|
Plagegeister aller Art und deren Bekämpfung: Webseiten von Microsoft, Avira etc. nicht mehr aufrufbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
20.06.2012, 11:23 | #16 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar Da waren noch Malwareeinträge, die den Zugriff blockierten Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen: 1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen! 2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen 3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! 4.) Wenns erfolgreich war Bescheid sagen 5.) Erst dann wieder den Virenscanner einschalten
__________________ Logfiles bitte immer in CODE-Tags posten |
20.06.2012, 12:15 | #17 |
| Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar habe es gerade hochgeladen.
__________________ |
20.06.2012, 12:22 | #18 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
__________________ |
21.06.2012, 09:52 | #19 |
| Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar und noch ein log: Code:
ATTFilter 10:47:14.0288 4272 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32 10:47:14.0507 4272 ============================================================ 10:47:14.0507 4272 Current date / time: 2012/06/21 10:47:14.0507 10:47:14.0507 4272 SystemInfo: 10:47:14.0507 4272 10:47:14.0507 4272 OS Version: 6.1.7601 ServicePack: 1.0 10:47:14.0507 4272 Product type: Workstation 10:47:14.0507 4272 ComputerName: xxx-PC 10:47:14.0507 4272 UserName: xxx 10:47:14.0507 4272 Windows directory: C:\Windows 10:47:14.0507 4272 System windows directory: C:\Windows 10:47:14.0507 4272 Processor architecture: Intel x86 10:47:14.0507 4272 Number of processors: 4 10:47:14.0507 4272 Page size: 0x1000 10:47:14.0507 4272 Boot type: Normal boot 10:47:14.0507 4272 ============================================================ 10:47:15.0474 4272 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 10:47:15.0505 4272 ============================================================ 10:47:15.0505 4272 \Device\Harddisk0\DR0: 10:47:15.0505 4272 MBR partitions: 10:47:15.0505 4272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000 10:47:15.0505 4272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x38F6A000 10:47:15.0505 4272 ============================================================ 10:47:15.0521 4272 C: <-> \Device\Harddisk0\DR0\Partition1 10:47:15.0552 4272 D: <-> \Device\Harddisk0\DR0\Partition0 10:47:15.0552 4272 ============================================================ 10:47:15.0552 4272 Initialize success 10:47:15.0552 4272 ============================================================ 10:47:26.0721 3436 ============================================================ 10:47:26.0721 3436 Scan started 10:47:26.0721 3436 Mode: Manual; SigCheck; TDLFS; 10:47:26.0721 3436 ============================================================ 10:47:28.0110 3436 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 10:47:28.0235 3436 1394ohci - ok 10:47:28.0250 3436 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 10:47:28.0266 3436 ACPI - ok 10:47:28.0281 3436 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 10:47:28.0328 3436 AcpiPmi - ok 10:47:28.0359 3436 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys 10:47:28.0391 3436 adp94xx - ok 10:47:28.0406 3436 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys 10:47:28.0422 3436 adpahci - ok 10:47:28.0453 3436 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys 10:47:28.0469 3436 adpu320 - ok 10:47:28.0500 3436 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 10:47:28.0578 3436 AeLookupSvc - ok 10:47:28.0625 3436 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 10:47:28.0703 3436 AFD - ok 10:47:28.0718 3436 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 10:47:28.0734 3436 agp440 - ok 10:47:28.0749 3436 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys 10:47:28.0765 3436 aic78xx - ok 10:47:28.0781 3436 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 10:47:28.0827 3436 ALG - ok 10:47:28.0843 3436 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 10:47:28.0859 3436 aliide - ok 10:47:28.0890 3436 AMD External Events Utility (b19505648f033393e907e2e419fde8b3) C:\Windows\system32\atiesrxx.exe 10:47:28.0937 3436 AMD External Events Utility - ok 10:47:28.0937 3436 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 10:47:28.0952 3436 amdagp - ok 10:47:28.0952 3436 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 10:47:28.0968 3436 amdide - ok 10:47:28.0983 3436 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys 10:47:29.0015 3436 AmdK8 - ok 10:47:29.0015 3436 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys 10:47:29.0046 3436 AmdPPM - ok 10:47:29.0061 3436 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys 10:47:29.0061 3436 amdsata - ok 10:47:29.0093 3436 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys 10:47:29.0108 3436 amdsbs - ok 10:47:29.0124 3436 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys 10:47:29.0124 3436 amdxata - ok 10:47:29.0217 3436 AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files\Avira\AntiVir Desktop\sched.exe 10:47:29.0233 3436 AntiVirSchedulerService - ok 10:47:29.0264 3436 AntiVirService (72d90e56563165984224493069c69ed4) C:\Program Files\Avira\AntiVir Desktop\avguard.exe 10:47:29.0280 3436 AntiVirService - ok 10:47:29.0295 3436 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 10:47:29.0342 3436 AppID - ok 10:47:29.0389 3436 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 10:47:29.0436 3436 AppIDSvc - ok 10:47:29.0451 3436 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 10:47:29.0498 3436 Appinfo - ok 10:47:29.0561 3436 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 10:47:29.0561 3436 Apple Mobile Device - ok 10:47:29.0607 3436 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 10:47:29.0639 3436 AppMgmt - ok 10:47:29.0685 3436 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys 10:47:29.0701 3436 arc - ok 10:47:29.0810 3436 ArcGIS License Manager (a1ba9e0f78ad9356af750063197f4bdf) C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe 10:47:29.0841 3436 ArcGIS License Manager - ok 10:47:29.0935 3436 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys 10:47:29.0951 3436 arcsas - ok 10:47:29.0966 3436 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 10:47:30.0044 3436 AsyncMac - ok 10:47:30.0060 3436 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 10:47:30.0060 3436 atapi - ok 10:47:30.0325 3436 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys 10:47:30.0465 3436 atikmdag - ok 10:47:30.0575 3436 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 10:47:30.0653 3436 AudioEndpointBuilder - ok 10:47:30.0653 3436 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 10:47:30.0684 3436 Audiosrv - ok 10:47:30.0746 3436 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys 10:47:30.0762 3436 avgntflt - ok 10:47:30.0777 3436 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys 10:47:30.0793 3436 avipbb - ok 10:47:30.0809 3436 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 10:47:30.0855 3436 AxInstSV - ok 10:47:30.0918 3436 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys 10:47:30.0949 3436 b06bdrv - ok 10:47:30.0980 3436 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 10:47:31.0011 3436 b57nd60x - ok 10:47:31.0074 3436 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 10:47:31.0105 3436 BDESVC - ok 10:47:31.0121 3436 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 10:47:31.0167 3436 Beep - ok 10:47:31.0199 3436 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 10:47:31.0245 3436 BFE - ok 10:47:31.0292 3436 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll 10:47:31.0323 3436 BITS - ok 10:47:31.0339 3436 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 10:47:31.0355 3436 blbdrive - ok 10:47:31.0448 3436 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 10:47:31.0464 3436 Bonjour Service - ok 10:47:31.0479 3436 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 10:47:31.0511 3436 bowser - ok 10:47:31.0542 3436 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys 10:47:31.0573 3436 BrFiltLo - ok 10:47:31.0573 3436 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys 10:47:31.0620 3436 BrFiltUp - ok 10:47:31.0667 3436 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 10:47:31.0745 3436 Browser - ok 10:47:31.0760 3436 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 10:47:31.0776 3436 Brserid - ok 10:47:31.0791 3436 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 10:47:31.0807 3436 BrSerWdm - ok 10:47:31.0823 3436 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 10:47:31.0838 3436 BrUsbMdm - ok 10:47:31.0838 3436 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 10:47:31.0869 3436 BrUsbSer - ok 10:47:31.0869 3436 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys 10:47:31.0901 3436 BTHMODEM - ok 10:47:31.0916 3436 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 10:47:31.0947 3436 bthserv - ok 10:47:31.0979 3436 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 10:47:32.0010 3436 cdfs - ok 10:47:32.0057 3436 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 10:47:32.0088 3436 cdrom - ok 10:47:32.0119 3436 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 10:47:32.0150 3436 CertPropSvc - ok 10:47:32.0166 3436 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys 10:47:32.0181 3436 circlass - ok 10:47:32.0197 3436 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 10:47:32.0213 3436 CLFS - ok 10:47:32.0291 3436 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:47:32.0306 3436 clr_optimization_v2.0.50727_32 - ok 10:47:32.0353 3436 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:47:32.0369 3436 clr_optimization_v4.0.30319_32 - ok 10:47:32.0369 3436 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys 