation" - C:\Program Files\Dell\DellDock\DockLogin.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoToAssist" (GoToAssist) - "Citrix Online, a division of Citrix Systems, Inc." - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe "Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel Corporation" - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe "Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel Corporation" - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe "NMSAccess" (NMSAccess) - ? - C:\Program Files\CDBurnerXP\NMSAccessU.exe (File found, but it contains no detailed information) "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe "stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe "SupportSoft Sprocket Service (DellSupportCenter)" (sprtsvc_DellSupportCenter) - "SupportSoft, Inc." - C:\Program Files\Dell Support Center\bin\sprtsvc.exe "Vodafone Mobile Connect Service" (VMCService) - "Vodafone" - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [Winlogon] -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "GinaDLL" - "UPEK Inc." - C:\Windows\system32\vrlogon.dll -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "GoToAssist" - "Citrix Online, a division of Citrix Systems, Inc." - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll "psfus" - "UPEK Inc." - C:\Windows\system32\psqlpwd.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avsda.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-23 21:12:23
-----------------------------
21:12:23.735 OS Version: Windows 6.0.6001 Service Pack 1
21:12:23.735 Number of processors: 2 586 0x1706
21:12:23.736 ComputerName: XPS UserName:
21:12:25.080 Initialize success
21:13:33.531 AVAST engine defs: 12032301
21:13:41.167 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:13:41.171 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
21:13:41.192 Disk 0 MBR read successfully
21:13:41.195 Disk 0 MBR scan
21:13:41.212 Disk 0 Windows VISTA default MBR code
21:13:41.216 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 133 MB offset 63
21:13:41.232 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 274432
21:13:41.246 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 287189 MB offset 31731712
21:13:41.251 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 619896832
21:13:41.287 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 619898880
21:13:41.295 Disk 0 scanning sectors +625139712
21:13:41.559 Disk 0 scanning C:\Windows\system32\drivers
21:13:52.072 Service scanning
21:14:13.319 Modules scanning
21:14:17.189 Disk 0 trace - called modules:
21:14:17.211 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
21:14:17.215 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b58208]
21:14:17.219 3 CLASSPNP.SYS[8c1a7745] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x860ac030]
21:14:19.587 AVAST engine scan C:\Windows
21:14:24.591 AVAST engine scan C:\Windows\system32
21:17:10.819 AVAST engine scan C:\Windows\system32\drivers
21:17:27.961 AVAST engine scan C:\Users\Ante
21:26:43.986 AVAST engine scan C:\ProgramData
21:28:42.361 Scan finished successfully
21:28:52.335 Disk 0 MBR has been saved successfully to "C:\Users\Ante\Desktop\MBR.dat"
21:28:52.340 The log file has been saved successfully to "C:\Users\Ante\Desktop\aswMBR.txt"
|
|
23.03.2012, 22:01
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Weisser Bildschirm Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.03.2012, 14:29
| #10 |
| | Weisser Bildschirm Erledigt. Soll ich die Funde bei SUPERAntiSpyware entfernen ? Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 03/24/2012 at 01:40 PM
Application Version : 5.0.1146
Core Rules Database Version : 8377
Trace Rules Database Version: 6189
Scan type : Complete Scan
Total Scan Time : 01:51:58
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
UAC On - Limited User (Administrator User)
Memory items scanned : 830
Memory threats detected : 0
Registry items scanned : 37807
Registry threats detected : 0
File items scanned : 153765
File threats detected : 485
Adware.Tracking Cookie
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@a.trackfox2[2].txt [ /a.trackfox2 ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@ads2.zeusclicks[1].txt [ /ads2.zeusclicks ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@apmebf[1].txt [ /apmebf ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@atdmt.combing[1].txt [ /atdmt.combing ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@atdmt[1].txt [ /atdmt ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@doubleclick[1].txt [ /doubleclick ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@lpa.trackfox2[1].txt [ /lpa.trackfox2 ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@mediaplex[2].txt [ /mediaplex ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@pornhub[1].txt [ /pornhub ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@revsci[1].txt [ /revsci ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@smartadserver[2].txt [ /smartadserver ]
C:\Users\Ante\AppData\Roaming\Microsoft\Windows\Cookies\ante@www.pornhub[2].txt [ /www.pornhub ]
C:\USERS\ANTE\Cookies\ante@doubleclick[1].txt [ Cookie:ante@doubleclick.net/ ]
C:\USERS\ANTE\Cookies\ante@ads2.zeusclicks[1].txt [ Cookie:ante@ads2.zeusclicks.com/ ]
C:\USERS\ANTE\Cookies\ante@mediaplex[2].txt [ Cookie:ante@mediaplex.com/ ]
C:\USERS\ANTE\Cookies\ante@apmebf[1].txt [ Cookie:ante@apmebf.com/ ]
C:\USERS\ANTE\Cookies\ante@atdmt.combing[1].txt [ Cookie:ante@atdmt.combing.com/ ]
C:\USERS\ANTE\Cookies\ante@smartadserver[2].txt [ Cookie:ante@smartadserver.com/ ]
C:\USERS\ANTE\Cookies\ante@lpa.trackfox2[1].txt [ Cookie:ante@lpa.trackfox2.com/ ]
C:\USERS\ANTE\Cookies\ante@atdmt[1].txt [ Cookie:ante@atdmt.com/ ]
C:\USERS\ANTE\Cookies\ante@a.trackfox2[2].txt [ Cookie:ante@a.trackfox2.com/ ]
C:\USERS\ANTE\Cookies\ante@revsci[1].txt [ Cookie:ante@revsci.net/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\gast@smartadserver[2].txt [ Cookie:gast@smartadserver.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\gast@apmebf[1].txt [ Cookie:gast@apmebf.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\gast@mediaplex[1].txt [ Cookie:gast@mediaplex.com/ ]
C:\USERS\GAST\Cookies\gast@smartadserver[2].txt [ Cookie:gast@smartadserver.com/ ]
C:\USERS\GAST\Cookies\gast@apmebf[1].txt [ Cookie:gast@apmebf.com/ ]
C:\USERS\GAST\Cookies\gast@mediaplex[1].txt [ Cookie:gast@mediaplex.com/ ]
.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.autoscout24.112.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.germanwings.112.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adxvalue.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ad-emea.doubleclick.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad1.emediate.dk [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad1.emediate.dk [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.stepstone.112.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
e2.emediate.se [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ec-track.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.harrenmedianetwork.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
de.partypoker.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.track.webgains.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.advertstream.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.pornme.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.pornme.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.pornme.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.userporn.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad3.bannerbank.ru [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.hightraffic.hugoboss.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.b1-discount.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.b1-discount.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.kwikmedia.nero.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.kwikmedia.nero.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
stat.vattenfall.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adserver.adreactor.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
stat.aldi.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
stat.aldi.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.daimlerag.122.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.guj.122.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.hiddencounter.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.gameforge.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.oserverstats.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.visit-tracker.biz [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.visit-tracker.biz [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.visit-tracker.biz [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.advertisingenhanced.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.advertisingenhanced.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.active-tracking.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ww251.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.booming.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.booming.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
livestat.derstandard.at [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.brighteroption.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.brighteroption.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.brighteroption.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.brighteroption.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.businessenhanced.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.businessenhanced.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
media.neodau.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.digital-eliteboard.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.digital-eliteboard.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.digital-eliteboard.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.digital-eliteboard.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.game-advertising-online.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
media.gan-online.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking1.aleadpay.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.mobile.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
content2.kitnmedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ec-track.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.skydeutschland.122.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.klicktel.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.stats.betradar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.stats.betradar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.opodo.122.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
s04.flagcounter.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