10:47:32.0384 3436 CmBatt - ok 10:47:32.0400 3436 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 10:47:32.0415 3436 cmdide - ok 10:47:32.0447 3436 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 10:47:32.0462 3436 CNG - ok 10:47:32.0478 3436 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys 10:47:32.0478 3436 Compbatt - ok 10:47:32.0509 3436 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys 10:47:32.0525 3436 CompositeBus - ok 10:47:32.0540 3436 COMSysApp - ok 10:47:32.0556 3436 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys 10:47:32.0571 3436 crcdisk - ok 10:47:32.0603 3436 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 10:47:32.0618 3436 CryptSvc - ok 10:47:32.0665 3436 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 10:47:32.0712 3436 CSC - ok 10:47:32.0743 3436 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll 10:47:32.0774 3436 CscService - ok 10:47:32.0821 3436 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 10:47:32.0852 3436 DcomLaunch - ok 10:47:32.0899 3436 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 10:47:32.0930 3436 defragsvc - ok 10:47:32.0993 3436 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 10:47:33.0008 3436 DfsC - ok 10:47:33.0055 3436 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 10:47:33.0086 3436 Dhcp - ok 10:47:33.0102 3436 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 10:47:33.0117 3436 discache - ok 10:47:33.0149 3436 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys 10:47:33.0149 3436 Disk - ok 10:47:33.0180 3436 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys 10:47:33.0211 3436 dmvsc - ok 10:47:33.0242 3436 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 10:47:33.0273 3436 Dnscache - ok 10:47:33.0305 3436 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 10:47:33.0336 3436 dot3svc - ok 10:47:33.0398 3436 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys 10:47:33.0414 3436 Dot4 - ok 10:47:33.0445 3436 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys 10:47:33.0461 3436 Dot4Print - ok 10:47:33.0476 3436 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys 10:47:33.0523 3436 dot4usb - ok 10:47:33.0554 3436 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 10:47:33.0585 3436 DPS - ok 10:47:33.0617 3436 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 10:47:33.0632 3436 drmkaud - ok 10:47:33.0695 3436 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 10:47:33.0726 3436 DXGKrnl - ok 10:47:33.0757 3436 e1express (cf0a6015f437161698c5b2a0a12cf052) C:\Windows\system32\DRIVERS\e1e6032.sys 10:47:33.0773 3436 e1express - ok 10:47:33.0804 3436 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 10:47:33.0835 3436 EapHost - ok 10:47:33.0960 3436 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys 10:47:34.0022 3436 ebdrv - ok 10:47:34.0131 3436 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 10:47:34.0194 3436 EFS - ok 10:47:34.0256 3436 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 10:47:34.0303 3436 ehRecvr - ok 10:47:34.0319 3436 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 10:47:34.0350 3436 ehSched - ok 10:47:34.0412 3436 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys 10:47:34.0428 3436 elxstor - ok 10:47:34.0443 3436 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 10:47:34.0459 3436 ErrDev - ok 10:47:34.0506 3436 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 10:47:34.0553 3436 EventSystem - ok 10:47:34.0568 3436 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 10:47:34.0599 3436 exfat - ok 10:47:34.0615 3436 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 10:47:34.0646 3436 fastfat - ok 10:47:34.0709 3436 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 10:47:34.0740 3436 Fax - ok 10:47:34.0740 3436 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 10:47:34.0771 3436 fdc - ok 10:47:34.0787 3436 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 10:47:34.0818 3436 fdPHost - ok 10:47:34.0818 3436 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 10:47:34.0849 3436 FDResPub - ok 10:47:34.0865 3436 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 10:47:34.0865 3436 FileInfo - ok 10:47:34.0880 3436 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 10:47:34.0911 3436 Filetrace - ok 10:47:35.0021 3436 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 10:47:35.0036 3436 FLEXnet Licensing Service - ok 10:47:35.0052 3436 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys 10:47:35.0067 3436 flpydisk - ok 10:47:35.0099 3436 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 10:47:35.0114 3436 FltMgr - ok 10:47:35.0161 3436 FontCache (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll 10:47:35.0208 3436 FontCache - ok 10:47:35.0270 3436 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 10:47:35.0270 3436 FontCache3.0.0.0 - ok 10:47:35.0286 3436 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 10:47:35.0301 3436 FsDepends - ok 10:47:35.0317 3436 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 10:47:35.0317 3436 Fs_Rec - ok 10:47:35.0348 3436 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 10:47:35.0364 3436 fvevol - ok 10:47:35.0395 3436 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys 10:47:35.0411 3436 gagp30kx - ok 10:47:35.0426 3436 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 10:47:35.0442 3436 GEARAspiWDM - ok 10:47:35.0489 3436 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 10:47:35.0535 3436 gpsvc - ok 10:47:35.0551 3436 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 10:47:35.0582 3436 hcw85cir - ok 10:47:35.0629 3436 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 10:47:35.0660 3436 HdAudAddService - ok 10:47:35.0676 3436 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys 10:47:35.0691 3436 HDAudBus - ok 10:47:35.0691 3436 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys 10:47:35.0723 3436 HidBatt - ok 10:47:35.0738 3436 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys 10:47:35.0754 3436 HidBth - ok 10:47:35.0769 3436 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys 10:47:35.0785 3436 HidIr - ok 10:47:35.0801 3436 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll 10:47:35.0847 3436 hidserv - ok 10:47:35.0894 3436 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 10:47:35.0925 3436 HidUsb - ok 10:47:35.0941 3436 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 10:47:35.0972 3436 hkmsvc - ok 10:47:35.0988 3436 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 10:47:36.0019 3436 HomeGroupListener - ok 10:47:36.0050 3436 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 10:47:36.0097 3436 HomeGroupProvider - ok 10:47:36.0191 3436 hpqcxs08 (af81f7ba6a09119006fe041a2f2f3ece) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 10:47:36.0191 3436 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 10:47:36.0191 3436 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 10:47:36.0222 3436 hpqddsvc (7244f63db8ea883b3dc8e730c645d073) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 10:47:36.0237 3436 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 10:47:36.0237 3436 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 10:47:36.0253 3436 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 10:47:36.0269 3436 HpSAMD - ok 10:47:36.0331 3436 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 10:47:36.0362 3436 HTTP - ok 10:47:36.0378 3436 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 10:47:36.0378 3436 hwpolicy - ok 10:47:36.0409 3436 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 10:47:36.0425 3436 i8042prt - ok 10:47:36.0440 3436 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys 10:47:36.0456 3436 iaStorV - ok 10:47:36.0565 3436 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 10:47:36.0596 3436 idsvc - ok 10:47:36.0627 3436 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys 10:47:36.0627 3436 iirsp - ok 10:47:36.0690 3436 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 10:47:36.0737 3436 IKEEXT - ok 10:47:36.0752 3436 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 10:47:36.0752 3436 intelide - ok 10:47:36.0783 3436 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 10:47:36.0799 3436 intelppm - ok 10:47:36.0815 3436 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 10:47:36.0830 3436 IPBusEnum - ok 10:47:36.0861 3436 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:47:36.0908 3436 IpFilterDriver - ok 10:47:36.0939 3436 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 10:47:36.0971 3436 iphlpsvc - ok 10:47:36.0986 3436 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 10:47:37.0002 3436 IPMIDRV - ok 10:47:37.0002 3436 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 10:47:37.0033 3436 IPNAT - ok 10:47:37.0127 3436 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe 10:47:37.0142 3436 iPod Service - ok 10:47:37.0173 3436 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 10:47:37.0205 3436 IRENUM - ok 10:47:37.0220 3436 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 10:47:37.0220 3436 isapnp - ok 10:47:37.0251 3436 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 10:47:37.0267 3436 iScsiPrt - ok 10:47:37.0283 3436 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 10:47:37.0298 3436 kbdclass - ok 10:47:37.0314 3436 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 10:47:37.0345 3436 kbdhid - ok 10:47:37.0361 3436 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 10:47:37.0376 3436 KeyIso - ok 10:47:37.0407 3436 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 10:47:37.0407 3436 KSecDD - ok 10:47:37.0439 3436 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 10:47:37.0439 3436 KSecPkg - ok 10:47:37.0485 3436 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 10:47:37.0517 3436 KtmRm - ok 10:47:37.0548 