static.freewebs.getclicky.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.unister-adservices.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
counters.gigya.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ads.saymedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ads.saymedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adnetworx.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.banners.victor.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.ikea.122.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.stat.4u.pl [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.leetmedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.leetmedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.blau.122.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.etargetnet.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
partners.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adlegend.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.findhe.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.findhe.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.maximumfindings.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.maximumfindings.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.publicidees.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.publicidees.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
tracking.hostgator.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.track-visits.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.gostats.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
zeroadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
trackstatsnow.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.toplist.cz [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
fr.sitestat.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mmorpg.toplista.pl [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mmorpg.toplista.pl [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.mmorpg.toplista.pl [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adserver.gamesites200.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adserver.gamesites200.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
adserver.gamesites200.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\ANTE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QZ9Z2JRZ.DEFAULT\COOKIES.SQLITE ]
C:\USERS\GAST\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\GAST@ATDMT[2].TXT [ /ATDMT ]
.doubleclick.net [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\GAST\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BNUKQD1S.DEFAULT\COOKIES.SQLITE ]
Trojan.Agent/Gen-FakeAV
C:\PROGRAM FILES\WINRAR\DEFAULT.SFX
Trojan.Dropper/Win-NV
C:\WINDOWS\SYSTEM32\MPK\MPK.DLL
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.23.05 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 7.0.6001.18000 Ante :: XPS [Administrator] Schutz: Aktiviert 24.03.2012 04:14:14 mbam-log-2012-03-24 (04-14-14).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 389140 Laufzeit: 1 Stunde(n), 18 Minute(n), Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
24.03.2012, 18:27
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Weisser Bildschirm Sieht ok aus, da wurden nur Cookies gefunden. Ein Fehlalarm und ein Überrest vom Keylogger (MPK.dll) Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.03.2012, 13:40
| #12 |
| | Weisser Bildschirm Hi Arne, das hört sich ja gut an. Der Rechner läuft, gefühlt, wieder wie vorher. Welches Virenprogramm würdest Du mir denn empfehlen ? Bisher habe ich Avira benutzt. Denke ein weiteres Programm könnte nicht schaden. |
|
26.03.2012, 18:19
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Weisser Bildschirm Also ich weiß nicht wie oft ich das schon gepostet hab, das steht hier auch schon zuhauf in vielen Diskussionen - es ist eigentlich immer wieder das gleiche Fazit => Es gibt nicht den besten Virenscanner! Die Frage - welcher Virenscanner oder ob der installierte reicht - taucht ständig auf. Der Virenscanner - egal welcher - kann und wird niemals 100% Schutz bieten können. Neue/unbekannte Schädlinge können immer durch die Lappen gehen. Geld ausgeben muss man nicht für einen Scanner, sowas wie Avast oder Microsoft Security Essentials sind für die privaten Gebrauch völlig ausreichend. Abgesehen davon nutzen verschiedene Virenscanner unterschiedliche Signaturen und Techniken, das führt dazu, dass zB Scanner1 Schädling X entdeckt, aber Schädling Y übersieht. Scanner2 erkennt Schädling Y, dafür aber Schädling X nicht... Wichtiger ist, dass du dich an Regeln hälst. Der beste Virenscanner bringt nichts, wenn du dich falsch verhälst und fahrlässig/unvorsichtig bist. Airbag und Sicherheitsgurt im Auto sind ja auch keine Gründe dafür auf die Verkehrsregeln zu pfeifen. Halte Dich am besten grob an diese Regeln:
Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar? Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Adobe - Andere Version des Adobe Flash Player installieren Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.03.2012, 01:37
| #14 |
| | Weisser Bildschirm Hi Arne, vielen vielen Dank für die tolle Hilfe!!!!!! Super das es euch gibt. |
|
| Themen zu Weisser Bildschirm |
| bildschirm, bitte warten, ergebniss, erstell, erstellt, fehlermeldung, frage, fragen, hilfe!, icon, kriege, laptop, logfiles, neu, not, ordner, otple, scan, speicher, verbindung, weile, weisser, weiße, weißes, windows |
Hybrid-Darstellung