3436 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll 10:47:37.0595 3436 LanmanServer - ok 10:47:37.0626 3436 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 10:47:37.0657 3436 LanmanWorkstation - ok 10:47:37.0673 3436 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 10:47:37.0719 3436 lltdio - ok 10:47:37.0751 3436 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 10:47:37.0782 3436 lltdsvc - ok 10:47:37.0797 3436 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 10:47:37.0844 3436 lmhosts - ok 10:47:37.0875 3436 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys 10:47:37.0891 3436 LSI_FC - ok 10:47:37.0907 3436 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys 10:47:37.0922 3436 LSI_SAS - ok 10:47:37.0938 3436 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys 10:47:37.0938 3436 LSI_SAS2 - ok 10:47:37.0953 3436 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys 10:47:37.0969 3436 LSI_SCSI - ok 10:47:37.0985 3436 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 10:47:38.0000 3436 luafv - ok 10:47:38.0047 3436 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys 10:47:38.0063 3436 MBAMProtector - ok 10:47:38.0156 3436 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 10:47:38.0172 3436 MBAMService - ok 10:47:38.0203 3436 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 10:47:38.0219 3436 Mcx2Svc - ok 10:47:38.0234 3436 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys 10:47:38.0250 3436 megasas - ok 10:47:38.0265 3436 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys 10:47:38.0281 3436 MegaSR - ok 10:47:38.0312 3436 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 10:47:38.0343 3436 MMCSS - ok 10:47:38.0359 3436 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 10:47:38.0390 3436 Modem - ok 10:47:38.0406 3436 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 10:47:38.0421 3436 monitor - ok 10:47:38.0453 3436 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 10:47:38.0453 3436 mouclass - ok 10:47:38.0468 3436 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 10:47:38.0499 3436 mouhid - ok 10:47:38.0515 3436 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 10:47:38.0531 3436 mountmgr - ok 10:47:38.0562 3436 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 10:47:38.0577 3436 MozillaMaintenance - ok 10:47:38.0593 3436 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 10:47:38.0593 3436 mpio - ok 10:47:38.0609 3436 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 10:47:38.0640 3436 mpsdrv - ok 10:47:38.0671 3436 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 10:47:38.0749 3436 MpsSvc - ok 10:47:38.0765 3436 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 10:47:38.0780 3436 MRxDAV - ok 10:47:38.0827 3436 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 10:47:38.0843 3436 mrxsmb - ok 10:47:38.0858 3436 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:47:38.0889 3436 mrxsmb10 - ok 10:47:38.0905 3436 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:47:38.0936 3436 mrxsmb20 - ok 10:47:38.0967 3436 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 10:47:38.0983 3436 msahci - ok 10:47:38.0999 3436 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 10:47:39.0014 3436 msdsm - ok 10:47:39.0045 3436 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 10:47:39.0077 3436 MSDTC - ok 10:47:39.0092 3436 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 10:47:39.0123 3436 Msfs - ok 10:47:39.0123 3436 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 10:47:39.0155 3436 mshidkmdf - ok 10:47:39.0155 3436 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 10:47:39.0170 3436 msisadrv - ok 10:47:39.0217 3436 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 10:47:39.0248 3436 MSiSCSI - ok 10:47:39.0248 3436 msiserver - ok 10:47:39.0279 3436 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 10:47:39.0295 3436 MSKSSRV - ok 10:47:39.0311 3436 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 10:47:39.0342 3436 MSPCLOCK - ok 10:47:39.0357 3436 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 10:47:39.0389 3436 MSPQM - ok 10:47:39.0420 3436 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 10:47:39.0420 3436 MsRPC - ok 10:47:39.0435 3436 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 10:47:39.0451 3436 mssmbios - ok 10:47:39.0451 3436 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 10:47:39.0482 3436 MSTEE - ok 10:47:39.0482 3436 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys 10:47:39.0529 3436 MTConfig - ok 10:47:39.0545 3436 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 10:47:39.0560 3436 Mup - ok 10:47:39.0591 3436 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 10:47:39.0638 3436 napagent - ok 10:47:39.0654 3436 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 10:47:39.0701 3436 NativeWifiP - ok 10:47:39.0763 3436 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 10:47:39.0794 3436 NDIS - ok 10:47:39.0810 3436 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 10:47:39.0841 3436 NdisCap - ok 10:47:39.0857 3436 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 10:47:39.0888 3436 NdisTapi - ok 10:47:39.0888 3436 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 10:47:39.0903 3436 Ndisuio - ok 10:47:39.0935 3436 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 10:47:39.0966 3436 NdisWan - ok 10:47:39.0981 3436 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 10:47:40.0013 3436 NDProxy - ok 10:47:40.0013 3436 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 10:47:40.0044 3436 NetBIOS - ok 10:47:40.0059 3436 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 10:47:40.0106 3436 NetBT - ok 10:47:40.0122 3436 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 10:47:40.0137 3436 Netlogon - ok 10:47:40.0184 3436 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 10:47:40.0215 3436 Netman - ok 10:47:40.0247 3436 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 10:47:40.0293 3436 netprofm - ok 10:47:40.0371 3436 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 10:47:40.0371 3436 NetTcpPortSharing - ok 10:47:40.0434 3436 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys 10:47:40.0434 3436 nfrd960 - ok 10:47:40.0465 3436 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 10:47:40.0496 3436 NlaSvc - ok 10:47:40.0512 3436 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 10:47:40.0527 3436 Npfs - ok 10:47:40.0543 3436 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 10:47:40.0574 3436 nsi - ok 10:47:40.0574 3436 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 10:47:40.0605 3436 nsiproxy - ok 10:47:40.0668 3436 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys 10:47:40.0699 3436 Ntfs - ok 10:47:40.0715 3436 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 10:47:40.0730 3436 Null - ok 10:47:40.0746 3436 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys 10:47:40.0761 3436 nvraid - ok 10:47:40.0777 3436 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys 10:47:40.0793 3436 nvstor - ok 10:47:40.0808 3436 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 10:47:40.0824 3436 nv_agp - ok 10:47:40.0824 3436 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 10:47:40.0839 3436 ohci1394 - ok 10:47:40.0917 3436 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 10:47:40.0933 3436 ose - ok 10:47:41.0136 3436 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 10:47:41.0214 3436 osppsvc - ok 10:47:41.0370 3436 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 10:47:41.0401 3436 p2pimsvc - ok 10:47:41.0417 3436 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 10:47:41.0448 3436 p2psvc - ok 10:47:41.0479 3436 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys 10:47:41.0495 3436 Parport - ok 10:47:41.0510 3436 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 10:47:41.0526 3436 partmgr - ok 10:47:41.0541 3436 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys 10:47:41.0541 3436 Parvdm - ok 10:47:41.0557 3436 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 10:47:41.0588 3436 PcaSvc - ok 10:47:41.0588 3436 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 10:47:41.0604 3436 pci - ok 10:47:41.0619 3436 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 10:47:41.0619 3436 pciide - ok 10:47:41.0635 3436 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys 10:47:41.0651 3436 pcmcia - ok 10:47:41.0666 3436 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 10:47:41.0682 3436 pcw - ok 10:47:41.0729 3436 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 10:47:41.0775 3436 PEAUTH - ok 10:47:41.0838 3436 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 10:47:41.0885 3436 PeerDistSvc - ok 10:47:41.0978 3436 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 10:47:42.0025 3436 pla - ok 10:47:42.0150 3436 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 10:47:42.0197 3436 PlugPlay - ok 10:47:42.0197 3436 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 10:47:42.0228 3436 PNRPAutoReg - ok 10:47:42.0259 3436 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 10:47:42.0275 3436 PNRPsvc - ok 10:47:42.0306 3436 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 10:47:42.0353 3436 PolicyAgent - ok 10:47:42.0384 3436 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 10:47:42.0431 3436 Power - ok 10:47:42.0493 3436 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 10:47:42.0524 3436 PptpMiniport - ok 10:47:42.0540 3436 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys 10:47:42.0555 3436 Processor - ok 10:47:42.0587 3436 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 10:47:42.0618 3436 ProfSvc - ok 10:47:42.0633 3436 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 10:47:42.0649 3436 ProtectedStorage - ok 10:47:42.0680 3436 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 10:47:42.0711 3436 Psched - ok 10:47:42.0789 3436 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys 10:47:42.0821 3436 ql2300 - ok 10:47:42.0914 3436 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys 10:47:42.0930 3436 ql40xx - ok 10:47:42.0961 3436 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 10:47:42.0992 3436 QWAVE - ok 10:47:42.0992 3436 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 10:47:43.0008 3436 QWAVEdrv - ok 10:47:43.0023 3436 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 10:47:43.0070 3436 RasAcd - ok 10:47:43.0179 3436 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 10:47:43.0211 3436 RasAgileVpn - ok 10:47:43.0273 3436 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 10:47:43.0304 3436 RasAuto - ok 10:47:43.0320 3436 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 10:47:43.0367 3436 Rasl2tp - ok 10:47:43.0382 3436 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 10:47:43.0413 3436 RasMan - ok 10:47:43.0429 3436 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 10:47:43.0460 3436 RasPppoe - ok 10:47:43.0476 3436 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 10:47:43.0507 3436 RasSstp - ok 10:47:43.0523 3436 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 10:47:43.0554 3436 rdbss - ok 10:47:43.0569 3436 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 10:47:43.0585 3436 rdpbus - ok 10:47:43.0601 3436 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 10:47:43.0647 3436 RDPCDD - ok 10:47:43.0679 3436 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 10:47:43.0725 3436 RDPDR - ok 10:47:43.0741 3436 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 10:47:43.0772 3436 RDPENCDD - ok 10:47:43.0788 3436 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 10:47:43.0819 3436 RDPREFMP - ok 10:47:43.0866 3436 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys 10:47:43.0897 3436 RDPWD - ok 10:47:43.0928 3436 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 10:47:43.0928 3436 rdyboost - ok 10:47:43.0959 3436 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 10:47:43.0991 3436 RemoteAccess - ok 10:47:44.0022 3436 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 10:47:44.0053 3436 RemoteRegistry - ok 10:47:44.0084 3436 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 10:47:44.0131 3436 RpcEptMapper - ok 10:47:44.0162 3436 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 10:47:44.0178 3436 RpcLocator - ok 10:47:44.0209 3436 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 10:47:44.0240 3436 RpcSs - ok 10:47:44.0271 3436 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 10:47:44.0303 3436 rspndr - ok 10:47:44.0334 3436 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 10:47:44.0365 3436 s3cap - ok 10:47:44.0381 3436 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 10:47:44.0396 3436 SamSs - ok 10:47:44.0412 3436 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 10:47:44.0427 3436 sbp2port - ok 10:47:44.0443 3436 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 10:47:44.0490 3436 SCardSvr - ok 10:47:44.0505 3436 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 10:47:44.0552 3436 scfilter - ok 10:47:44.0599 3436 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 10:47:44.0646 3436 Schedule - ok 10:47:44.0677 3436 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 10:47:44.0693 3436 SCPolicySvc - ok 10:47:44.0739 3436 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 10:47:44.0771 3436 SDRSVC - ok 10:47:44.0786 3436 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 10:47:44.0817 3436 secdrv - ok 10:47:44.0833 3436 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 10:47:44.0864 3436 seclogon - ok 10:47:44.0880 3436 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll 10:47:44.0895 3436 SENS - ok 10:47:44.0927 3436 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 10:47:44.0958 3436 SensrSvc - ok 10:47:44.0973 3436 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys 10:47:44.0989 3436 Serenum - ok 10:47:44.0989 3436 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys 10:47:45.0036 3436 Serial - ok 10:47:45.0036 3436 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys 10:47:45.0051 3436 sermouse - ok 10:47:45.0083 3436 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 10:47:45.0129 3436 SessionEnv - ok 10:47:45.0129 3436 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 10:47:45.0145 3436 sffdisk - ok 10:47:45.0145 3436 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 10:47:45.0161 3436 sffp_mmc - ok 10:47:45.0176 3436 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 10:47:45.0192 3436 sffp_sd - ok 10:47:45.0192 3436 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys 10:47:45.0207 3436 sfloppy - ok 10:47:45.0254 3436 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 10:47:45.0301 3436 SharedAccess - ok 10:47:45.0317 3436 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 10:47:45.0363 3436 ShellHWDetection - ok 10:47:45.0363 3436 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 10:47:45.0379 3436 sisagp - ok 10:47:45.0395 3436 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys 10:47:45.0410 3436 SiSRaid2 - ok 10:47:45.0426 3436 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys 10:47:45.0441 3436 SiSRaid4 - ok 10:47:45.0457 3436 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 10:47:45.0488 3436 Smb - ok 10:47:45.0519 3436 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 10:47:45.0535 3436 SNMPTRAP - ok 10:47:45.0535 3436 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 10:47:45.0551 3436 spldr - ok 10:47:45.0582 3436 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 10:47:45.0613 3436 Spooler - ok 10:47:45.0738 3436 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 10:47:45.0816 3436 sppsvc - ok 10:47:45.0909 3436 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 10:47:45.0925 3436 sppuinotify - ok 10:47:45.0972 3436 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 10:47:46.0003 3436 srv - ok 10:47:46.0019 3436 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 10:47:46.0050 3436 srv2 - ok 10:47:46.0065 3436 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 10:47:46.0097 3436 srvnet - ok 10:47:46.0112 3436 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 10:47:46.0143 3436 SSDPSRV - ok 10:47:46.0159 3436 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 10:47:46.0159 3436 ssmdrv - ok 10:47:46.0190 3436 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 10:47:46.0221 3436 SstpSvc - ok 10:47:46.0237 3436 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys 10:47:46.0253 3436 stexstor - ok 10:47:46.0315 3436 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 10:47:46.0346 3436 StiSvc - ok 10:47:46.0362 3436 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 10:47:46.0377 3436 storflt - ok 10:47:46.0409 3436 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll 10:47:46.0424 3436 StorSvc - ok 10:47:46.0440 3436 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 10:47:46.0455 3436 storvsc - ok 10:47:46.0471 3436 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 10:47:46.0471 3436 swenum - ok 10:47:46.0502 3436 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 10:47:46.0549 3436 swprv - ok 10:47:46.0596 3436 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 10:47:46.0627 3436 SysMain - ok 10:47:46.0658 3436 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 10:47:46.0689 3436 TabletInputService - ok 10:47:46.0705 3436 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 10:47:46.0736 3436 TapiSrv - ok 10:47:46.0767 3436 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 10:47:46.0799 3436 TBS - ok 10:47:46.0892 3436 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 10:47:46.0923 3436 Tcpip - ok 10:47:46.0955 3436 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 10:47:46.0970 3436 TCPIP6 - ok 10:47:47.0001 3436 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 10:47:47.0033 3436 tcpipreg - ok 10:47:47.0048 3436 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 10:47:47.0064 3436 TDPIPE - ok 10:47:47.0095 3436 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 10:47:47.0111 3436 TDTCP - ok 10:47:47.0126 3436 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 10:47:47.0157 3436 tdx - ok 10:47:47.0157 3436 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys 10:47:47.0173 3436 TermDD - ok 10:47:47.0204 3436 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 10:47:47.0235 3436 TermService - ok 10:47:47.0251 3436 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 10:47:47.0282 3436 Themes - ok 10:47:47.0313 3436 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 10:47:47.0329 3436 THREADORDER - ok 10:47:47.0345 3436 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 10:47:47.0391 3436 TrkWks - ok 10:47:47.0469 3436 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 10:47:47.0501 3436 TrustedInstaller - ok 10:47:47.0532 3436 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 10:47:47.0563 3436 tssecsrv - ok 10:47:47.0563 3436 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 10:47:47.0610 3436 TsUsbFlt - ok 10:47:47.0625 3436 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys 10:47:47.0641 3436 TsUsbGD - ok 10:47:47.0672 3436 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 10:47:47.0688 3436 tunnel - ok 10:47:47.0703 3436 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys 10:47:47.0703 3436 uagp35 - ok 10:47:47.0719 3436 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 10:47:47.0750 3436 udfs - ok 10:47:47.0781 3436 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 10:47:47.0797 3436 UI0Detect - ok 10:47:47.0813 3436 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 10:47:47.0828 3436 uliagpkx - ok 10:47:47.0844 3436 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 10:47:47.0859 3436 umbus - ok 10:47:47.0875 3436 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys 10:47:47.0891 3436 UmPass - ok 10:47:47.0922 3436 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll 10:47:47.0953 3436 UmRdpService - ok 10:47:47.0984 3436 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 10:47:48.0031 3436 upnphost - ok 10:47:48.0078 3436 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 10:47:48.0109 3436 USBAAPL - ok 10:47:48.0125 3436 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys 10:47:48.0140 3436 usbccgp - ok 10:47:48.0156 3436 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 10:47:48.0171 3436 usbcir - ok 10:47:48.0187 3436 usbehci (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\DRIVERS\usbehci.sys 10:47:48.0203 3436 usbehci - ok 10:47:48.0234 3436 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\DRIVERS\usbhub.sys 10:47:48.0249 3436 usbhub - ok 10:47:48.0296 3436 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys 10:47:48.0312 3436 usbohci - ok 10:47:48.0343 3436 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 10:47:48.0359 3436 usbprint - ok 10:47:48.0405 3436 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 10:47:48.0421 3436 usbscan - ok 10:47:48.0421 3436 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:47:48.0437 3436 USBSTOR - ok 10:47:48.0452 3436 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 10:47:48.0468 3436 usbuhci - ok 10:47:48.0499 3436 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 10:47:48.0530 3436 UxSms - ok 10:47:48.0561 3436 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 10:47:48.0577 3436 VaultSvc - ok 10:47:48.0593 3436 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 10:47:48.0608 3436 vdrvroot - ok 10:47:48.0639 3436 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 10:47:48.0671 3436 vds - ok 10:47:48.0686 3436 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 10:47:48.0717 3436 vga - ok 10:47:48.0733 3436 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 10:47:48.0749 3436 VgaSave - ok 10:47:48.0764 3436 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 10:47:48.0780 3436 vhdmp - ok 10:47:48.0795 3436 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 10:47:48.0811 3436 viaagp - ok 10:47:48.0811 3436 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys 10:47:48.0842 3436 ViaC7 - ok 10:47:48.0842 3436 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 10:47:48.0858 3436 viaide - ok 10:47:48.0889 3436 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 10:47:48.0905 3436 vmbus - ok 10:47:48.0936 3436 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 10:47:48.0951 3436 VMBusHID - ok 10:47:48.0983 3436 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 10:47:48.0983 3436 volmgr - ok 10:47:49.0014 3436 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 10:47:49.0029 3436 volmgrx - ok 10:47:49.0045 3436 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 10:47:49.0061 3436 volsnap - ok 10:47:49.0092 3436 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys 10:47:49.0107 3436 vsmraid - ok 10:47:49.0170 3436 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 10:47:49.0217 3436 VSS - ok 10:47:49.0232 3436 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 10:47:49.0248 3436 vwifibus - ok 10:47:49.0279 3436 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 10:47:49.0310 3436 W32Time - ok 10:47:49.0326 3436 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys 10:47:49.0341 3436 WacomPen - ok 10:47:49.0373 3436 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 10:47:49.0404 3436 WANARP - ok 10:47:49.0404 3436 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 10:47:49.0435 3436 Wanarpv6 - ok 10:47:49.0497 3436 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 10:47:49.0544 3436 wbengine - ok 10:47:49.0560 3436 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 10:47:49.0591 3436 WbioSrvc - ok 10:47:49.0607 3436 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 10:47:49.0622 3436 wcncsvc - ok 10:47:49.0638 3436 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 10:47:49.0685 3436 WcsPlugInService - ok 10:47:49.0747 3436 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys 10:47:49.0747 3436 Wd - ok 10:47:49.0778 3436 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 10:47:49.0809 3436 Wdf01000 - ok 10:47:49.0825 3436 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 10:47:49.0872 3436 WdiServiceHost - ok 10:47:49.0872 3436 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 10:47:49.0887 3436 WdiSystemHost - ok 10:47:49.0919 3436 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 10:47:49.0950 3436 WebClient - ok 10:47:49.0965 3436 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 10:47:49.0997 3436 Wecsvc - ok 10:47:49.0997 3436 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 10:47:50.0028 3436 wercplsupport - ok 10:47:50.0059 3436 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 10:47:50.0090 3436 WerSvc - ok 10:47:50.0106 3436 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 10:47:50.0121 3436 WfpLwf - ok 10:47:50.0137 3436 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 10:47:50.0153 3436 WIMMount - ok 10:47:50.0231 3436 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 10:47:50.0277 3436 WinDefend - ok 10:47:50.0277 3436 WinHttpAutoProxySvc - ok 10:47:50.0355 3436 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 10:47:50.0387 3436 Winmgmt - ok 10:47:50.0465 3436 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 10:47:50.0511 3436 WinRM - ok 10:47:50.0589 3436 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 10:47:50.0652 3436 Wlansvc - ok 10:47:50.0808 3436 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 10:47:50.0839 3436 wlidsvc - ok 10:47:50.0948 3436 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 10:47:50.0964 3436 WmiAcpi - ok 10:47:51.0011 3436 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 10:47:51.0042 3436 wmiApSrv - ok 10:47:51.0135 3436 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 10:47:51.0198 3436 WMPNetworkSvc - ok 10:47:51.0229 3436 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 10:47:51.0276 3436 WPCSvc - ok 10:47:51.0276 3436 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 10:47:51.0307 3436 WPDBusEnum - ok 10:47:51.0369 3436 WPFFontCache_v0400 - ok 10:47:51.0447 3436 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 10:47:51.0479 3436 ws2ifsl - ok 10:47:51.0494 3436 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll 10:47:51.0510 3436 wscsvc - ok 10:47:51.0510 3436 WSearch - ok 10:47:51.0619 3436 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 10:47:51.0681 3436 wuauserv - ok 10:47:51.0759 3436 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 10:47:51.0791 3436 WudfPf - ok 10:47:51.0806 3436 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 10:47:51.0837 3436 WUDFRd - ok 10:47:51.0884 3436 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 10:47:51.0900 3436 wudfsvc - ok 10:47:52.0305 3436 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 10:47:52.0352 3436 WwanSvc - ok 10:47:52.0352 3436 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 10:47:52.0649 3436 \Device\Harddisk0\DR0 - ok 10:47:52.0680 3436 Boot (0x1200) (3289c7787c146d6200fe0c72624385b8) \Device\Harddisk0\DR0\Partition0 10:47:52.0680 3436 \Device\Harddisk0\DR0\Partition0 - ok 10:47:52.0695 3436 Boot (0x1200) (ea9c4b7872fee3b9d05f7604b521caf7) \Device\Harddisk0\DR0\Partition1 10:47:52.0695 3436 \Device\Harddisk0\DR0\Partition1 - ok 10:47:52.0695 3436 ============================================================ 10:47:52.0695 3436 Scan finished 10:47:52.0695 3436 ============================================================ 10:47:52.0711 5332 Detected object count: 2 10:47:52.0711 5332 Actual detected object count: 2 10:48:20.0994 5332 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 10:48:20.0994 5332 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:48:20.0994 5332 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 10:48:20.0994 5332 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip |
21.06.2012, 14:11 | #20 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
22.06.2012, 08:52 | #21 |
| Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar hab ich gemacht und dieses log kam dabei raus: Code:
ATTFilter ComboFix 12-06-21.03 - xxx 22.06.2012 9:18.1.4 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3070.2050 [GMT 2:00] ausgeführt von:: c:\users\xxx\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Neuer Wiederherstellungspunkt wurde erstellt . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk c:\users\xxx\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll c:\windows\IsUn0407.exe c:\windows\system32\muzapp.exe c:\windows\system32\regobj.dll . . ((((((((((((((((((((((( Dateien erstellt von 2012-05-22 bis 2012-06-22 )))))))))))))))))))))))))))))) . . 2012-06-20 09:27 . 2012-06-20 11:13 -------- d-----w- C:\_OTL 2012-06-19 08:17 . 2012-06-19 08:17 -------- d-----w- c:\program files\ESET 2012-06-18 09:13 . 2012-06-18 09:13 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-06-18 09:13 . 2012-06-18 09:13 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-06-18 09:13 . 2012-06-18 09:13 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-06-18 07:24 . 2012-06-18 07:24 -------- d-----w- c:\users\xxx\AppData\Roaming\Malwarebytes 2012-06-18 07:24 . 2012-06-18 07:24 -------- d-----w- c:\programdata\Malwarebytes 2012-06-18 07:24 . 2012-06-18 07:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-18 07:24 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-28 13:06 . 2012-05-28 13:06 -------- d-----w- c:\programdata\Macrovision 2012-05-28 13:06 . 2012-06-18 07:15 -------- d-----w- c:\programdata\FLEXnet 2012-05-28 13:06 . 2012-05-28 13:06 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2012-05-28 13:06 . 2012-05-28 13:06 -------- d-----w- c:\program files\ArcGIS . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-18 09:13 . 2011-05-01 08:07 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DymoQuickPrint"="c:\program files\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2010-05-11 1885512] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-09-29 20880] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768] "DLSService"="c:\program files\DYMO\DYMO Label Software\DLSService.exe" [2010-05-11 55808] "FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2010-06-17 370176] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "LexwareInfoService"="c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 339312] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "StartCCC"=c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 129976] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360] S2 ArcGIS License Manager;ArcGIS License Manager;c:\program files\ArcGIS\License10.0\bin\lmgrd.exe [2008-11-05 1500424] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://google.de/ uInternet Settings,ProxyOverride = *.local IE: An OneNote s&enden - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.178.1 FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ft2iwcdl.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - Entfernte verwaiste Registrierungseinträge - - - - . HKCU-Run-Cixyi - c:\users\xxx\AppData\Roaming\Xoyz\olow.exe AddRemove-Adobe Photoshop 6.0 - c:\windows\ISUN0407.EXE AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe AddRemove-3690843993.smarthome.blob.core.windows.net - c:\program files\Microsoft Silverlight\4.0.60831.0\Silverlight.Configuration.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-3501483959-2219181981-1860870347-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3501483959-2219181981-1860870347-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\windows\system32\atieclxx.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\windows\system32\taskhost.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\conhost.exe c:\windows\system32\conhost.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\ArcGIS\License10.0\bin\ARCGIS.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conhost.exe c:\program files\iPod\bin\iPodService.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Zeit der Fertigstellung: 2012-06-22 09:31:40 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2012-06-22 07:31 . Vor Suchlauf: 12 Verzeichnis(se), 354.947.809.280 Bytes frei Nach Suchlauf: 20 Verzeichnis(se), 354.916.835.328 Bytes frei . - - End Of File - - 452A201F38AD305AE0881F320888A80A |
22.06.2012, 10:14 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter Firefox:: FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ft2iwcdl.default\ FF - prefs.js: browser.search.defaulturl - FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false 4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet. 6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
23.06.2012, 09:27 | #23 |
| Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar hier das entsprechende log: Code:
ATTFilter ComboFix 12-06-23.01 - xxx 23.06.2012 10:05:14.2.4 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3070.2046 [GMT 2:00] ausgeführt von:: c:\users\xxx\Desktop\ComboFix.exe Benutzte Befehlsschalter :: c:\users\xxx\Desktop\CFScript.txt AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\xxx\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll . . ((((((((((((((((((((((( Dateien erstellt von 2012-05-23 bis 2012-06-23 )))))))))))))))))))))))))))))) . . 2012-06-23 08:13 . 2012-06-23 08:13 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-20 09:27 . 2012-06-20 11:13 -------- d-----w- C:\_OTL 2012-06-19 08:17 . 2012-06-19 08:17 -------- d-----w- c:\program files\ESET 2012-06-18 09:13 . 2012-06-18 09:13 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-06-18 09:13 . 2012-06-18 09:13 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-06-18 09:13 . 2012-06-18 09:13 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-06-18 07:24 . 2012-06-18 07:24 -------- d-----w- c:\users\xxx\AppData\Roaming\Malwarebytes 2012-06-18 07:24 . 2012-06-18 07:24 -------- d-----w- c:\programdata\Malwarebytes 2012-06-18 07:24 . 2012-06-18 07:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-18 07:24 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-28 13:06 . 2012-05-28 13:06 -------- d-----w- c:\programdata\Macrovision 2012-05-28 13:06 . 2012-06-18 07:15 -------- d-----w- c:\programdata\FLEXnet 2012-05-28 13:06 . 2012-05-28 13:06 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2012-05-28 13:06 . 2012-05-28 13:06 -------- d-----w- c:\program files\ArcGIS . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-18 09:13 . 2011-05-01 08:07 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DymoQuickPrint"="c:\program files\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2010-05-11 1885512] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-09-29 20880] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768] "DLSService"="c:\program files\DYMO\DYMO Label Software\DLSService.exe" [2010-05-11 55808] "FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2010-06-17 370176] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "LexwareInfoService"="c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 339312] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "StartCCC"=c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 129976] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360] S2 ArcGIS License Manager;ArcGIS License Manager;c:\program files\ArcGIS\License10.0\bin\lmgrd.exe [2008-11-05 1500424] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://google.de/ uInternet Settings,ProxyOverride = *.local IE: An OneNote s&enden - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.178.1 FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ft2iwcdl.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-3501483959-2219181981-1860870347-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3501483959-2219181981-1860870347-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\windows\system32\atieclxx.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\windows\system32\taskhost.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\conhost.exe c:\windows\system32\conhost.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\ArcGIS\License10.0\bin\ARCGIS.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conhost.exe c:\program files\iPod\bin\iPodService.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Zeit der Fertigstellung: 2012-06-23 10:19:15 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2012-06-23 08:19 ComboFix2.txt 2012-06-22 07:31 . Vor Suchlauf: 19 Verzeichnis(se), 354.935.922.688 Bytes frei Nach Suchlauf: 21 Verzeichnis(se), 354.891.915.264 Bytes frei . - - End Of File - - A8928420BC19C8EFF4329FF47183E671 |
24.06.2012, 16:11 | #24 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
25.06.2012, 16:46 | #25 |
| Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar GMER ist in der Tat relativ schnell abgestürzt. Der Scan mit OSAM ging ziemlich zügig: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 16:30:33 on 25.06.2012 OS: Windows 7 Service Pack 1 (Build 7601), 32-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "catchme" (catchme) - ? - C:\Users\xxx\AppData\Local\Temp\catchme.sys (File not found) "fwdirpog" (fwdirpog) - ? - C:\Users\xxx\AppData\Local\Temp\fwdirpog.sys (Hidden registry entry, rootkit activity | File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {4A681BEC-7727-49BD-B695-79F8354CD2E5} "PMFColumns Class" - "ESRI " - C:\Program Files\Common Files\ESRI\esriShellExt.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10t.ocx / https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "DymoQuickPrint" - "Sanford, L.P." - "C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup "KiesPDLR" - ? - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "DLSService" - "Sanford, L.P." - "C:\Program Files\DYMO\DYMO Label Software\DLSService.exe" "FreePDF Assistant" - "shbox.de" - C:\Program Files\FreePDF_XP\fpassist.exe "HP Software Update" - "Hewlett-Packard Co." - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "KiesHelper" - "Samsung" - C:\Program Files\Samsung\Kies\KiesHelper.exe /s "KiesTrayAgent" - "Samsung Electronics Co., Ltd." - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe "LexwareInfoService" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Redirected Port" - ? - C:\Windows\system32\redmonnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ArcGIS License Manager" (ArcGIS License Manager) - "Acresso Software Inc." - C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE "Windows Presentation Foundation Font Cache 4.0.0.0" (WPFFontCache_v0400) - ? - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (File not found) [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-06-25 16:32:56 ----------------------------- 16:32:56.393 OS Version: Windows 6.1.7601 Service Pack 1 16:32:56.393 Number of processors: 4 586 0xF0B 16:32:56.393 ComputerName: xxx-PC UserName: xxx 16:32:57.361 Initialize success 16:33:49.948 AVAST engine defs: 12062500 16:34:18.449 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 16:34:18.449 Disk 0 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476940MB BusType: 3 16:34:18.496 Disk 0 MBR read successfully 16:34:18.512 Disk 0 MBR scan 16:34:18.527 Disk 0 Windows 7 default MBR code 16:34:18.527 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63 16:34:18.559 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 112640 16:34:18.559 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 466644 MB offset 21084160 16:34:18.574 Disk 0 scanning sectors +976771072 16:34:18.637 Disk 0 scanning C:\Windows\system32\drivers 16:34:26.374 Service scanning 16:34:40.991 Modules scanning 16:34:44.080 Disk 0 trace - called modules: 16:34:44.112 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 16:34:44.112 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865eb528] 16:34:44.112 3 CLASSPNP.SYS[8b60459e] -> nt!IofCallDriver -> [0x860d6918] 16:34:44.127 5 ACPI.sys[8b2a53d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x857de908] 16:34:44.985 AVAST engine scan C:\Windows 16:34:47.887 AVAST engine scan C:\Windows\system32 16:36:58.241 AVAST engine scan C:\Windows\system32\drivers 16:37:05.885 AVAST engine scan C:\Users\xxx 17:19:14.306 AVAST engine scan C:\ProgramData 17:21:04.114 Scan finished successfully 17:40:10.311 Disk 0 MBR has been saved successfully to "C:\Users\xxx\Desktop\MBR.dat" 17:40:10.311 The log file has been saved successfully to "C:\Users\xxx\Desktop\aswMBR.txt" |
25.06.2012, 19:35 | #26 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
26.06.2012, 19:47 | #27 |
| Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar Das wäre super, wenn alles wieder ok ist. Kannst Du denn was zur Gefährlichkeit der Infizierung sagen? Ausspionieren von daten etc. Malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.26.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 xxx :: xxx-PC [Administrator] Schutz: Deaktiviert 26.06.2012 19:18:25 mbam-log-2012-06-26 (19-18-25).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 389604 Laufzeit: 51 Minute(n), 48 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) SUPERAntiSpyware Code:
ATTFilter SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 06/26/2012 at 06:44 PM Application Version : 5.1.1002 Core Rules Database Version : 8797 Trace Rules Database Version: 6609 Scan type : Complete Scan Total Scan Time : 01:40:20 Operating System Information Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601) UAC On - Administrator Memory items scanned : 779 Memory threats detected : 0 Registry items scanned : 36080 Registry threats detected : 0 File items scanned : 281116 File threats detected : 375 Adware.Tracking Cookie C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Cookies\52YCW6QF.txt [ /mediaplex.com ] C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Cookies\GNCJH7KO.txt [ /doubleclick.net ] C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Cookies\63D7U9GK.txt [ /adfarm1.adition.com ] C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Cookies\X9EJWW39.txt [ /fastclick.net ] C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Cookies\DA86X7WP.txt [ /apmebf.com ] C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Cookies\TY053S5B.txt [ /zanox.com ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\THBOWH8J.txt [ Cookie:xxx@serving-sys.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\968A38V1.txt [ Cookie:xxx@mediaplex.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\553XE78S.txt [ Cookie:xxx@invitemedia.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\7KE1JPT8.txt [ Cookie:xxx@atdmt.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\N9EDHAY6.txt [ Cookie:xxx@adfarm1.adition.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\1IOF046H.txt [ Cookie:xxx@webmasterplan.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\FQTQZM3Z.txt [ Cookie:xxx@partners.webmasterplan.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOLMMLXU.txt [ Cookie:xxx@track.adform.net/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\OWHA3RYB.txt [ Cookie:xxx@ww251.smartadserver.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\VHN9S04X.txt [ Cookie:xxx@c1.atdmt.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\A9NHG5D1.txt [ Cookie:xxx@advertising.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\SWRCW5QV.txt [ Cookie:xxx@adviva.net/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\ULQPS05G.txt [ Cookie:xxx@ad1.adfarm1.adition.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\80V0600Y.txt [ Cookie:xxx@www.mediamarkt.de/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\G0JCRAVS.txt [ Cookie:xxx@ad.adnet.de/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\TVCP7GV0.txt [ Cookie:xxx@tradedoubler.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\XWNL0V9B.txt [ Cookie:xxx@deutschepostag.112.2o7.net/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\PDMBDN9Q.txt [ Cookie:xxx@xiti.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\C7MYQ2RG.txt [ Cookie:xxx@specificclick.net/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\5443IIJ3.txt [ Cookie:xxx@apmebf.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\8IHZ6SJJ.txt [ Cookie:xxx@www.etracker.de/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\2B3SKEEJ.txt [ Cookie:xxx@kontera.com/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\YNA29PH3.txt [ Cookie:xxx@stepstone.112.2o7.net/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\EJYEZYOH.txt [ Cookie:xxx@adform.net/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\71XU8CON.txt [ Cookie:xxx@revsci.net/ ] C:\USERS\xxx\AppData\Roaming\Microsoft\Windows\Cookies\Low\HUFAJ39N.txt [ Cookie:xxx@ad.yieldmanager.com/ ] C:\USERS\xxx\Cookies\52YCW6QF.txt [ Cookie:xxx@mediaplex.com/ ] C:\USERS\xxx\Cookies\63D7U9GK.txt [ Cookie:xxx@adfarm1.adition.com/ ] C:\USERS\xxx\Cookies\DA86X7WP.txt [ Cookie:xxx@apmebf.com/ ] eas.apm.emediate.eu [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .deutschepostag.112.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .specificclick.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ad.adnet.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .xiti.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .a.revenuemax.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .nextag.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .generaltracking.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .generaltracking.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .generaltracking.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .generaltracking.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .rionordgmbh.122.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .guj.122.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ad.adnet.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .eyewonder.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .eyewonder.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ad6media.fr [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .autoscout24.112.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .stepstone.112.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .googleads.g.doubleclick.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .paypal.112.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .histats.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .collective-media.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .histats.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .questionmarket.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .bs.serving-sys.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webstats4u.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .clickaider.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] weihnachtsmarkt-finder.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.zanox-affiliate.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] media1.comnos.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] media1.comnos.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .amazon-adsystem.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] count.asnetworks.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] dc.tremormedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .nextag.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] zbox.zanox.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] servestats.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] track.effiliation.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] zanox01.webtrekk.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .zanox.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .zanox.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .zanox.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .generaltracking.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .overture.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .overture.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.gameforge.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .audiag.112.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .4stats.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .4stats.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .4stats.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .4stats.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .4stats.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .4stats.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ads1.vtxnet.ch [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .c.atdmt.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] fl01.ct2.comclick.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] fl01.ct2.comclick.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .blogads.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] teufel-media.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] banner.testberichte.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] adserver.dvvmedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.oe24.at [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .de.at.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .dmtracker.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .lfstmedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .yieldmanager.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .partnersearchmetrics.sbx1.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] advertising.finon.info [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adxvalue.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] links2revenue.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] links2revenue.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.links2revenue.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.links2revenue.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adserver.adtechus.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adsenseoptimizationservice.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adsenseoptimizationservice.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.adsenseexperts.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.adsenseexperts.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adsenseexperts.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adsenseexperts.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adsenseexperts.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ads1.jurawelt.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] wstat.wibiya.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.zanox.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .hightraffic.hugoboss.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.mobile.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ad-emea.doubleclick.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ad-emea.doubleclick.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .euros4click.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] e2.emediate.se [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ad.adnet.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.sedotracker.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .msnportal.112.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .c.atdmt.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .c.atdmt.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] s3.trafficmaxx.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .stats.paypal.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .microsoftsto.112.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ads.webstatsserver.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] de.sitestat.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .sexy-models-nackt.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] sexy-models-nackt.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] sexy-models-nackt.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .mm.chitika.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] track.webstatistik-bw.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] statse.webtrendslive.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] server.adform.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .questionmarket.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .blogads.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] server.adformdsp.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adformdsp.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adform.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .bs.serving-sys.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.zanox-affiliate.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] server.adform.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] accounts.youtube.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .overture.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www4.smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .yadro.ru [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .at.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tacoda.at.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tacoda.at.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .at.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tacoda.at.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tacoda.at.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tacoda.at.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ar.atwola.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adbrite.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad1.adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tribalfusion.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .olympiaverlag.122.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adviva.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] media.gan-online.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad3.adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] traffic.brand-wall.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] track.adform.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .apmebf.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] track.adform.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adform.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .quartermedia.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] track.zalando.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .lucidmedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .clickfuse.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ad.adnet.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] stat.dealtime.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] partners.webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .ad6media.fr [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .dealtime.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] partners.webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ww381.smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .fastclick.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tradedoubler.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.dyntracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .traffictrack.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.dyntracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] tracking.klicktel.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .statcounter.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adtech.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .im.banner.t-online.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] eas.apm.emediate.eu [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .mediaplex.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .webmasterplan.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ww251.smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] secure.img-cdn.mediaplex.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .gemoneysdenac.112.2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.mediamarkt.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] data.mediamarkt.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.mediamarkt.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .mediamarkt.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] www.etracker.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad.zanox.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .briefkasten-finden.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .briefkasten-finden.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .briefkasten-finden.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .paketfinder.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .paketfinder.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .paketfinder.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .2o7.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad4.adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] ad2.adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .adfarm1.adition.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .zanox.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .unitymedia.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .unitymedia.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .tracking.quisma.com [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .zanox-affiliate.de [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FT2IWCDL.DEFAULT\COOKIES.SQLITE ] Trojan.Agent/Gen-Kryptik C:\_OTL\MOVEDFILES\06202012_112712\C_USERS\xxx\APPDATA\ROAMING\XOYZ\OLOW.EXE ZIP ARCHIVE( C:\_OTL\MOVEDFILES.ZIP )/MOVEDFILES/06202012_112712/C_USERS/xxx/APPDATA/ROAMING/XOYZ/OLOW.EXE C:\_OTL\MOVEDFILES.ZIP |
27.06.2012, 11:39 | #28 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Webseiten von Microsoft, Avira etc. nicht mehr aufrufbarZitat:
Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2012, 17:40 | #29 | |
| Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar Nutze auch unterschiedliche Browser mit verschiedenen Cookie-Einstellungen. Am meisten Sorgen bereiten mir aber die gefährlicheren Zeitgenossen im Netz. Eine Frage hätte ich da noch: Ich bekomme relativ häufig Spam Mails inkl. Anhänge (die ich natürlich nie anrühre) über Windows Live Mail auf den PC. Stellen diese Mails + verseuchte Anhänge ein Sicherheitsrisiko dar, auch wenn man sie nicht öffnet? Zitat:
PS. Auf eurer Spendenseite werde ich auch noch vorbei schauen. |
28.06.2012, 11:59 | #30 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Webseiten von Microsoft, Avira etc. nicht mehr aufrufbarZitat:
Dennoch sollt man allgemeine empfohlene Dinge anwenden => Software aktuell halten, nicht als Administrator arbeiten etc. pp. Dann wären wir durch! Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Webseiten von Microsoft, Avira etc. nicht mehr aufrufbar |
adobe, antivir, asus, aufrufe, autorun, avira, bho, bonjour, defender, document, error, explorer, firefox, format, google, google earth, google startseite, helper, logfile, microsoft, object, plug-in, programme, registry, searchscopes, senden, temp, version=1.0, wallpaper, windows, winlogon, wmp |